Dozens of US spies killed after Iran and China uncovered CIA messaging service using Google

By: Margi Murphy

Dozens of American spies were killed in Iran and China after a flawed communications service that allowed foreign foes to see what the agents were up to using Google, official sources have claimed.

Between 2009 and 2013 the US Central Intelligence Agency suffered a “catastrophic” secret communications failure in a website used by officers and their field agents around the world to speak to each other, according to a report in Yahoo News, which heard from 11 former intelligence and government officials about the previously unreported disaster.

“We’re still dealing with the fallout,” said one former national security official. “Dozens of people around the world were killed because of this.”

The internet-based communications platform was first used in the Middle East to communicate with soldiers in war zones and had not been intended for widespread use but due to its ease of use and efficacy, it was adopted by agents despite its lack of sophistication, the sources claimed.

Cracks only began to show when Iran, angered that the government under Barack Obama had discovered a secret Iranian nuclear weapon factory, went out with a fine tooth comb to find moles.

It discovered the existence of one of the websites used by US agents using Google. US officials believe that Iranian spies were able to use Google as a search tool to find secret CIA websites, unbeknown to those using them.

By 2011, Iran had infiltrated the CIA spy network and in May it announced that they had broken up a 30-strong ring of American spies.

Some informants were executed and others imprisoned as a result, the sources claimed.

This was corroborated by a report on ABC news at the time, which referred to a compromised communications system after a tip off from the CIA.

Meanwhile in China 30 agents working for the US were executed by the government after compromising the spy network using a similar means. Beijing had managed to break into a second temporary communications system,  splintered from the initial platform and were able to see every single agent the CIA had placed in the country, the sources told Yahoo.

The sources said that it the general consensus was that that Iran and China had traded technical information with each other to form a two-pronged attack.

A CIA agent in Russia who was warned about the attacks were able to change communication channels before anyone was uncovered.

More: https://www.telegraph.co.uk/technology/2018/11/03/dozens-us-spies-killed-iran-china-uncovered-cia-messaging-service/amp/

Cryptocurrencies lose $42b after South Korean bourse hack

By: Eric Lam Jiyeun Lee and Jordan Robertson

The 2018 selloff in cryptocurrencies deepened, wiping out about $42 billion of market value over the weekend and extending this year’s slump in Bitcoin to more than 50 percent.

Some observers pinned the latest retreat on an exchange hack in South Korea, while others pointed to lingering concern over a clampdown on trading platforms in China. Cryptocurrency venues have come under growing scrutiny around the world in recent months amid a range of issues including thefts, market manipulation and money laundering.

Bitcoin has dropped about 12 percent since 5 p.m. New York time on Friday and was trading at $6,756, bringing its decline this year to 53 percent. Most other major virtual currencies also retreated, sending the market value of digital assets tracked by Coinmarketcap.com to a nearly two-month low of $298 billion. At the height of the global crypto-mania in early January, they were worth about $830 billion.

Enthusiasm for virtual currencies has waned partly due to a string of cyber heists, including the nearly $500 million theft from Japanese exchange Coincheck Inc. in late January. While the latest hacking target — a South Korean venue called Coinrail — is much smaller, the news triggered knee-jerk selling, according to Stephen Innes, head of Asia Pacific trading at Oanda Corp. in Singapore.

 “This is ‘If it can happen to A, it can happen to B and it can happen to C,’ then people panic because someone is selling,” Innes said.

The 2018 selloff in cryptocurrencies deepened, wiping out about $42 billion of market value over the weekend and extending this year’s slump in Bitcoin to more than 50 percent.

 Some observers pinned the latest retreat on an exchange hack in South Korea, while others pointed to lingering concern over a clampdown on trading platforms in China. Cryptocurrency venues have come under growing scrutiny around the world in recent months amid a range of issues including thefts, market manipulation and money laundering.

Bitcoin has dropped about 12 percent since 5 p.m. New York time on Friday and was trading at $6,756, bringing its decline this year to 53 percent. Most other major virtual currencies also retreated, sending the market value of digital assets tracked by Coinmarketcap.com to a nearly two-month low of $298 billion. At the height of the global crypto-mania in early January, they were worth about $830 billion.

