Europol Arrests Gang Behind Zeus SpyEye Banking Malware

                                  Network Security

The Law enforcement agencies from six different European countries have taken down a major Ukrainian-based cyber criminals gang suspected of developing, distributing and deploying Zeus and SpyEye banking malware.

According to the report on the official website of Europol, authorities have arrested five suspects between June 18 and 19.

All the five suspects are the members of an alleged gang that has been accused of infecting tens of thousands of computers worldwide with malware and banking Trojans.

The alleged cybercriminal group distributed and used Zeus and SpyEye malware to steal money from several major banks in Europe and outside.
The gang constantly modified its malware Trojans to defeat the security protocols of banks and used "mule networks" to launder money.

"On the underground digital forums, they actively traded stolen credentials, compromised bank account information and malware," Europol said in a statement on Thursday, "while selling their hacking ‘services’ and looking for new cooperation partners in other cybercriminal activities."

Each cyber criminal of the alleged group had their own speciality. Also, the cyber gang was involved in developing malware, infecting machines and trading stolen bank credentials, malware, and hacking for hire services in underground fraudster forums.

More than EUR 2 Million in Damages
According to officials, the gang has caused financial damages estimated at more than 2 Million Euro.
The operation was conducted by the Joint Investigation Team (JIT), and the take-down was part of an ongoing initiative launched by Europol in the year 2013 that has resulted in 60 arrests to date.

Just two months ago, the law enforcement took down highly sophisticated BeeBone botnet that had infected more than 12,000 computers worldwide.
Also, the ongoing initiative resulted in took down of Ramnit botnet, which infected over 3.2 Million computers worldwide. Last year the FBI and Europol tore down the GameOver Zeus botnet, although it came back a month after its took down.

Read More

How to See Your Facebook Hidden Friends List of Others

In recent past, Facebook has brought a lot of power to the users and currently they management all the data they’ve shared on their Facebook accounts. youhead to your Facebook privacy settings and limit the visibility of posts, footage and curiosity.

Many of you have set the privacy of your friends list as non-public. However this isn’t enough. A week ago, a replacement Chrome extension came into the limelight and it claims to reveal the hidden friends list to your friends. i attempted out this tool myself and therefore the “Only Me” choice to keep your friends list hidden from the globe doesn’t work any longer.

How will this Facebook Friends plotter extension for Chrome work?

Facebook Friends plotter Chrome extension fools the mutual friends feature of the Facebook and collects the hidden friends’ information of your friends and makes them public for you.

Let’s suppose a disciple of yours doesn’t share his/her friends list however has few mutual friends with you. THN writes: “If, for instance, Facebook chief executive officer Mark Zuckerberg doesn't share his friends list with the general public and neither I 'm on his friend list. However, I actually have a minimum of one mutual friend with him. Thus mistreatment Facebook Friends plotter tool i\'d be able to see most of his hidden Facebook friends by exploiting the ‘mutual friend’ logical flaw.”

How to use Facebook Friends plotter extension for Chrome?

Step 1:

To see any friend’s hidden friends list, you wish to transfer and install the Facebook Friend plotter extension and restart the browser.

Step 2:

Now head to your friend’s profile that you want to ascertain the hidden friends list. You may be seeing a replacement (Reveal Friends) possibility within the friends tab.

Step 3:

Click on the Reveal Friends possibility and you may be able to see all the buddies whether or not they square measure your mutual friends or not.

Warning: These forms of extension aren't sensible for your application, I simply put in them so as to form the tutorial and pen this flaw. Thus I won’t advocate you to use this on a permanent basis.

Note: but to use this Facebook Friends plotter Chrome extension, you want to have one mutual friend with the target. It doesn’t matter of your Facebook friends thereupon person or not

If somebody uses this tool, your privacy settings won’t work for that person and your hidden friends list are going to be exposed. I hope Facebook fixes this logical flaw before this tool goes infective agent.

