TECHNOLOGY FEBRUARY 18, 2010
MCF `Members, don't open a PM or email when you don't know the sender Update your virus protection, & be careful on the Web.

MCF Administrator `Taz (Lou)was hit hard by Trojan's...I'm always getting warning from AVG of hazard links/sites & getting knocked off line : (
_______________________________
...Broad New Hacking Attack Detected

Global Offensive Snagged Corporate, Personal Data at nearly 2,500 Companies; Operation Is Still Running

By SIOBHAN GORMAN

Hackers in Europe and China successfully broke into computers at nearly 2,500 companies and government agencies over the last 18 months in a coordinated global attack that exposed vast amounts of personal and corporate secrets to theft, according to a computer-security company that discovered the breach.
A global hacking offensive has broken into U.S. companies and government agencies. Cyber attacks could soon be seen as a national security threat, WSJ executive editor Jerry Seib tells the News Hub.


Related Video

• News Hub: Google Warns Over China Hacks(01/13/10)
• News Hub: A Citigroup Hack Attack(12/22/09)
• News Hub: Was U.S. Intelligence Compromised? (12/17/09)
• FBI Busts International Hacking Ring (10/08/09)

The damage from the latest cyberattack is still being assessed, and affected companies are still being notified. But data compiled by NetWitness, the closely held firm that discovered the breaches, showed that hackers gained access to a wide array of data at 2,411 companies, from credit-card transactions to intellectual property.
The hacking operation, the latest of several major hacks that have raised alarms for companies and government officials, is still running and it isn't clear to what extent it has been contained, NetWitness said. Also unclear is the full amount of data stolen and how it was used. Two companies that were infiltrated, pharmaceutical giant Merck & Co. and Cardinal Health Inc., said they had isolated and contained the problem.
How the Attack Spread




Click on graphic to enlarge & if it does not open
below is the Source of the article
http://online.wsj.com/article/SB1000...?mod=yhoofront

Click above link from Yahoo 2 view article/chart


Starting in late 2008, hackers operating a command center in Germany got into corporate networks by enticing employees to click on contaminated Web sites, email attachments or ads purporting to clean up viruses, NetWitness found.
In more than 100 cases, the hackers gained access to corporate servers that store large quantities of business data, such as company files, databases and email.
They also broke into computers at 10 U.S. government agencies. In one case, they obtained the user name and password of a soldier's military email account, NetWitness found. A Pentagon spokesman said the military didn't comment on specific threats or intrusions.
At one company, the hackers gained access to a corporate server used for processing online credit-card payments. At others, stolen passwords provided access to computers used to store and swap proprietary corporate documents, presentations, contracts and even upcoming versions of software products, NetWitness said.
Data stolen from another U.S. company pointed to an employee's apparent involvement in criminal activities; authorities have been called in to investigate, NetWitness said. Criminal groups have used such information to extort sensitive information from employees in the past.
The spyware used in this attack allows hackers to control computers remotely, said Amit Yoran, chief executive of NetWitness. NetWitness engineer Alex *** said he uncovered the scheme Jan. 26 while installing technology for a large corporation to hunt for cyberattacks.
That discovery points to the growing number of attacks in recent years that have drafted computers into cyber armies known as botnets—intrusions not blocked by standard antivirus software. Researchers estimate millions of computers are conscripted into these armies.
Related

• Insurgents Hack U.S. Drones
• Wide Cyber Attack Is Linked to China
• Google Working With NSA to Investigate Cyber Attack
• Digits: Chinese Sites Report Cyber Attacks
• Video: U.S. Intelligence Detects Cyber Spies

"It highlights the weaknesses in cyber security right now," said Adam Meyers, a senior engineer at government contractor SRA International Inc. who reviewed the NetWitness data. "If you're a Fortune 500 company or a government agency or a home DSL user, you could be successfully victimized."
Disclosure of the attack comes on the heels of Google Inc.'s allegation that it and more than 20 other companies were breached by Chinese hackers. This operation appears to be more far-reaching, infiltrating some 75,000 computers and touching 196 countries. The highest concentrations of infected computers are in Egypt, Mexico, Saudi Arabia, Turkey and the U.S.
NetWitness, based in Herndon, Va., said it was sharing information with the companies infected. Mr. Yoran declined to name them. The company provides computer security for U.S. government agencies and companies. Mr. Yoran is a former Air Force officer who also served as cyber security chief at the Department of Homeland Security.
Besides Merck and Cardinal Health, people familiar with the attack named several other companies infiltrated, including Paramount Pictures and software company Juniper Networks Inc.
Merck said in a statement that one computer had been infected. It said it had isolated the attack and that "no sensitive information was compromised."
Cardinal said it removed the infected computer from its network. Paramount declined to comment. Juniper's security chief, Barry Greene, wouldn't speak about any specific incidents but said the company worked aggressively to counter infections.

