How Chinese Hackers Exploit Twitter, Google and Yahoo

Last Updated Apr 6, 2010 2:47 PM EDT A stunning new report issued last night by a team of U.S. and Canadian researchers highlights a critical development in the world of cyber crime: the use of popular services like Twitter, Google (GOOG) and Yahoo (YHOO) to camouflage and carry out infiltrations at the highest level of international government and business. Shadows in the Cloud: An Investigation into Cyber Espionage 2.0 followed a group of Chinese hackers who used popular social media and blogging services to steal financial data, private emails, even missile codes. But unlike the recent Google attacks, which exploited a security flaw in Microsoft's (MSFT) Internet Explorer, these hackers used programs like Twitter and Google Groups exactly as they were designed. "The hackers want to maintain constant control over a computer once they have compromised it," Nart Villeneuve, one of the report's principal authors, told me. To do this the hackers rely on command servers that can send and receive instructions from the hacked computers. But sending information back and forth to a strange location in China can raise alarms, and security professionals often block the offending servers. So the hackers exploited Twitter feeds, Google Groups and Yahoo accounts to update compromised computers with new command and control servers. These web tools were a proxy, posting tweets or messages with URLs linking back to the new command servers. Even if security professionals identified and blocked one of the hackers command servers, the group would just serve up a fresh one through an innocent seeming tweet. These attacks, like the Google hack I previously covered, have been traced to Chinese universities, but never tied directly to an individual or the Chinese government. In some cases the hackers did use Yahoo Mail and Google Groups to send and host malware, but by and large Villeneuve says there isn't much these companies can do proactively to prevent Continue Reading

CBS News Logo NFL Twitter account hacked, falsely tweets out Roger Goodell death

Last Updated Jun 7, 2016 4:55 PM EDT NFL commissioner Roger Goodell is responding with humor after hackers gained control of the NFL's Twitter account earlier today and falsely reported he had died."Man, you leave the office for 1 day of golf ... & your own network kills you off. #harsh," Goodell tweeted.Earlier Tuesday, the NFL's official Twitter account became the latest in a string of high profile accounts to be hacked, when a tweet was posted announcing that Goodell had died.The tweet was quickly removed from NFL's account, and the league confirmed that Goodell is alive and well.However, the hack continued with two more tweets published in quick succession.As word of the false announcement spread through social media, the NFL was quick to set the record straight.Following the big reveal that the NFL tweet was bogus, one of the hackers came forward in an email to Tech Insider, explaining how the attack was carried out."We got into a social media employee's email and found the account password there," the hacker wrote to the tech news site. "Not going to elaborate further."Tech Insider reported that the hacker provided screenshots of direct message conversations and Twitter analytics belonging to the NFL account.The site asked for an explanation why the hackers targeted the NFL account. The answer? "For the lulz," the hacker wrote, meaning laughter at another's expense.One of the hacking group members' Twitter account -- @IDissEverything -- has been suspended following Tuesday's incident. Before the account was suspended the hacker told a Twitter follower that the football league's password was "olsen3culvercam88," which would be easy to uncover using available password-cracking software, Tech Insider reports.What's the lesson from this for the average Twitter user? Mashable tech editor Pete Pachal told CBS News that people need to use different passwords for different sites."Use a password manager," he advised. "To my knowledge, I can't think of a Continue Reading

Here’s everything we know about the hackers behind LinkedIn, celebrity Twitter accounts

