State-sponsored or not, Sony Pictures malware “bomb” used slapdash code

According to multiple reports, unnamed government officials have said that the cyber-attack on Sony Pictures was linked to the North Korean government. The Wall Street Journal reports that investigators suspect the attack was carried out by Unit 121 of North Korea’s General Bureau of Reconnaissance, the country’s most elite hacking unit.

But if the elite cyber-warriors of the Democratic People’s Republic of Korea were behind the malware that erased data from hard drives at Sony Pictures Entertainment, they must have been in a real hurry to ship it.

Analysis of a malware sample matching the MD5 hash signature of the “Destover” malware that was used in the attack on Sony Pictures by researchers at Cisco revealed that the code was full of bugs, and anything but sophisticated. It was the software equivalent of a crude pipe bomb.

Read 11 remaining paragraphs | Comments

US government fingers North Korea as the Sony hackers

Speaking off the record, senior intelligence officials have told the New York Times, CNN, and other news agencies that North Korea was "centrally involved" in the hack of Sony Pictures Entertainment (SPE).

This news comes as SPE cancelled the planned December 25th release of The Interview, a comedy about a plot to assassinate North Korean dictator Kim Jong-un. The film was withdrawn in response to threats to carry out attacks on those cinemas showing the film.

This threat, transforming the hacks from an embarrassment to Sony to a potential risk to life and limb, sets the SPE hack apart from past attacks on corporate computer systems, according to officials speaking to NYT.

Read 2 remaining paragraphs | Comments

Hacking tutorials, identity documents gain popularity on black market

While the Sony hack hogs media headlines and stolen credit card details are sold nearly everywhere, counterfeit documents and how-to-hack tutorials are some of the fastest growing sellers on online underground marketplaces, according to an annual study of prices published by Dell Secureworks on Monday.

A scan of a Social Security card along with a name and address costs about $250, for example, with supporting documents—such as a credit card statement or utility bill—costing another $100. A fake driver’s license lists between $100 and $150. In total, a would-be identity thief could get all the information they needed to access health services, obtain government assistance, or apply for financial credit for under $500.

Overall, illicit sites are now selling more types of identity documents than last year, when the researchers—Joe Stewart and David Shear of Dell Secureworks—conducted their first study. The increase is, in part, because proof of identity is required by more organizations and financial institutions, Shear said.

Read 7 remaining paragraphs | Comments

ICANN Hacked Including Root DNS Systems

So another hack has been exposed, this time on ICANN – which is pretty bad. They are the database of the Internet basically, including the root zone system which is the highest authority for DNS requests. “The Internet Corporation for Assigned Names and Numbers (ICANN) is a non-profit organization that is responsible for the...

Read the full post at darknet.org.uk