N'to - Trauma (Worakls Remix)
posted by Keito
Shpongle - No Turn Unstoned
posted by Keito
Two Fingers - Vengeance Rhythm
posted by Keito
Malware inserted on PC production lines, says study
posted by Keito
2012-09-13 19:44:47'Cybercriminals have opened a new front in their battle to infect computers with malware - PC production lines.
Several new computers have been found carrying malware installed in the factory, suggests a Microsoft study.
One virus called Nitol found by Microsoft steals personal details to help criminals plunder online bank accounts.
Microsoft won permission from a US court to tackle the network of hijacked PCs made from Nitol-infected computers.
In a report detailing its work to disrupt the Nitol botnet, Microsoft said the criminals behind the malicious program had exploited insecure supply chains to get viruses installed as PCs were being built.
The viruses were discovered when Microsoft digital crime investigators bought 20 PCs, 10 desktops and 10 laptops from different cities in China.
Four of the computers were infected with malicious programs even though they were fresh from the factory.
Microsoft set up and ran Operation b70 to investigate and found that the four viruses were included in counterfeit software some Chinese PC makers were installing on computers.
Nitol was the most pernicious of the viruses Microsoft caught because, as soon as the computer was turned on, it tried to contact the command and control system set up by Nitol's makers to steal data from infected machines.
Further investigation revealed that the botnet behind Nitol was being run from a web domain that had been involved in cybercrime since 2008. Also on that domain were 70,000 separate sub-domains used by 500 separate strains of malware to fool victims or steal data.
"We found malware capable of remotely turning on an infected computer's microphone and video camera, potentially giving a cybercriminal eyes and ears into a victim's home or business," said Richard Boscovich, a lawyer in Microsoft's digital crimes unit in a blogpost.
A US court has now given Microsoft permission to seize control of the web domain, 3322.org, which it claims is involved with the Nitol infections. This will allow it to filter out legitimate data and block traffic stolen by the viruses.
Peng Yong, the Chinese owner of the 3322.org domain, told the AP news agency that he knew nothing about Microsoft's legal action and said his company had a "zero tolerance" attitude towards illegal activity on the domain.
"Our policy unequivocally opposes the use of any of our domain names for malicious purposes," Peng told AP.
However, he added, the sheer number of users it had to police meant it could not be sure that all activity was legitimate.
"We currently have 2.85 million domain names and cannot exclude that individual users might be using domain names for malicious purposes," he said.'
BitTorrent study finds most file-sharers are monitored
posted by Keito
2012-09-04 20:24:42'Anyone using file-sharing service BitTorrent to download the latest film or music release is likely to be monitored, UK-based researchers suggest.
A Birmingham University study indicates that an illegal file-sharer downloading popular content would be logged by a monitoring firm within three hours.
The team said it was "surprised" by the scale of the monitoring.
Copyright holders could use the data to crack down on illegal downloads.
The three-year research was carried out by a team of computer scientists who developed software that acted like a BitTorrent file-sharing client and logged all the connections made to it.
BitTorrent is a method of obtaining files by downloading from many users at the same time.
The logs revealed that monitoring did not distinguish between hardcore illegal downloaders and those new to it.
"You don't have to be a mass downloader. Someone who downloads a single movie will be logged as well," said Dr Tom Chothia, who led the research.
"If the content was in the top 100 it was monitored within hours," he said. "Someone will notice and it will be recorded."
Less popular content was also monitored although less frequently, the study indicated.
The research identified about 10 different monitoring firms logging content. Of these, a handful were identifiable as copyright-enforcement organisations, security firms and even other research labs.
But about six of the biggest-scale monitors were harder to identify, as the companies behind them used third-party hosting firms to run the searches for them.
Why such firms wanted the massive amounts of data was unclear, said Dr Chothia.
"Many firms are simply sitting on the data. Such monitoring is easy to do and the data is out there so they think they may as well collect it as it may be valuable in future," he said.
Some firms alleged to be carrying out mass-scale monitoring have been accused of selling the data to copyright holders for marketing purposes.
"The data shows what content is popular and where," said Dr Chothia.
The study also revealed that so-called blocklists, used by some illegal file-sharers to prevent monitors from connecting to their computers, might not be much use.
"Many of the monitors we found weren't on the blocklists so these measures to bypass the monitors aren't really working," said Dr Chothia.
Some copyright owners in Europe and the US are using IP addresses gathered by monitoring firms to apply for court orders obliging internet service providers to hand over the physical addresses associated with them.
They are then writing to individuals seeking recompense or warning of the possibility of court action.
But Dr Chothia doubts evidence gathered in this manner would stand up in court.
"All the monitors observed during the study would connect to file-sharers and verify that they were running the BitTorrent software, but they would not actually collect any of the files being shared," he said.
"It is questionable whether the monitors observed would actually have evidence of file-sharing that would stand up in court," he added.
Lawyers have previously cast doubt on whether evidence collected from an IP address can be used in court because such an address pinpoints the internet connection used for downloading rather than a specific individual.'