Another day, another celebrity gets hacked — or two, or three. The last two months have been filled with online data dumps and compromised Twitter accounts, but it might all be connected to the LinkedIn breach in 2012. Celebrity accounts from Katy Perry, Lana Del Rey and Mark Zuckerberg have been hacked this past weeK. Others affected include Tenacious D, Bill Gates, Yankee Rob Refsnyder and even the NFL. Although it's not clear who is hacking these individual accounts, it seems that all the information might've been released by a single hacker and a paid data search engine. Here's everything we know about the hackers and their online deeds: What's the LinkedIn breach? The LinkedIn breach from 2012 seems to be what started this chain of attacks. At the time, it was reported that 6.5 million passwords were posted online, yet no one knew how big the breach was because LinkedIn never clarified how many accounts were compromised. Fast forward four years, turns out a total of 167 million accounts were actually compromised — It's considered one of the largest leaks of its type. Two weeks ago, a hacker that goes by the name "Peace," tried selling online that large data dump of LinkedIn emails and passwords, according to Motherboard. Peace was selling the account information (emails and passwords) of 117 million LinkedIn users for five Bitcoin, which is roughly about $2,881. However, Peace is probably not responsible for hacking all these individual accounts. The leaked account information was also obtained by paid hacked data search engine LeakedSource. Therefore, other entities could've paid for the login data and hacked celebrities — and even common folk. The most recent hack was the NFL's Twitter account, which was accessed by hacker group Peggle Crew. They told Tech Insider that they got the League's login information by hacking into a social media employee's email, but Continue Reading

Anonymous hacktivists claim to have taken down thousands of pro-Islamic State Twitter accounts

SAN FRANCISCO - Islamic State sympathizers using social media to spread propaganda and recruit fighters are now drawing an increasing amount of return fire from activists who have been knocking some sites offline and infiltrating others. The loose hacking collective Anonymous is the latest to draw attention to such campaigns, with members claiming credit this week for having thousands of pro-IS Twitter accounts disabled. But others claim to have been doing more for longer. One group that feeds information to the U.S. government says it has suppressed tens of thousands of Twitter accounts since January, and its members have posed as would-be recruits to gain information on so-called Dark Web operations supporting the Islamic State. "We're playing more of an intelligence role," said the executive director of Ghost Security Group, who declined to be named, citing security concerns. The group is a volunteer organization that has been sending data to the FBI and other agencies via a Congressional terrorism adviser, Michael S. Smith II. Smith said the group's infiltration efforts had given some actionable information to the government, and that coordinated complaints to Twitter had helped push Islamic State supporters elsewhere. U.S. agencies "appreciate the outside support. I have constant feedback to that," Smith said. Retired Gen. David Petraeus recently told Foreign Policy he had reviewed Smith's data and saw how it "would be of considerable value to those engaged in counter-terrorism initiatives." The FBI declined to comment. Smith, chief operating officer of defense contractor Kronos Advisory, said Ghost Security Group contacted him in June and provided screenshots of internal communications about an impending attack in Tunisia, which he said he passed along and which helped break up a militant cell in time. The Paris attacks on Friday have brought an increase in online activity against the jihadists, but freelance efforts to counter Continue Reading

Hacked Gmail account? Check your history first

Q: I got spammed, and the junk e-mail came from my own address. Was my account hacked?A: Not necessarily, because it's trivial to fake an a-mail address. But before you assume that somebody spoofed yours, you should verify that your account was secure.In this case, the account in question was a friend's Gmail address. His sent-messages mailbox didn't have any copies of the spam e-mails, but more definitive proof awaited in Google's records of recent activity at the account.The quickest way to look this up is to look at the bottom right corner of your Gmail window for the "Last account activity" line. It should list a time, like "2 hours ago"; click the "Details" link below that, and Gmail will pop up a window with records of each time your account was accessed in the last day or so.Those details include the time, browser used, and the Internet Protocol address and rough geographic location of each connection, as determined from the numerical "IP." If you've given outside apps like the TripIt travel-monitoring service to read your mail, they'll show up here, too.If Google sees what looks like a suspicious login attempt, it won't wait for you to check that list; it will flash a warning in a red box atop your inbox.If nothing unusual shows up in those Gmail records, pull up Google's list of recent activity across your entire Google account. This covers actions like logging in or changing a password; the main list indicates where each one happened, and you can click on any entry to see the time and even what version of a browser was used.These records may not be complete; in my case, on Wednesday they had a gap between Tuesday and May. But the friend in question saw no gaps in these records, and they only showed connections near his home in Ithaca, N.Y.They also reported no changes to Gmail security settings except for those that he remembered making. One of those was his activation of Google's two-step verification, in which you confirm a login by entering a numeric Continue Reading

