Cain & Abel v4.9.26 released

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

New:
Added support for Licensing Mode Terminal Server connections in APR-RDP sniffer filter.

Download:
http://www.oxid.it/cain.html

Posted in Internet, Networking, Privacy, Security, Software | No Comments

New Phishing Kits Hit the Market: Trojan HTML Injections Now for Sale

The economic lifecycle of the underground fraud community functions very similarly to the world of legitimate business. Online fraudsters have supply chains, third-party outsourcers, vendors, and online forums where people with skills and people with opportunities to commit fraud can find each other. The underground fraud supply chain is becoming more technically and operationally sophisticated, and we’ve coined this “Fraud-as-a-Service” or “FaaS”. FaaS consists of services for advanced hosting, Trojan infection kits and cashout services – all for sale within the fraudster underground.

Some fraudsters have developed websites to sell ready-made products to other fraudsters, such as phishing kits. Recently, the RSA FraudAction Research Lab traced a new type of service on a particular website to sell HTML injections, which can be combined with Trojan attacks. We will refer to this website as a Web Injection Shop.

HTML injections are not a new approach to stealing credentials and other personal information. However, the production-scale central repository for HTML injections in the Web Injection Shop is a new discovery, and is easily accessible by fraudsters. The Web Injection Shop that was traced is very similar to other websites that sell phishing kits and offers a long list of HTML injection codes designed to steal information from customers of dozens of financial institutions worldwide. Similar to phishing kits, each HTML injection is specifically tailored to match each bank’s specific website design.

Source:
http://www.rsa.com/blog/blog_entry.aspx?id=1410

Posted in Internet, Privacy, Security | No Comments

Rogue LinkedIn Profiles Lead To Malware

LinkedIn is a popular social networking site where you can manage business contacts online. Since you can set up a profile with links to your own website, it seems to attract criminals’ attention as well. A Google search reveals that several hundred fake LinkedIn profiles from nude “Kirsten Dunst” to nude “Hulk Hogan” exist already. The rogue profiles look all alike, with a picture of the celebrity and three links to the parts of the “nude video”.

Source:
http://www.avertlabs.com/research/blog/index.php/2009/01/06/rogue-linkedin-profiles-lead-to-malware/

Posted in Coding, Internet, Privacy, Security | No Comments

Twitter Security Collapses

Days after a wave of phishing attacks fooled thousands of Twitter users, it appears that another security hole has been found by…someone. Obama’s account, unused since election day, sent out an affiliate link to a survey with a gas card prize, Fox News said that “Bill O’Reily is gay” (not that there’s anything wrong with that) and Britney Spears’ made a lewd post about her anatomy. Rick Sanchez, the Twitter loving CNN anchor, says he’s “high on crack and might not be coming into work today.”

The Fox tweet was deleted an hour after it was posted, so the password may not have been changed. The Facebook account on Twitter just posted a link to porn, so it appears that the situation remains unresolved. Screen shots below.

This can’t be good for Twitter. It will be good for the people calling for more secure, standards based authentication on Twitter and elsewhere around the web.

Source:
http://www.readwriteweb.com/archives/twitter_security_collapses_oba.php

Posted in Internet, Privacy, Security | No Comments

Altruistic Trojan blocks Piratebay and Mininova access

A new trojan once again underscores the importance of exercising caution when downloading. Disguised as a keygen, Troj/Qhost-AC is one of the strangest pieces of malware I’ve seen.

The trojan doesn’t appear to be particularly malicious. Its mission: to prevent you from downloading torrents from PirateBay and Mininova, keep you from reading the forums at SuprBay, and the remind you that you shouldn’t be downloading illegally.

A couple modifications to your hosts file are made that point the affected domains to your machine. Removal is fairly quick and painless – just get rid of the entries from your hosts file. If you need help, check out the helpful FAQ on MVPS.org.

Maybe this is the RIAA’s new sinister plan: instead of suing everyone, they’re just going to threaten, guilt trip, and annoy downloaders into submission. Whatever it is, there’s more than a little irony in hiding something with “good intentions” inside a keygen inside a torrent.

Source:
http://www.downloadsquad.com/2009/01/05/altruistic-trojan-blocks-piratebay-and-mininova-access/

Posted in Internet, Privacy, Security, Software | No Comments