Read More

How to Unlock/Bypass Your Android iPhone Password

IPhone is one in every of the simplest Smartphone that billions of individuals wish to have. And iphone have legion options in it for his or her user which customize user expertise with cool interface. However what if you forget your iphone pass code. That may be extremely terribly irritating after you attempt to enter completely different passwords once more and once more however did not open it. Therefore we tend to square measure here to assist you for this with the trick for a way to Unlock/Bypass iPhone Passcode. Affirmative you will try this terribly merely and may economize that you simply can pay to dealers to unlock your iphone. Simply follow up the below methodology to proceed.

The method is extremely straightforward and even non technical person will implement this. You simply need to follow a number of the easy steps that I even have mentioned below and you'll simply Unlock/Bypass iPhone Passcode.

#1 Unlock/Bypass iPhone Passcode exploitation cloud

This methody can solely work for you if you had already enabled realize My Phone feature on your iOS device. Bu this you'll restore all of your information on-line by work into your icloud account and following the below steps.

1. First of all visit icloud realize My Phone official page in your desktop from here.

2. Now here login together with your icloud id and Arcanum.

3. Now choose all the devices from the browser prime menu.

4. Now choose the device from iphone, ipad and iPods within which you would like to unlock passcode.

5. Now click on erase button that may erase all of your information together with the passcode file that stores this pass code of your iphone.

6. Now exploitation setup help like iTunes restore your iphone with recent computer file excluding passcode file.

7. That’s you are done, your iphone can get unfastened.

#2 Unlock/Bypass iPhone Passcode exploitation iTunes

You need iTunes during this methodology, transfer and install iTunes in your laptop and proceed with below steps.

1. First of all connect your iphone together with your laptop exploitation USB Cable.

2. Now in iTunes click on restore possibility.

3. There choose out the foremost recent computer file and click on on restore possibility.

4. Now restore method can begin and your device can reboot.

5. Now once your iphone starts you\'ll use it with none want of passcode to enter there.

So on top of is all regarding a way to Unlock/Bypass iPhone Passcode. By this methodology you'll simply restore your iphone to initial settings which can unlock your ions device. And by this you be able to save your cash that a mobile dealer can charge to unlock your iphone. Hope you wish the strategy; don’t forget to share it together with your friends and leave a comment below if still facing any drawback with the strategy on top of.

Read More

How to Hackers Exploit Zero-Day Magneto Vulnerability to Steal Your Credit Cards

Hacker’s area unit Associate in nursing more exploiting an unknown flaw to siphon payment card info from e-commerce websites that use Magneto, the foremost well-liked e-commerce platform in hand by eBay.

Security researchers at secure area unit still work the attack vector, however they believe that cyber criminals area unit injecting malicious code into the Magneto core file or some wide used module extension so as to steal payment card knowledge.

Back in Apr, a vital Remote Code Execution Flaw in Magneto allowed hackers to totally compromise any on-line store high-powered by Magneto and thereby gain access to MasterCard knowledge and different money, and private info associated with the shoppers.

Credit Card Stealers?

Now, Secure senior malware man of science Peter Grammatik have found Associate in Nursing attack script that pilfers the content of each POST request Associate in Nursing identifies valuable payment card knowledge before storing it in an encrypted kind that solely the aggressor will rewrite.

Moreover, to evade detection, the attack tool includes a pleasant very little purge operate that wipes trails clean and masks user agents.

The unhappy half is that you simply won't understand it's moving you till it's too late, Grammatik wrote during a diary post, in the worst cases it is not become apparent till they seem on your bank statements.

Grammatik says he detected many slightly completely different variants, however the inclusion of PUBLIC_KEY variable indicates the malware author is probably going behind a family of MasterCard stealers.

Attackers store the asking info within the pretend image file that is outlined at the start of the script. Moreover, the attackers modify the creation timestamp of the image file and add a pretend JPEG header.

What's clever regarding this method?