Rep. Anthony Weiner didn’t send racy Twitter picture but there are still questions about its origins

Rep. Anthony Weiner has done a bangup job convincing New Yorkers he knows more about the "prank" photo of bulging briefs that someone tweeted to a college student Saturday night. Stipulated at this moment: Weiner did not send the picture. After too many linguistic gymnastics and attempts to get by with humor, Weiner yesterday issued a denial of involvement that was credible both because it was unqualified and because there's never been evidence he is loopy or lecherous. Left out there, though, was the unfortunate question of whether he was, in fact, the individual shown in the photograph. He said he could not say with any "certitude." Pressed by the Daily News Editorial Board to say whether he had ever possessed a similar photo, Weiner responded: "I can't answer a question that broad. I don't know. We're trying to find out where this photograph came from, which will then help us figure out whether it was something sent to me, or something that I had or whatever, or it was manipulated in some way." He said he recognized that the public might well question how he could not possibly know whether he appeared in the picture, adding: "We need to get to the bottom of some of these things. If that means it creates embarrassing questions for me, then so be it. ... There's a much easier path for me to take, and I'm not taking it because I simply don't know for sure." The question of where the photo came from is not asked out of idle curiosity. Hovering over the affair is the issue of whether a congressman was the victim of a politically motivated cybercrime. Hacking into someone's Twitter account to post a message and image may or may not break the law. But invading someone's computer and lifting any information or image - such as a private photo - would clearly violate federal law. Based on just such an alleged action, the Justice Department indicted a college student for hacking into then-Republican vice presidential candidate Sarah Palin's Continue Reading

Brookdale trustee: “liked” racist tweets were hacked

MIDDLETOWN - A Brookdale Community College trustee has come under fire for a series of "likes" found on a Twitter account under his name — including a "like" for a posting that used the n-word and another that refers to President Barack Obama as a "monkey."Board of Trustee member Joseph DiBella's account shows "likes" for several of the tweets that were posted by others on the popular social media site, a review of his public postings by the Asbury Park Press found. "Likes," usually identified by a heart icon, are social media shorthand for favoring another person's posts.DiBella told the Press that the "likes" were not done by him and claimed at least one of the tweets was altered with Photoshop to defame him. Brookdale administration released a statement saying the Monmouth County Prosecutor's Office is investigating whether the account was hacked by an unknown third party.Among one of the "likes:" A tweet posted by another user that stated "how did Americans get them selves into this big mess by letting an islamic black monkey to power" (sic). That post from a user was timestamped Aug. 6. Another post from a different user on June 11 used an obscene suggestion followed by the n-word, with a "like" from DiBella's account.A third "like" was made to a June 24 post from another user, who made a sexual suggestion regarding Democratic presidential candidate Hillary Clinton and black voters.DiBella said the tweet about Obama was altered in Photoshop to look as if it was "liked." But when asked about the tweet post that links back to his personal Twitter account, DiBella said he has not been able to find posts on his page and claimed they do not exist.In a follow-up call Thursday morning, DiBella said his account was "likely hacked.""I haven’t written anything that is racist and I haven’t liked anything that is racist. If there is some electronic re-creation out there it was either altered or my account Continue Reading

Rep. Anthony Weiner doing his best to let lewd Twitter photo scandal sink his political career

This is how fast it happens in the fast lane of celebrity, whether you are a politician like Anthony Weiner who sometimes acts like his job is being smarter than everybody else, or an ex-politician like Arnold Schwarzenegger, who turns out to be dumber than a bag of hammers. Or Tiger Woods. One day Weiner is thinking about his next job being mayor of New York, the next he is worrying about holding on to the job he has representing the 9th Congressional District - southern Brooklyn and south and central Queens, Sheepshead Bay to Forest Hills - where romance hardly ever involves sending a picture of yourself in your underwear instead of flowers and a box of candy. Once it was routine to call Anthony Weiner, 46, an up-and-comer in Democratic politics, before everything with him had a double meaning. Now he hasn't just turned himself into a headline, he has turned himself into something much worse: a punch line. Worse than that? Weiner has done absolutely nothing to help himself. "How about this?" he said to a CNN reporter and her producer. "You do the questions, I'll do the answers, this jackass interrupts me, and those are the new rules." Except he hasn't. Done the answers, at least not any good ones. Oh, he talked and talked until someone finally persuaded him to stop talking. At the start, he kept saying that he wasn't going to let this be a distraction. From what, ending unemployment? Defeating the Taliban? I was always one who thought Weiner had the game to be the next mayor, and even return the fun, after Giuliani and Bloomberg turned City Hall into a mirth-free zone for the past two decades. Maybe he still does. But just in case you have been on the shuttle mission with Capt. Mark Kelly over the past week, a picture of a man in boxer briefs in a rather happy state was sent to a young college woman. Sent from Weiner's Twitter account. Weiner says somebody hacked that account - belonging to a United States congressman - but then informed us he Continue Reading

