Iran claims to have been hit by ‘heavy’ cyber attack, pins slowdowns on coordinated hacking campaign

Iran claims to have been hit by 'heavy' cyber attack, pins slowdowns on coordinated hacking campaign

Whatever you think of Iran's politics, it's hard to deny that the country has frequently been the target of internet-based attacks that sometimes go beyond the originator's plans. If you believe High Council of Cyberspace secretary Mehdi Akhavan Behabadi, the pressure is only getting worse. He tells Iranian media that the nation is under "constant" digital bombardment and was just hit with a major assault on Tuesday that bogged down local internet access. Behabadi unsurprisingly contends that the attacks are deliberate efforts to undermine Iran's data, nuclear and oil infrastructures, with a finger implicitly pointed westward. While it's no secret that the country's enemies want to slow down what they see as a rush towards nuclear weapons, it's difficult to know how much of the accusation is serious versus bluster: we've seen individual smartphone users who consume more than the "several gigabytes" of traffic that reportedly caused national chaos in the most recent incident. No matter the exact nature, it's likely that residents stand to lose as Iran fences off the internet to keep outside influences, hostile and otherwise, from getting in.

[Image credit: Amir1140, Wikipedia]

Filed under: ,

Iran claims to have been hit by 'heavy' cyber attack, pins slowdowns on coordinated hacking campaign originally appeared on Engadget on Thu, 04 Oct 2012 01:41:00 EDT. Please see our terms for use of feeds.

Permalink   |  sourceReuters  | Email this | Comments

Flame malware extinguishes itself, Microsoft protects against future burns

Flame malware extinguishes itself, Microsoft protects itself from future burns

The folks behind that nasty Flame trojan that burned its way through the Middle East aren't the kind to brag -- the malware's manufacturers apparently started dousing their own fire last week. According to Symantec reports, several compromised machines retrieved a file named browse32.ocx from Flame controlled servers, which promptly removed all traces of the malware from the infected systems. Although the attackers seem spooked, Microsoft isn't taking any chances, and has issued a fix to its Windows Server Update Services to block future attacks. The update hopes to protect networked machines from a similar attack by requiring HTTPS inspection servers to funnel Windows update traffic through an exception rule, bypassing its inspection. The attackers? "They're trying to cover their tracks in any way they can," Victor Thakur, principal security response manager at Symantec told the LA Times, "They know they're being watched." Check out the source link below for the Symantec's run down of the trojan's retreat.

Flame malware extinguishes itself, Microsoft protects against future burns originally appeared on Engadget on Mon, 11 Jun 2012 00:54:00 EDT. Please see our terms for use of feeds.

Permalink LA Times, Electronista, Ars Technica  |  sourceSymantic, Microsoft  | Email this | Comments

Google starts warning affected users about state-sponsored cyber attacks

DNP Google starts giving warnings for statesponsored cyber attacks

The fallout from malware like Stuxnet and Flame might soon be rearing its head at a Google Plus page or Gmail inbox near you. A post on its online security blog states that Google will now issue warnings in the form of a strip placed just below the upper menu bar to users being targeted by suspected state-sponsored cyber attacks. Google stressed that such warnings don't mean that its systems have been compromised but it does make it highly likely that the recipient may be the target of state-sponsored phishing or malware. How exactly does Google know this to be the case? The company declined to offer specifics, only saying that data from victim reports and its own analysis strongly point toward the involvement of states or state-sponsored groups. Google also didn't mention how often it sees such malicious activity, though coverage of Stuxnet and Flame certainly has put a spotlight on cyber warfare involving nations. In the meantime, feel free to hit the source link below for Google's tips on how to secure your account.

Google starts warning affected users about state-sponsored cyber attacks originally appeared on Engadget on Tue, 05 Jun 2012 23:33:00 EDT. Please see our terms for use of feeds.

Permalink New York Times  |  sourceGoogle Blog  | Email this | Comments

Stuxnet pinned on US and Israel as an out-of-control creation

Stuxnet pinned on US and Israel as an outofcontrol creation

Ever since Stuxnet was discovered, most of the accusing fingers have been pointed at the US, Israel or both, whether or not there was any evidence; it was hard to ignore malware that seemed tailor-made for wrecking Iranian centrifuges and slowing down the country's nuclear development. As it turns out, Occam's Razor is in full effect. An exposé from the New York Times matter-of-factly claims that the US and Israel coded Stuxnet as part of a cyberwar op, Olympic Games, and snuck it on to a USB thumb drive that infected computers at the Natanz nuclear facility. The reason we know about the infection at all, insiders say, is that it got out of control: someone modified the code or otherwise got it to spread through an infected PC carried outside, pushing Obama to either double down (which he did) or back off. Despite all its connections, the newspaper couldn't confirm whether or not the new Flame malware attack is another US creation. Tipsters did, however, deny that Flame is part of the Olympic Games push -- raising the possibility that there are other agencies at work.

[Image credit: David Holt, Flickr]

Stuxnet pinned on US and Israel as an out-of-control creation originally appeared on Engadget on Fri, 01 Jun 2012 14:48:00 EDT. Please see our terms for use of feeds.

Permalink Ars Technica  |  sourceNew York Times  | Email this | Comments

Flame malware snoops on PCs across the Middle East, makes Stuxnet look small-time

Image

Much ado was made when security experts found Stuxnet wreaking havoc, but it's looking as though the malware was just a prelude to a much more elaborate attack that's plaguing the Middle East. Flame, a backdoor Windows trojan, doesn't just sniff and steal nearby network traffic info -- it uses your computer's hardware against you. The rogue code nabs phone data over Bluetooth, spreads over USB drives and records conversations from the PC's microphone. If that isn't enough to set even the slightly paranoid on edge, it's also so complex that it has to infect a PC in stages; Flame may have been attacking computers since 2010 without being spotted, and researchers at Kaspersky think it may be a decade before they know just how much damage the code can wreak.

No culprit has been pinpointed yet, but a link to the same printer spool vulnerability used by Stuxnet has led researchers to suspect that it may be another instance of a targeted cyberwar attack given that Iran, Syria and a handful of other countries in the region are almost exclusively marked as targets. Even if you live in a 'safe' region, we'd keep an eye out for any suspicious activity knowing that even a fully updated Windows 7 PC can be compromised.

Flame malware snoops on PCs across the Middle East, makes Stuxnet look small-time originally appeared on Engadget on Mon, 28 May 2012 17:07:00 EDT. Please see our terms for use of feeds.

Permalink Wired  |  sourceKaspersky Securelist  | Email this | Comments