Two million logins and passwords from services such as Facebook, Google and Twitter have been found on a Netherlands-based server, part of a large botnet using controller software nicknamed “Pony.”
Another company whose users’ login credentials showed up on the server was ADP, which specializes in payroll and human resources software, wrote Daniel Chechik, a security researcher with Trustwave’s SpiderLabs.
It’s expected that cybercriminals will go after main online services, but “payroll services accounts could actually have direct financial repercussions,” he wrote.
ADP moved US$1.4 trillion in fiscal 2013 within the U.S., paying one in six workers in the country, according to its website.
Facebook had the most stolen credentials, at 318,121, followed by Yahoo at 59,549 and Google at 54,437. Other companies whose login credentials showed up on the command-and-control server included LinkedIn and two Russian social networking services, VKontakte and Odnoklassniki. The botnet also stole thousands of FTP, remote desktop and secure shell account details.
It wasn’t clear what kind of malware infected victims’ computers and sent the information to the command-and-control server.
Trustwave found the credentials after gaining access to an administrator control panel for the botnet. The source code for the control panel software, called “Pony,” was leaked at some point, Chechik wrote.
The server storing the credentials received the information from a single IP address in the Netherlands, which suggests the attackers are using a gateway or reverse proxy in between infected computers and the command-and-control server, he wrote.
“This technique of using a reverse proxy is commonly used by attackers in order to prevent the command-and-control server from being discovered and shut down — outgoing traffic from an infected machine only shows a connection to the proxy server, which is easily replaceable in case it is taken down,” Chechik wrote.
Information on the server indicated the captured login credentials may have come from as many as 102 countries, “indicating that the attack is fairly global,” he wrote.
Source: Network World
Via: WSJ BlackBerry Ltd. executives flew to California to meet with Facebook Inc. last week to gauge its interest in a potential bid for the struggling smartphone-maker, according to people familiar with the matter.
It remains unclear whether Facebook is interested in placing a bid. Spokesmen for both companies declined to comment.
Last month BlackBerry struck a preliminary deal to go private with Canadian insurer Fairfax Financial Holdings Ltd. for $4.7 billion, or $9 a share. The due diligence period for that deal ends next week, but BlackBerry and its advisers remain open to interest from other potential bidders. The deadline for other bids is Monday.
BlackBerry does have other players circling. Earlier this month The Wall Street Journal reported that Chinese computer giant Lenovo Group Ltd. was interested in a possible bid. And BlackBerry has signed a nondisclosure agreement with distressed asset specialists Cerberus Captial Management LP, people familiar with the matter have said.
BlackBerry’s co-founders, Mike Lazaridis and Doug Fregin are also weighing a bid, according to a Securities and Exchange Commission filing earlier this month.
Malware managed to pilfer over 16,000 Facebook credentials in 2012, as well as credit card information linked to user accounts, it was revealed today.
The PokerAgent botnet was in control of 800 systems, as it sought to harvest information on Facebook users running the Zynga Poker app. The botnet was most active in Israel, security company ESET said, revealing the findings today, having worked with police in the country and with Facebook to kill the threat.
Infected users did not have their own Facebook accounts hacked. Their systems were instead used to carry out nefarious activities on other user accounts for which the attackers had acquired details, as the hackers sought to cover their tracks. Those systems carrying the malware were also used to propagate and grow the botnet.
“Facebook was notified and has responded promptly by forcing password resets for all known victims,” Robert Lipovský, ESET malware researcher, told TechWeekEurope.
“We only know that the attacker had at least 16,194 unique entries in his database of stolen logins. On the one hand, there may have been more, on the other, not all of these were valid – so that number is just a rough estimate.”
ESET had no information on how much money was stolen.
The Trojan was programmed to log into Facebook accounts and collect information on Zynga Poker stats for the given Facebook ID and the number of payment methods saved in the Facebook account.
PokerAgent was only interested in gathering gender information, points and rank from poker players. It is unclear what the attackers were doing with the harvested data, but ESET suggested they were amassing databases for future attempts to steal user identities and funds.
“The code suggests that the attacker seeks out Facebook users who have something of value, worth stealing – determined by the Poker stats and credit card details saved in their Facebook account,” Lipovský wrote in a blog post. “Later, the attacker can simply abuse the credit card information themselves or they may sell the database to other criminals.”
The malware was also ordered to publish links on the infected Facebook user’s wall. Those links would lead visitors to a fake Facebook login site, where their details would also be phished.
But Facebook users should not have to worry about this threat today. ESET said the malware author seemed to have ceased actively spreading the Trojan mid-February 2012. Efforts from ESET, Israel’s Computer Emergency Response Team (CERT) and law enforcement could well have been the catalyst for the demise of PokerAgent.