Rep. Anthony Weiner a no-show at New York City Israel Day parade amid Twitter photo scandal

Rep. Anthony Weiner ditched the Celebrate Israel Parade for the first time in years Sunday as the ballooning boxer brouhaha continued to grow. Several of his fellow Democrats and political rivals questioned why the congressman was nowhere to be seen. "It has become a huge distraction," said former city Controller William Thompson, a likely Democratic mayoral contender. "It has become a circus. Every answer raises another question." The annual parade has long been viewed as one of the most important for politicians to attend. It typically attracts thousands of Jews, who represent a large voting bloc. U.S. Sen. Frank Lautenberg (D-N.J.) said Weiner should have attended the parade up Fifth Ave. "I'd like to see him here," he said. "He cares about Israel and [is] very active in the Jewish community, and he ought to be here." The embattled congressman also ducked a speech Friday at the Democratic Party of Wisconsin's state convention and Sunday's gay pride march in Queens. "All he did was create more press by playing this game," said a longtime political insider. "The [parade] is a pretty important thing. It sends a strong message to Jewish voters." His absence was "a big deal," said one political consultant. "He can't continue to hide," the insider said. "Obviously, he doesn't have a credible explanation. ... If I were him, I'd be worried about 2012 when he's up for reelection." Weiner, who also has his eye on Gracie Mansion, has said he didn't send a lewd photograph of bulging briefs to a college student from his Twitter account. The married congressman says his account was hacked. His spokesman did not return calls for comment yesterday. Jews at the parade had mixed feelings about his absence. Alice Beck, 63, believes Weiner is "afraid" of facing the public and his Democratic colleagues. "He still has no idea what he's going to do and say," she said. Barbara Woloch, 48, was less concerned. Continue Reading

How to delete yourself from the Internet

Data breaches. Identity theft. Bank fraud. Every week, we read a fearsome new headline about cybercrime. Reputable services fall victim to anonymous hackers. Ransomware holds random computer user’s files hostage. And what about those websites that track your every move, targeting you with personalized advertisements?Maybe you’ve considered the unthinkable: removing yourself from the Internet.Well, there’s bad news and good news. You can’t erase yourself completely from the digital universe. Courts and government agencies have been posting public records online since the mid-1990s. Your motor vehicle records, voter files, property tax assessments, professional licenses, and court files are all on the digital books, and they’re not going anywhere.Tip in a Tip: If you’d like to see what’s online about you or someone you know, read more on how to do a free background check.The good news: You can remove a lot of online information, significantly reducing your digital footprint. How can you do it? Here are several ways to effectively delete yourself from the Internet.You probably have more online accounts than you realize – most of us do. We sign up for all sorts of services, from Netflix and Amazon to Groupon and Twitter. Even if you haven’t downloaded an app in years, Apple, Facebook or Google still possesses a lot of private information, along with so many other virtual services.If you really want to terminate your Internet presence, you’ll want to eliminate these accounts, especially the ones you don’t use anymore.This may sound like an uphill battle since each service has its own policies and deactivation process. But the easiest method is Account Killer, a website that provides direct links to your most popular accounts and instructions how to wipe the slate clean.Maybe you just want to clean up your digital tracks. Does the idea of Google knowing your every search creep you out? There's a way to Continue Reading