Enthusiasm for virtual currencies has waned partly due to a string of cyber heists, including the nearly $500 million theft from Japanese exchange Coincheck Inc. in late January. While the latest hacking target — a South Korean venue called Coinrail — is much smaller, the news triggered knee-jerk selling, according to Stephen Innes, head of Asia Pacific trading at Oanda Corp. in Singapore.

 “This is ‘If it can happen to A, it can happen to B and it can happen to C,’ then people panic because someone is selling,” Innes said.

The slump may have been exacerbated by low market liquidity during the weekend, Innes added.

“The markets are so thinly traded, primarily by retail accounts, that these guys can get really scared out of positions,” he said. “It actually doesn’t take a lot of money to move the market significantly.”

More: https://www.bloomberg.com/news/articles/2018-06-10/bitcoin-tumbles-most-in-two-weeks-amid-south-korea-exchange-hack

A China está pronta para dizer tchau para dinheiro e cartões de crédito.

By: Felipe Zmoginski

Rápido como uma selfie: pagamento mobile está em todos os locais na China Estrangeiros que viajaram à China antes das Olimpíadas de 2008, em Beijing, sabem que usar cartão de crédito no país era quase tão difícil quanto encontrar placas em inglês nas grandes cidades locais. Na última década, porém, não só as placas se tornaram bilíngues quanto os meios de pagamento passaram por uma revolução inédita no mundo.

Um estudo publicado pela consultoria eMarketer, em março deste ano, revela que mais de 80% dos 712 milhões de cidadãos que usam smartphone no país usam serviços de mobile payment em seu dia a dia. Na China, paga-se de tudo com os aplicativos do Ali Pay, do grupo Alibaba, ou WeChat Pay, da Tencent. Por tudo, entenda-se deste a aquisição de um automóvel na concessionária até a esmola paga aos pedintes das grandes metrópoles.

O método de uso é simples e rápido. Lojistas, ambulantes, restaurantes, taxistas ou prestadores de serviço carregam consigo um QR Code impresso, em cartão de papel ou colado sobre os balcões de atendimento, no caso de lojas física. Tal QR code aponta para uma conta virtual em serviços como Ali Pay, por exemplo, e ao escaneá-lo, com seu smartphone, o consumidor transfere, em frações de segundo, dinheiro de sua carteira virtual para a carteira do vendedor. O processo é tão rápido que as filas em caixas diminuíram sensivelmente após a adoção desta tecnologia, extremamente popular na China. Entre as vantagens da tecnologia, está o fato de dois celulares comunicarem-se entre si, sem a necessidade de conectarem-se à servidores remotos, o que frequentemente gera lentidão quando usamos, por exemplo, nossos cartões de débito com chip, no Brasil.

De acordo com um estudo publicado, este mês, pelo Banco do Povo da China, só nos últimos 10 meses, o equivalente a US$ 8 trilhões foi movimentado em pagamentos móveis.  Para usar tais serviços, basta ter um celular, um app instalado e carregá-lo com recursos de sua conta corrente. É como se você transferisse, por exemplo, R$ 300 reais de sua conta no Itaú ou Bradesco, para um app genérico no smartphone e pudesse ir às compras só com o celular. Nas próximas semanas, informa o governo local, até o metrô de Beijing poderá ser pago com mobile payment. Nada mais de fila para comprar bilhetes. Você aproxima o celular da catraca e a tarifa está debitada.

Mais: https://copyfromchina.blogosfera.uol.com.br/2018/05/02/a-china-esta-pronta-para-dizer-tchau-para-dinheiro-e-cartoes-de-credito/

 

Chinese Cyber Attacks on European Businesses Soar

By: Ed Targett

Two years ago when security company NTT Security published its 2016 annual Global Threat Intelligence Report, China accounted for less than three percent of all attacks against EMEA-based businesses – ranking as the ninth most prominent attack source.