ESET noted that two-factor authentication would have prevented the malware from logging into Facebook accounts.
After much buzz and anticipation over its “top-secret” announcement, Facebook revealed a new search capability called Facebook Graph Search.
The feature, which is currently available in a limited beta release, lets you search for friends, photos, restaurants, games, music and more. Results that Facebook returns will depend on your friends’ privacy settings and the privacy settings of people you’re not connected to.
Graph Search is available only in English and if you want to sign up for the waitlist for Graph Search, visit facebook.com/graphsearch.
“When Facebook first launched, the main way most people used the site was to browse around, learn about people and make new connections,” writes Tom Stocky, director of product management and Lars Rasmussen, director of engineering, in a press release. “Graph Search takes us back to our roots and allows people to use the graph to make new connections.”
Graph Search will appear as a bigger search bar at the top of each page. At today’s press conference, Facebook CEO Mark Zuckerberg made a point of explaining the difference between traditional Web search and Graph Search; the two are very different, he says.
According to Facebook, Web search is designed to take a set of keywords and provide the best possible results that match those keywords. Graph Search, the company says, lets you combine phrases-such as “movies my friends like”-to find that set of people, places, photos or other content that’s been shared on Facebook.
Another difference: every piece of content on Facebook has its own audience, and Facebook has built Graph Search with that privacy in mind, it says. “It makes finding new things much easier, but you can only see what you could already view elsewhere on Facebook,” Rasmussen and Stocky write in the press release.
Eden Zoller, principal analyst at technology consultancy Ovum, says that while Facebook may stress its commitment to privacy, it’s walking a thin line. “Facebook needs tread very carefully here and be mindful of user privacy,” she says. “It claims to have built Graph Search with privacy in mind, but Facebook has a mixed track record on this front and is in the habit of pushing privacy to the limits of what is acceptable.”
Your ‘About Me’ Privacy Settings
Graph Search lets others find you based on what you’ve shared with your various friend groups, including your interests and profile information. This means that if you share your location, relationship status and political beliefs with your college friends, but not your Limited Profile list, only your college friends will see that information in their search results.
To control who can see your current city, for example, you’ll need to edit that setting in the About tab on your timeline. Do this by navigating to your profile, clicking the About link that appears under your profile picture and summary, and clicking Edit next to Living section.
Your Photos Privacy Settings
The second group of privacy settings you should review is for your photos. Graph Search lets others search specifically for photos of you, including photos hidden from timeline. Your photos that appear in others’ searches depend on your privacy settings.
Start by reviewing the photos you’ve shared or have been tagged in. You can do this via your Activity Log. Find this button below your cover photo on the right side of your profile.
The Activity Log will display all of your actions on Facebook, and you can sort it specifically for photos by clicking the Photos link on the left-side navigation. Click the drop-down menu next to the pencil icon to preview or change the settings of individual pictures.
Because photos you’ve hidden from your timeline are still searchable, you’ll want to review these, too. Click the drop-down menu next to “On timeline” at the top to switch to a hidden-only view.
You can also change the privacy settings of your individual albums. Do this by navigating to your Albums page and clicking the icon that appears below each your albums. Note that some albums, such as your profile pictures and mobile uploads, may not have the option to set a blanket setting. You’ll need to review and change the setting of each picture individually.
Your ‘Places’ Privacy Settings
If you’ve checked-in to a location such as a restaurant or museum, or tagged a photo with a location, each of these could appear in Graph Search results, depending on your settings.
To review your tag history-which includes photo tags among location tags-navigate to your Activity Log and sort it by “Posts you’re tagged in.” To remove a tag or change a location, click the pencil icon.
Note that if you added a location tag to a photo, the photo’s privacy setting is also your location setting.
Source: Network World
With the ability to check-in virtually anywhere you go from Facebook, to let your friends know where you are, and with this feature becoming more popular as time goes by Facebook is looking to capitalize on users check-ins.
This is good news because this will not only benefit Facebook, but it will benefit users as these check-ins will be “exchanged” for free WiFi. According to reports, it seems that Facebook is currently trialing some sort of pilot program in which they provide some businesses with “Facebook routers” which provide free WiFi hotspots to customers.
Customers will just need to check-in at their location and they will then be directed to that business’s Facebook page, where depending on the business, deals and special offers could also be given to those that check-in and the customer will get free access to WiFi hotspot.
This is not only good for the user who gets free WiFi, but also to the business that gains more exposure. Also for Facebook who will get the free data which helps create more specific ads, which may not really be what most people want to hear is that Facebook will gather even more specific data about you. Although this doesn’t mean that those who refuse to check-in don’t get the free WiFi, in fact the WiFi will still be provided but will require a password that should be given by the establishment.