Malware

It has come to this: CNN is now running segments on the attacks attributed to LulzSec, Anonymous and other groups and the FBI raids on suspected members of those crews. The network had Dave Aitel of Immunity Inc. on this morning to discuss the effects of the recent arrests and what the groups’ agendas might be.

Google is taking the unusual step of displaying a message at the top of its search results pages for some users, alerting them to the fact that their computers may be infected with malware. The action is the result of an investigation in which the search giant discovered that some malware-infected PCs were sending their search requests through one of a number of proxies.

There has been a spate of spear-phishing attacks against a number of high-profile targets in the last few months, including RSA and others, and that trend is continuing unabated. Researchers have come across a fresh attack using the familiar malicious PDF attachment that appears to be targeting users in the defense industry.

Ever attuned to the headlines, the hacker collective Anonymous have inserted themselves into the ongoing scandal over hacking by Rupert Murdoch’s News of the World Tabloid, hacking the Web site of The Sun, another Murdoch publication, and redirecting traffic to that paper’s home page to a phony story announcing the media mogul’s death.

ED: More Allegations Link Murdoch’s Media Empire to “Ethical Hackers”  DEK: New reports add weight to accusations that Rupert Murdoch’s News of the World may have used professional hackers and malicious programs to obtain information that was then used in news reports. The ‘drip drip drip’ of reports that link Rupert Murdoch’s media empire to incidents of malicious computer programs continues this week, with news of an investigation into News of the World’s the use of so-called “ethical hackers” to obtain information from computers owned by targeted individuals.The investigation, dubbed “Operation Tuleta” is being carried out by detectives in Scotland Yard’s Specialist Crime Directorate and is separate from the ongoing investigation into phone hacking by News of the World reporters and operatives, according to a report in The Telegraph. It follows earlier reports by two bloggers and former British Prime Minister Gordon Brown that information gathering by News of the World wasn’t limited to tampering with voice mailboxes. According to the report Monday in the Telegraph, the investigation is looking into allegations that private detectives and a firm of “ethical hackers” was hired by News International to investigate targets using “offensive hacking services” including the use of Trojan horse programs to gather information from e-mails from the computers of individuals being investigated by the Murdoch papers. Among the alleged targets were Kevin FUlton, believed to have been a British agent working within the IRA. The information was harvested and then allegedly written up and faxed to News International’s Dublin, Ireland bureau, the Telegraph reports. “Ethical hacking” – sometimes described as “white hat hacking” — is a term sometimes used to describe a wide range of typically authorized security testing, including network penetration testing, application testing, social engineering and so on.  Such activity is conducted with the knowledge and consent of the target, whether its an individual, corporation or other organization. If true, the reports are similar to information turned up in a March, 2011 investigation by the BBC (http://www.nytimes.com/2010/09/05/magazine/05hacking-t.html) and to independent claims by Brown and by two sex advice bloggers who allege that Murdoch’s News of the World outted them after first using malicious programs to compromise their computers and determine their identities. A spokesman for News International told Threatpost last week that former Prime Minister Brown’s allegations were “nonsense” and said the company wasn’t aware of any complaint by Brown or the other accusers. Among the data allegedly stolen from Fulton’s computer were emails and other files that name Irish polician and Sinn Fein member Martin McGuinness as a British spy. Fulton lodged a complaint with the Metropolitan Police in April alleging that some e-mails from 2006 had been intercepted by individuals working for News International.The scandal, which dates back almost six years, has sent shock waves throughout British Society and led to ten arrests and jail terms for one News of the World reporter. In recent days it has led to the arrest of former News International Chief Executive Rebekah Brooks and the resignation of the Metropolitan Police’s Commissioner and Assistant Commissioner, who are alleged to have been too cozy with Murdoch’s News of the World and who failed to adequately investigate mounting claims of illegal behavior linked to News of the World reporting. The ‘drip drip drip’ of reports that link Rupert Murdoch’s media empire to incidents of malicious computer programs continues this week, with news of an investigation into News of the World’s the use of so-called “ethical hackers” to obtain information from computers owned by targeted individuals.

Apple has pushed out iOS 4.3.4 to fix a vulnerability in the iPhone operating system that affects the way the device handles PDF files. That PDF bug is the same one that was used by the Jailbreakme.com site to enable users to jailbreak their iPhones.

Allegations made on Wednesday by former British Prime Minister Gordon Brown that journalists working for Rupert Murdoch’s News of the World tabloid  used malicious software to break into and gather information from computers belonging to the subjects of investigations was greeted with a strong denial by a spokewoman from News International.