Coincidentally, if anyone tries to load this image file via the online browser, all the traveler would see is that the broken image" and zilch additional.

However, the cyber crook will transfer the whole "image" file and rewrite the purloined knowledge exploitation Public Key in an endeavor to siphon all the asking info processed by the Magneto e-commerce web site.

With Alexa high 1,000,000 e-commerce websites exploitation it, Magneto has become a valuable target for attackers. 2 months past, cyber criminals were advertising legitimate Magneto e-commerce web site to send MasterCard details submitted by its client amid checkout procedure to a third-party malicious site controlled by attackers.

Read More

Why Indians spend 47 % of time on WhatsApp, Skype: Ericsson

Smartphone users in Asian nation pay forty seven per cent of their time on communication applications like WhatsApp, We Chat, Hike and Skype that are key driver of mobile broadband usage, says a report.

Communication continues to be the dominant activity on smart phones. Communication apps are ‘always on’ and are a key driver of mobile broadband usage,” the report by Swedish communication system maker Ericsson aforementioned.

As per our report, Indians pay forty seven per cent of your time exploitation communications apps like voice, instant electronic communication, vocalization web protocol (example Skype), emails and social networking on smart phones,” Ericsson aforementioned.

The report aforementioned communication apps have a better dependency on mobile broadband usage, because of their ‘always on’ standing.

The report analyzed app usage behavior exploitation on-device measurements across many markets, as well as Asian nation, with a specific specialize in however electronic communication and social media apps influence the manner folks communicate.

The analysis sample represents mechanical man Smartphone users in Asian nation, Japan, Republic of Korea, the UK, and the US. In India, 7,500 mechanical man users were surveyed.

The report aforementioned across the U.S., the United Kingdom and Asian nation, over thirty per cent of the time spent on smart phones is spent on act apps.

“We found that 40-50 per cent of knowledge consumption for communication apps uses mobile broadband, whereas the corresponding figure for video is simply twenty per cent,” Ericsson Consumer Lab Senior adviser Setline young man aforementioned.

Read More

Why Security Your Magneto Ecommerce Website Is So Damn Important

The Market of E-commerce websites is at its peak, as these days folks like to search on-line to avoid wasting their time. However, E-commerce and monetary sites stand 1st within the summary of potential victims as they manage monetary exchanges.

The traditional thanks to target victims of e-commerce sites is to use targeted "phishing" attacks via social media and emails. But…

…due to multiplied awareness among the folks concerning the threat of phishing attacks, hackers have currently discovered new approach — by advertising legitimate websites wherever folks assume to be safe and secure.

We know:

Today, there are a unit several ready-to-use e-commerce platforms out there on the web that area unit terribly simple to put in and manage which too at no additional cost; 'Magneto' is one in every of the foremost in style out of them.

The most in style, the foremost targeted:

Yes! Security researchers at Secure have found a malicious code within the Magneto e-commerce web site} that was meant to send all the information submitted by a client amid checkout procedure to a third-party.

Hackers have additional fifty additional lines of code in the:

app/code/core/Mage/Payment/Model/Method/Cc.php file within the prepare() Save operate, that you'll be able to see below:

What really happens behind the scene?

Like most Magneto sites, the positioning scanned by the researchers had a checkout kind that asks for customers' MasterCard details.

However, Magneto encrypts this info and saves it, and sends it to the payment entryway so as to finish users' dealings.

But, at the instant between the checkout kind submission and secret writing of the user's payment details once Magento handles customer's sensitive info in a very plain text, the code injected by hackers send this unencrypted knowledge to third-party address.

Not solely Magento sites area unit targeted:

Researchers conjointly found a really similar code being injected by hackers into the Joomla Donation extension in Joomla websites so as to send customers' MasterCard info to the hacker’s victimization."

Moreover, all e-commerce solutions, as well as CMS, plug-in, and extension, area unit equally prone to this sort of cyber attack within the event they request customers' MasterCard details directly on a website, rather than redirecting them to a payment entryway.