Within a year, it had surged to become the number one source of attacks across Europe, the Middle East and Africa, with a whopping 67 percent of cyberattacks on the manufacturing sector stemming from Chinese sources.

That’s according to NTT’s 2018 Global Threat Intelligence report, which summarises data from over 6.1 trillion logs and 150 million attacks for its analysis – which is based on log, event, attack, incident and vulnerability data from clients.

It also includes details from NTT Security research sources, including global honeypots and sandboxes located in over 100 different countries, the company notes.

Tech Targeted

Attacks against finance were characterized by extensive use of spyware and keyloggers, as well as application-based attacks, NTT emphasised.

Perhaps unsurprisingly, meanwhile, the buoyant and highly competitive tech sector saw the biggest increase in attacks; a 25 percent global average increase, with hostile activity against technology “highly characterized by reconnaissance and continual attacks from sources previously known to be hostile”.

More: https://www.cbronline.com/news/chinese-cyber-attacks

8 Ways Hackers Monetize Stolen Data

By: Steve Zurier

Hackers are craftier than ever, pilfering PII piecemeal so bad actors can combine data to set up schemes to defraud medical practices, steal military secrets and hijack R&D product information.

We are long past the era of the 14-year old teenage hacker trying to spoof a corporate or defense network for the fun of it, just because they can. While that still happens, it’s clear that hacking has become big business.

From China allegedly stealing billions of dollars annually in intellectual property to ransomware attacks estimated to top $5 billion in 2017, data breaches and the resulting cybercrime are keeping CISO and rank-and-file security managers on their toes.

Security teams need to be aware of the full range of what hackers do with this stolen data. The crimes range from stolen IP to filing fraudulent tax rebates to the IRS to setting up a phony medical practice to steal money from Medicare and Medicaid patients and providers.

“Hackers will often start by selling data on military or government accounts,” says Mark Laliberte, an information security analyst at WatchGuard Technologies. “People are also bad at choosing passwords for individual services and often reuse passwords, which lets hackers try those passwords on the other websites their victims use.”

MORE:https://www.darkreading.com/attacks-breaches/8-ways-hackers-monetize-stolen-data———–/d/d-id/1331560

UK cyber security agency sticks with China’s Huawei despite US spy fears

By: sikur

Capturar

by Matthew Field

February 20, 2018

The UK’s top cyber security agency has reaffirmed its commitment to working with Chinese smartphone giant Huawei after US spy chiefs accused the company of presenting a national security risk.

The Government and the National Cyber Security Centre (NCSC) will “continue to benefit” from collaboration with Huawei, according to an NCSC spokesman. It comes despite US government employees potentially being banned from using the Chinese company’s smartphones due to security fears.

In the UK, Huawei operates a cybersecurity centre alongside members of GCHQ. Known as “The Cell”, it is set up to monitor threats and backdoors in the company’s own hardware. It is staffed by Huawei researchers overseen by the NCSC.

Last week, US intelligence chiefs from the Federal Bureau of Intelligence (FBI), Central Intelligence Agency and National Security Agency repeatedly warned against Huawei’s phones and recommended US consumers should avoid them.

“We’re deeply concerned about the risks of allowing any company or entity that is beholden to foreign governments that don’t share our values to gain positions of power inside our telecommunications networks,” FBI Director Chris Wray said.

The UK’s relationship with Huawei has taken a different path than its ally, however. Rather than blocking the company, UK spies from GCHQ work closely with the Chinese company.

“Huawei is a globally important company whose presence in the UK reflects our reputation as a global hub for technology, innovation and design,” an NCSC spokesman said.

“This government and British telecoms operators work with Huawei at home and abroad to ensure the UK can continue to benefit from new technology while managing cyber security risks.”

MORE: http://www.telegraph.co.uk/technology/2018/02/20/uk-cyber-security-agency-sticks-chinas-huawei-despite-us-spy/

Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist

US’s greatest vulnerability is underestimating the cyber threats from our adversaries, foreign policy expert Ian Bremmer says

By: sikur

Capturar

by Natasha TurakHadley Gamble

February 17, 2018

America’s greatest vulnerability is its continued inability to acknowledge the extent of its adversaries’ capabilities when it comes to cyber threats, says Ian Bremmer, founder and president of leading political risk firm Eurasia Group.