Journal Community

• discuss

—John M. Brock

NetWitness, which does extensive work for the U.S. government and private-sector clients, said it was sharing its information with the Federal Bureau of Investigation. The FBI said it received numerous allegations about potential compromises of network systems and responded promptly, in coordination with law-enforcement partners.
The computers were infected with spyware called ZeuS, which is available free on the Internet in its basic form. It works with the FireFox browser, according to computer-security firm SecureWorks. This version included a $2,000 feature that works with FireFox, according to SecureWorks.
Evidence suggests an Eastern European criminal group is behind the operation, likely using some computers in China because it's easier to operate there without being caught, said NetWitness's Mr. Yoran.
There are some electronic fingerprints suggesting the same group was behind a recent effort to dupe government officials and others into downloading spyware via emails purporting to be from the National Security Agency and the U.S. military, NetWitness's Mr. Yoran said.
That attack was described in a Feb. 5 report from the Department of Homeland Security, which said it was issuing an alert to the government and other organizations to "prevent further compromises."
A DHS official said that ZeuS was among the top five reported tools for malware infections.
Write to Siobhan Gorman at siobhan.gorman@wsj.com

 

I checked my e-mail today and to my surprise...

 

..Hi `Jose, I couldn't read who it was from
I got the same one Admin `Taz ~> `Lou got from ModeratorsForum...It said my computer was infected & that I should click their link I didn't...I also banned the new Member from posting. It's very sad that there are many out there on the web with evil intent : (
I think they should have their finger's cut `off WoW..

Hope this thread makes member's more careful 4-Sure...
Peace/Out...
Wish U a Reader's a Happy No Problem Day ....

 

Sorry, i am a newb when it comes to "print screen" i dont know how to properly use it. That's the best i could do, it said i had 5 new 'spam' message. that read Sender HEAD OFFICE... the all read "IMPORTANT NEW MESSAGE" i deleted them oh i also had one that said i was the international winner of the lotto w/e the hell that means, to claim my prize send back my name, dob, employer, and adress. yeah muthaf*cking riiiight.
i'm tired of these spams, everyday i get like 3 of them. i've spammed then and i dont know how to block them from my email i want to get another email, but this is my main one that i've had since high school

 

I know in gmail you can automatically set up a filter in your email. For example anything that has FWD: in the subject line is automatically deleted for me.

 

I use multiple email addresses to try to avoid getting completely bombarded with spam. I have a personal address that I only give to friends, family, or people I trust so I don't get spammed in it - I never use it for anything online, and then a second email address I use to register for anything where I suspect my information could get sold or passed on to other companies or spammers. That way I don't have to worry about missing email because of a filter in the personal email account that is the most important to me, and in the junk one i can set more aggressive filters.

also, if you post your email address on a website somewhere make changes to it so its not easily scanned by a bot. so instead of posting myemail@somewhere.net post "myemail @ somewhere . net " or some variation with spaces, most people can usually figure it out - or use an email obfuscator like http://www.codehouse.com/webmaster_t...il_obfuscator/

Its a constant fight for mail admins to keep the junk out. At one point we started getting about 50 spams a day at work to each email addy. I added blacklist checkers and more spam filters to the server and cut it down dramatically. It helped for a few months but now some are filtering through again, and my boss got yet another bad virus from one of those "we tried to deliver your shipment - click here for details " emails. It was one of those that starts a fake scan of your computer with something that looks like a legit virus checker and tries to get you to buy the software to finish removing the viruses. Disables all your other virus checkers too. So be sure if a virus scanner starts running it is one that you personally installed

 

We use comcast, and it does a pretty good job of filtering.
We also got hit with a trojan virus a couple of weeks ago. We had to format the hard drive and start over with XP. FUN! It was a FRIEND of my wifes from Germany that got it infected with a web site he created. Some friend!

 

I haven't received anything yet that I am aware of. I have the total
protection from McAfee installed and it is real good as far as updating and I do a scan 2-3 times a week.
One thing that's been happening is I'm receiving all my post
from this forum to my home e-mail. I delete them but it's curious.
Any reason or is this a regular operation ?

 

I have comcast too and I rarely get spam emails. I also use a mac so I'm not sure if my computer is at risk. I would never open a strange email anyway.

 

There are viruses for mac, but you have to run them yourself. Since you can't run an executable file, which most viruses are you are safe in that aspect.