Because:

It's so simple for a hacker to feature some lines of malicious code within the legitimate code of the web site in a trial to dump customer's sensitive details to a harmful third-party.

However, customers of on-line store are not the sole target, either:

"When hackers manage to compromise associate degree e-commerce website, the house owners of the web site is robbed too," researchers at Secure wrote.

There is a unit a best-known range of cases wherever hackers replace the PayPal account of web site owner with their own account. As a result, each time a client buys one thing, the positioning owner would "never receive the funds."

The bottom line:

Online Shoppers will shield themselves against this threat by following these steps:

Don't enter your payment details on the websites that supply their own page. Instead like the sites that send you to a payment entryway provided by PayPal, payment entryway or bank to finish the dealings.

Only use your Credit Cards with further levels of authentication. Use payment cards that support further security layers, like Visa 3D Secure, or MasterCard Secure Code, or your bank's own 2FA service.

Check the web site for any security issue.

This will be done by either aquatic the web or just check Google's Safe Browsing info for the web site victimization diagnostic wherever that is the name of the positioning you wish to examine.

Owners of E-commerce web site will shield themselves against this threat by following these steps:

Don't enable customers to method payment details on your website. Source the payments to sure third-party service like PayPal, Stripe or Google notecase, so if hackers compromise your website they cannot be able to steal your customers' MasterCard details.

Use best practices together with your web site security, as well as robust and distinctive passwords for each part of your website, actively maintain and update your web site firewall, and monitor your web site for security problems.

Be Proactive. If your web site is hacked, get facilitate straight off as you can't place each your customers' cash yet as your name in danger.

Read More

How to Unlock/Bypass Your Android iPhone Password

IPhone is one in every of the simplest Smartphone that billions of individuals wish to have. And iphone have legion options in it for his or her user which customize user expertise with cool interface. However what if you forget your iphone pass code. That may be extremely terribly irritating after you attempt to enter completely different passwords once more and once more however did not open it. Therefore we tend to square measure here to assist you for this with the trick for a way to Unlock/Bypass iPhone Passcode. Affirmative you will try this terribly merely and may economize that you simply can pay to dealers to unlock your iphone. Simply follow up the below methodology to proceed.

The method is extremely straightforward and even non technical person will implement this. You simply need to follow a number of the easy steps that I even have mentioned below and you'll simply Unlock/Bypass iPhone Passcode.

#1 Unlock/Bypass iPhone Passcode exploitation cloud

This methody can solely work for you if you had already enabled realize My Phone feature on your iOS device. Bu this you'll restore all of your information on-line by work into your icloud account and following the below steps.

1. First of all visit icloud realize My Phone official page in your desktop from here.

2. Now here login together with your icloud id and Arcanum.

3. Now choose all the devices from the browser prime menu.

4. Now choose the device from iphone, ipad and iPods within which you would like to unlock passcode.

5. Now click on erase button that may erase all of your information together with the passcode file that stores this pass code of your iphone.

6. Now exploitation setup help like iTunes restore your iphone with recent computer file excluding passcode file.

7. That’s you are done, your iphone can get unfastened.

#2 Unlock/Bypass iPhone Passcode exploitation iTunes

You need iTunes during this methodology, transfer and install iTunes in your laptop and proceed with below steps.

1. First of all connect your iphone together with your laptop exploitation USB Cable.

2. Now in iTunes click on restore possibility.

3. There choose out the foremost recent computer file and click on on restore possibility.

4. Now restore method can begin and your device can reboot.

5. Now once your iphone starts you\'ll use it with none want of passcode to enter there.

So on top of is all regarding a way to Unlock/Bypass iPhone Passcode. By this methodology you'll simply restore your iphone to initial settings which can unlock your ions device. And by this you be able to save your cash that a mobile dealer can charge to unlock your iphone. Hope you wish the strategy; don’t forget to share it together with your friends and leave a comment below if still facing any drawback with the strategy on top of.

Read More