Posted on

Locky ransomware uses decoy image files to ambush Facebook, LinkedIn accounts

(credit: Aurich Lawson)

A low-tech but cunning malware program is worrying security researchers after it started spreading rapidly in the past week through a new attack vector: by forcibly exploiting vulnerabilities in Facebook and LinkedIn.

According to the Israeli security firm Check Point, security flaws in the two social networks allow a maliciously coded image file to download itself to a user's computer. Users who notice the download, and who then access the file, cause malicious code to install "Locky" ransomware onto their computers.

Locky has been around since early this year, and works by encrypting victims' files and demands a payment of around half a bitcoin (currently £294; $365) for the key. Previously, it had relied on a malicious macro in Word documents and spam e-mails, but Check Point says that in the past week there has been a "massive spread of the Locky ransomware via social media, particularly in its Facebook-based campaign."

Read 6 remaining paragraphs | Comments

Posted on

LinkedIn says hacking suspect is tied to breach that stole 117M passwords

Enlarge (credit: Klaus with K)

An alleged Russian hacker arrested in the Czech Republic following an FBI-coordinated tip-off is suspected of taking part in a 2012 breach of LinkedIn that resulted in the theft of more than 117 million user passwords, representatives of the professional networking site said Wednesday.

"Following the 2012 breach of LinkedIn member information, we have remained actively involved with the FBI's case to pursue those responsible," company officials said in a statement. "We are thankful for the hard work and dedication of the FBI in its efforts to locate and capture the parties believed to be responsible for this criminal activity."

Word of the arrest came on Tuesday evening in a brief statement issued by Czech Republic officials. It said an unnamed man was arrested in Prague on suspicion of committing unspecified hacks on targets located in the US. The raid was carried out in collaboration with the FBI. According to The New York Times, the suspect was captured on October 5, about 12 hours after authorities learned he was in the country. His arrest was kept a secret until Tuesday "for tactical reasons," the paper reported.

Read 5 remaining paragraphs | Comments

Posted on

LinkedIn says hacking suspect is tied to breach that stole 117M passwords

Enlarge (credit: Klaus with K)

An alleged Russian hacker arrested in the Czech Republic following an FBI-coordinated tip-off is suspected of taking part in a 2012 breach of LinkedIn that resulted in the theft of more than 117 million user passwords, representatives of the professional networking site said Wednesday.

"Following the 2012 breach of LinkedIn member information, we have remained actively involved with the FBI's case to pursue those responsible," company officials said in a statement. "We are thankful for the hard work and dedication of the FBI in its efforts to locate and capture the parties believed to be responsible for this criminal activity."

Word of the arrest came on Tuesday evening in a brief statement issued by Czech Republic officials. It said an unnamed man was arrested in Prague on suspicion of committing unspecified hacks on targets located in the US. The raid was carried out in collaboration with the FBI. According to The New York Times, the suspect was captured on October 5, about 12 hours after authorities learned he was in the country. His arrest was kept a secret until Tuesday "for tactical reasons," the paper reported.

Read 5 remaining paragraphs | Comments

Posted on

Mark Zuckerberg’s Twitter, Pinterest accounts compromised

A hacker or hacking group going by the name of "OurMine Team" briefly took control of Facebook chief Mark Zuckerberg's Twitter and Pinterest accounts, apparently using information from a major LinkedIn security breech that occurred in 2012.

According to OurMine Team, the passwords to Zuckerberg's little-used Pinterest and totally dormant Twitter accounts were apparently the same as those for his LinkedIn login ("dadada"). Both Twitter and Pinterest rapidly restored control of the accounts over the weekend, and the rogue posts have now been removed—though not before they were screencapped:

LinkedIn's 2012 breach was significant and embarrassing for the company, and resulted in the theft of millions of passwords and other user information. Users were warned at the time to change their LinkedIn passwords, and those on any other platform on which they were reused. This is clearly evergreen advice, as it isn't hard for a determined hacker to cross-reference someone's username and password information with other sites.

Read 5 remaining paragraphs | Comments