Speaking to CNBC from the Munich Security Conference on Saturday, the prominent American political scientist emphasized that there should be much more government-level concern and urgency over cyber risk. The adversarial states in question are what U.S. intelligence agencies call the “big four”: Russia, China, North Korea, and Iran.

“We’re vulnerable because we continue to underestimate the capabilities in those countries. WannaCry, from North Korea — no one in the U.S. cybersecurity services believed the North Koreans could actually do that,” Bremmer described, naming the ransomware virus that crippled more than 200,000 computer systems across 150 countries in May of 2017.

He also noted the NotPetya malware attack in July 2017, considered the costliest cyberattack in history, which U.S. and European governments have accused Russia’s military of implementing. Believed to be a deliberate attack on Ukraine, it actually wiped off half a point from Ukraine’s gross domestic product.

Borge Brende, president of the World Economic Forum, weighed in, stressing the economic cost of cyber crimes. “It is very hard to attribute cyberattacks to different actors or countries, but the cost is just unbelievable. Annually more than a thousand billion U.S. dollars are lost for companies or countries due to these attacks and our economy is more and more based on internet and data.”

MORE: https://www-cnbc-com.cdn.ampproject.org/c/s/www.cnbc.com/amp/2018/02/17/munich-security-conference-ian-bremmer-on-cybersecurity-threats.html

Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist

How China spied on the African Union’s computers

By: sikur

Capturar

by Reuters

January 29, 2018

China built and paid for the African Union’s computer network – but inserted a backdoor allowing it access to the continental organization’s confidential information

In January 2017, the information technology unit at the African Union’s headquarters in Addis Ababa noticed something strange, according to a stunning investigation in French newspaper Le Monde.

Every night, between midnight and 2am, there was a strange peak in data usage – even though the building was almost entirely empty. Upon further investigation, the technicians noticed something even stranger. That data – which included confidential information – was being sent to servers based in Shanghai.

The African Union’s shiny new headquarters was built and paid for by the Chinese government, as a gift to its “African friends”. But when the building was officially opened in 2012, China left a backdoor into the African Union’s computer network, allowing it to access the institution’s secrets at will.

“According to several sources within the institution, all sensitive content could be spied on by China,” wrote Le Monde. “It’s a spectacular leak of data, spread from January 2012 to January 2017.”

The Chinese mission to the AU did not respond to Le Monde’s request for comment.

MORE: http://citifmonline.com/2018/01/29/china-spied-african-unions-computers/

Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist

Built-in Keylogger Found in MantisTek GK2 Keyboards—Sends Data to China

By: sikur

Capturar.JPG

Swati Khandelwal

November 07, 2017

“The right keyboard can make all the difference between a victory and a defeat in a video game battlefield.”

If you are a gamer, you can relate to the above quote.

But what if your winning weapon betrays you?

The popular 104-key Mantistek GK2 Mechanical Gaming Keyboard that costs around €49.66 has allegedly been caught silently recording everything you type on your keyboard and sending them to a server maintained by the Alibaba Group.

This built-in keylogger in Mantistek GK2 Mechanical Gaming Keyboard was noticed by a few owners who headed on to an online forum to share this issue.

According to Tom’s Hardware, MantisTek keyboards utilise ‘Cloud Driver’ software, maybe for collecting analytic information, but has been caught sending sensitive information to servers tied to Alibaba.

After analysing more closely, Tom’s Hardware team found that Mantistek keyboard does not include a full-fledged keylogger. Instead, it captures how many times a key has been pressed and sending this data back to online servers.

The affected users also provided a screenshot showing how all your plain-text keystrokes collected by the keyboard are being uploaded to a Chinese server located at IP address: 47.90.52.88.

However, even if there’s no malicious intent, capturing and uploading keystroke counts without users’ consent violates trust and puts systems’ security at risk by leaking sensitive information.

MORE:https://thehackernews.com/2017/11/mantistek-keyboard-keylogger.html

Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist