You’re infected—if you want to see your data again, pay us $300 in Bitcoins. Ransomware comes of age with unbreakable crypto, anonymous payments

Ars Technica - Malware that takes computers hostage until users pay a ransom is getting meaner, and thanks to the growing prevalence of Bitcoin and other digital payment systems, it's easier than ever for online crooks to capitalize on these "ransomware" schemes. If this wasn't already abundantly clear, consider the experience of Nic, an Ars reader who fixes PCs for a living and recently helped a client repair the damage inflicted by a particularly nasty title known as CryptoLocker.

It started when an end user in the client's accounting department received an e-mail purporting to come from Intuit. Yes, the attached archived zip file with an executable inside should have been a dead giveaway that this message was malicious and was in no way affiliated with Intuit. But accounting employees are used to receiving e-mails from financial companies. When the receiver clicked on it, he saw a white box flash briefly on his screen but didn't notice anything else out of the ordinary. He then locked his computer and attended several meetings.

Within a few hours, the company's IT department received word of a corrupt file stored on a network drive that was available to multiple employees, including the one who received the malicious e-mail. A quick investigation soon uncovered other corrupted files, most or all of which had been accessed by the accounting employee. By the time CryptoLocker had run its course, hundreds of gigabytes worth of company data was no longer available.   More

Hackers Plan Cyber Campaign Against Corporate Giants on Friday

 

Fox Business - A group of hackers claiming to be aligned with Anonymous is planning to bring down the websites of 46 major companies around the world on Friday, including Bank of America (BAC: 7.08, +0.25, +3.66%), Apple (AAPL: 561.50, +0.22, +0.04%) and Wal-Mart (WMT: 63.90, +0.86, +1.36%).

The group, known as TheWikiBoat, posted a full list of companies as well as a “press release” online, saying it plans to “hit and attack” the “high revenue making companies of the world” in an effort to “make a difference.”

In addition to attempting denial-of-service attacks that bring down the websites for at least two hours, the group says it aims to “release precious classified data.”

However, actually executing that task is far more difficult due to obstacles like encryption, cyber security experts say.

It’s not clear what TheWikiBoat’s motivations are behind the planned attack, but Anonymous and other related groups have taken an ideological stance against symbols of capitalism in the past, including big U.S. banks and NYSE Euronext’s (NYX: 25.02, -0.24, -0.95%) New York Stock Exchange.   More

Anonymous: Occupy the November Election

Anonymous and Occupy are launching a new operation encouraging people to vote in the November elections. (Credit: Anonymous/Occupy Movement)

Summary: Hackers urge citizens to vote out lawmakers, but also declare war on the government.

Anonymous continues its transition to digital revolutionaries, partnering with the Occupy movement to urge people to vote in the November elections.

The activist group has announced a new joint effort to hold politicians accountable to the people.

“Last year, many of our elected officials let us down by giving in to deep-pocketed lobbyists and passing laws meant to boost corporate profits at the expense of individual liberty,” the groups said in an online flyer. “Our Senators and Representatives showed how little they cared about personal freedoms when they voted overwhelmingly to pass the National Defense Authorization Act (NDAA).”

The NDAA allows for the indefinite detention of terrorism suspects, even U.S. citizens, without trial and expands the use of U.S. military in this country. Civil libertarians allege that the law violates due process and other constitutional rights and gives the military authority to engage in civilian law enforcement.

And then there’s the proposed SOPA/PIPA (Stop Online Piracy Act/Protect IP Act) measures, which have been in limbo since Wikipedia, Google and other sites staged blackouts and other actions to protest the legislation. Anonymous, and other opponents, argue such a measure would give authorities broad power to shut down Web sites for the mere accusation that they had pirated content on them.

Anonymous launched denial-of-service attacks on the Web sites of the Justice Department, the FBI, Universal Music, the Motion Picture Association of America and others in an anti-SOPA protest after the arrest of the founder of the file-hosting site MegaUpload for alleged piracy.

“Even if the goal was to merely regulate pirated content, the ambiguous wording demonstrates that the authors and supporters of SOPA and PIPA have little-to-no understanding of the Internet’s architecture or the frightening implications of the legislation,” Anonymous writes.

The collective urges people to hold elected officials accountable for supporting NDAA, SOPA and PIPA. (The activists have also been actie in opposing the European anti-piracy law called the Anti-Counterfeiting Trade Agreement (ACTA).                  More

Why Anonymous is Winning Its War on Internet Infrastructure

“To our hacker allies, our fellow occupiers, our militant comrades all over the world, the time for talk is over: it’s time to hack and smash, beat and shag.”

Forbes - The call to arms issued last week by the international hacker group Anonymous was accompanied by a frenzy of online hacking. Attackers took down the websites of a tear-gas manufacturer in Pennsylvania, the Nasdaq and BATS stock exchanges and the Chicago Board Options Exchange. A few days later they hacked into websites owned by the Federal Trade Commission and the Bureau of Consumer Protection.

The messages they left behind—about their opposition to everything from the Anti-Counterfeiting Trade Agreement, a controversial new treaty for enforcing intellectual property rights, to violent suppression of democracy protestors in the Middle East—had the air of giddy jubilation.

“Guess what? We’re back for round two,” the hackers wrote in reference to their attack on the FTC websites, their second such raid on the agency in less than a month. “With the doomsday clock ticking down on Internet freedom, Antisec has leapt into action. Again. Holy deja vu hack Batman! Expect us yet?”

Comic posturing aside, the hackers seemed amazed by their success: A barely organized ragtag “team of mayhem,” as one Anonymous offshoot dubbed itself, was knocking down the Web infrastructure built by major corporations  and large government agencies as if it were nothing but paper backdrops in a school play.                   More

Anonymous eavesdrops on FBI conference call

New Scientist - Hacktivist group Anonymous has posted online a recording of a conference call between the US Federal Bureau of Investigation and Scotland Yard – in which detectives both sides of the Atlantic discuss their progress in apprehending Anonymous’s hacktivist brethren.

The call, posted on Youtube (until Google removes it) but also circulating as an MP3 file, highlights the utter insecurity of telephone conference call systems, in which people simply dial in unseen and can listen in without speaking or otherwise making their presence known. All they need enter is a meeting code that is distributed with low security beforehand – something easily gleaned from an accidentally forwarded email, printout, or a hacked email account.                     More

Anonymous Tricks Bystanders Into Attacking Justice Department

Photo: Bryan Derballa/Wired.com

After Wednesday’s unprecedented unified online yelp against SOPA and PIPA, Thursday saw a new milestone: the first direct and public activist malware from Anonymous.

A version of Anonymous’ voluntary botnet software, known as LOIC (Low Orbit Ion Canon), was modified to make it not so voluntary, drafting unwary bystanders, journalists and even anons who don’t support DDoS tactics into attacks on the U.S. Justice Department. Thursday’s trickery seems not to have been central to the successful takedown of sites like justice.gov, RIAA.com and MPAA.com, but not all anons are pleased with forcing unwitting bystanders to join in a potentially illegal action.

The trick snagged those who happened to click on a shortened link on social-media services, expecting information on the ongoing #opmegaupload retaliation for the U.S. Justice Department’s takedown of popular file sharing site Megaupload. Instead they were greeted by a Javascript version of LOIC — already firing packets at targeted websites by the time their page was loaded.

Several anons speaking to Wired on condition of anonymity voiced dismay that a tactic they consider to be the modern-day equivalent of a sit-in (denial-of-service attacks leave no lasting damage) was ethically corrupted by the new version.

“Preying on unsuspecting users is despicable,” said one anon, speaking to Wired in an online chat. “We need to fight for the user, not potentially land them in jail.”

As part of Thursday’s raging reaction from Anonymous to the Megaupload arrests, people by the thousands voluntarily pointed the LOIC at targets like FBI.gov, DOJ.gov, MPAA.org, BMI.org, RIAA.org and copyright.gov, part of an effort that knocked these sites offline for parts of the day. The tool bombards a targeted site with traffic, in hopes of overwhelming servers so that no one can visit the site.                More

Anonymous Hackers Hit DOJ, FBI, Universal Music, MPAA And RIAA After MegaUpload Takedown

Just minutes after the U.S. Department of Justice repossessed the domains of Megaupload, Megavideo, Megaporn and a collection of other popular filesharing sites, the hacker collective Anonymous got to work on a few takedowns of its own.

On Thursday afternoon, Anonymous claimed credit for cyberattacks that knocked offline the websites of the U.S. Department of Justice, Recording Industry of America, Motion Picture Association of America and Universal Music. The so-called denial of service attacks that overwhelmed those sites with junk traffic came less than an hour after the Justice Department announced the takedown of the Mega sites, along with the arrest of former hacker and Mega founder Kim Dotcom and six others, who are being indicted on charges of copyright infringement and money laundering.

“One thing is certain: EXPECT US!,” wrote the Anonymous-linked Anonops Twitter feed Thursday just after the Mega raid, adding a hashtag for Megaupload.

“Anonymous/Megaupload backlash update: http://RIAA.ORG is now Tango Down,” wrote the Twitter feed Anonnews less than one hour later, as other Anonymous feeds claimed credit for downing Justice.gov and Universalmusic.com.

Update: The U.S. Copyright office website is now down as well. Expect this to go on for a while. “Get some popcorn… it’s going to be a long lulzy night,” writes Anonnews.     More

‘We Are Anonymous, We Are Legion’ The hacker collective is far more evil than you ever imagined

Anonymous utilizes murderous pop culture figures 
in its imagery. Here the group references the 
"Hitman" video game series. In other 
communications the anarchist terrorist V 
from Alan Moore's "V for Vendetta" is the 
inspiration.

Pajamas Media - It was in 2008, during their inappropriately celebrated “War on Scientology,” that the hacker collective known as Anonymous first began using the phrase “We are Legion” in their communiques. Not being a Christian myself, it is usually hard for me to get too worked up over this sort of ham-fisted, pop-culture pseudo-Satanism. In most cases it is window dressing designed to distract people from the vapid and lazy “thought” that too many young people think is provocative. With Anonymous however, it’s different. Anonymous, often heralded as heroic defenders of freedom and transparency, have a history of activities that go beyond the realms of subversive or even revolutionary and are quite simply evil.

I first became aware of Anonymous in 2008 when I read about a case in which the group posted the address and phone number of a middle-aged couple they mistakenly believed were “pro-Scientology” hackers. The couple was inundated with death threats and feared for their lives:

John Lawson, who lives in Stockton, California with his wife Julia, began receiving threatening phone calls around 2 a.m. Saturday morning. He didn’t know why until THREAT LEVEL explained that a hacking group calling itself the g00ns (goons spelled with zeros, not goons with the letter o) posted his home address, phone number and cell numbers, as well as Julia’s Social Security number, online. The obscene and threatening calls have continued through Tuesday, according to Lawson.

The calls are just one small offshoot of an ongoing, larger attack on the Church of Scientology by a ragtag group of internet troublemakers who call themselves Anonymous. The group says it is targeting Scientology in part for its use of litigation to suppress unflattering documents on the internet.

Over the weekend, the g00ns thought they had caught a hacker who had busted into a server being used to help coordinate the online attacks and real world protests against Scientology.  But Lawson says the callers have the wrong guy.
“I don’t even really know how to use a computer,” Lawson said.

His phone just keeps ringing, Lawson said, and when he answers, callers spout vulgarities and threats and then hang up. On Monday, he got a call that seemed to originate from the Virgin Islands. The caller  threatened to kill him.

“They have got the wife really scared because they have my address,” Lawson said. “I think I am going to buy me a gun today just in case.”

But that was mild compared to their next stunt.          More

Hacker Group Anonymous Threatens to Attack NY Stock Exchange

A digital flier released by someone claiming to be the hacker group Anonymous in which they ask others to join them this coming monday to hack the NYSE website and remove it from the internet

The FBI is investigating threats purportedly from the hacking collective that calls itself Anonymous to bring down the New York Stock Exchange on Monday by hacking into its computer system.

Members of the notorious hacker group appear to be threatening to bring the Occupy Wall Street protests in New York to a dangerous new level, sounding a call to “declare war on the New York Stock Exchange” on Monday by “erasing” it from the Internet.

“The FBI is aware of these schemes and threats and is looking into the matter,” FBI spokesman Tim Flannelly told FoxNews.com.

The hackers say they plan to launch a DDoS (or distributed denial of service) attack on the NYSE’s computer systems — the same type of computer attack that brought down numerous websites last Spring, making them inaccessible.

Anonymous has also separately declared the Stock Exchange announcement a hoax, and it remains unclear whether this is an official effort by Anonymous, a group of rogue hackers or someone else entirely.

Either way, the FBI is investigating.

“It is a crime to show the intent to carry out a hack when you are in possession of software or computer applications to do so and we take it seriously,” FBI spokesman Flannelly said.

In one of the videos, which was addressed to the media, a narrator states, “We can no longer stay silent as the population is being exploited and forced to make sacrifices in the name of profit. We will show the world that we are true to our word. On October 10, NYSE shall be erased from the Internet … expect a day that will never, ever, be forgotten.”

In a video addressed to the public, the narrator states, “We are the 99 percent. You have complained that something needs to be done. You now have an opportunity to make a difference. Join the protests. Organize your own. Watch online. Be a part of the movement.”              More

Anonymous Reportedly Planning to Kill Facebook on November 5, 2011

'Anonymous' Hacker Group Claims Retalitory Attacks on U.S. Law Enforcement Websites

 

Fox News – LONDON –  The group known as Anonymous said Saturday it has hacked into some 70 law enforcement websites across the southern and central United States in retaliation for arrests of its sympathizers in the U.S. and Britain.

The hacking group also claimed to have stolen 10 gigabytes of data, including emails, credit card details, and other information from local law enforcement bodies.

“We are releasing a massive amount of confidential information that is sure to [embarrass], discredit and incriminate police officers across the US,” the group said in a statement, adding that it hoped the leak would “demonstrate the inherently corrupt nature of law enforcement using their own words” and “disrupt and sabotage their ability to communicate and terrorize communities.”

Anonymous’ claims couldn’t all be immediately verified, but a review of the sites it claims to have targeted — mainly sheriffs’ offices in places such as Arkansas, Kansas, Louisiana, Missouri, and Mississippi — showed that most were unavailable or had been wiped clean of content.

The group also posted five credit card numbers it said it used to make “involuntary donations.” At least four of the names and other personal details published to the Internet appeared genuine, although those contacted by The Associated Press said they did not know whether their financial information had been compromised.

Many calls to various sheriffs’ offices across the country went unanswered or weren’t returned Saturday, but at least two confirmed the cyber attack.        More

FBI arrests 16 in Anonymous hacking investigation

CNET - Sixteen people were arrested in the United States today in connection with hacking attacks by the Anonymous group of online activists, as well as one person in the U.K. and four people in the Netherlands, the U.S. Department of Justice said.

An indictment filed last week in San Jose, Calif., names 14 people accused of conspiring to intentionally damage protected computers at PayPal last December in retribution for PayPal suspending WikiLeaks' account to prevent supporters from donating to the whistleblower site. The arrests were made in Alabama, Arizona, California, Colorado, the District of Columbia, Florida, Massachusetts, Nevada, New Mexico, and Ohio, the Justice Department said. The defendants were expected to make initial appearances throughout the day in federal courts in their areas.

In two other separate indictments, a Sarasota, Fla., man was arrested on charges of intentionally damaging a protected computer for allegedly accessing the Web site of InfraGard Tampa Bay, an FBI partner, in June. The complaint alleges that he released instructions on how to exploit the Web site.

Another man was arrested in Las Cruces, N.M., for allegedly stealing confidential business information from AT&T servers and posting it publicly in April. The defendant, who works as a customer support contractor for AT&T at outsource provider Convergys, is charged with accessing a protected computer without authorization for allegedly downloading thousands of documents, applications, and other files and then posting them on the Internet, the indictment says. The LulzSec hacking group publicized the release of those documents on June 25, according to the filing.      More

FBI Raids Homes of Suspected ‘Anonymous’ Hackers

The Yeshiva World - The FBI is executing search warrants at two Long Island, N.Y., homes and one Brooklyn, N.Y., home of three suspected members of notorious hacking group Anonymous early Tuesday morning, FoxNews.com has learned.

More than 10 FBI agents arrived at the Baldwin, N.Y., home of Giordani Jordan with a search warrant for computers and computer-related accessories.

The targets of the FBI searches are all in their late teens to early 20s.

Jordan’s system was identified as allegedly being used in a coordinated distributed denial of service attack against several companies, a law enforcement official told FoxNews.com.

Tuesday’s search warrants are part of an ongoing investigation into Anonymous and its alleged retaliatory attacks. The Anonymous group is a loose collection of cybersavvy activists inspired by WikiLeaks and its flamboyant head Julian Assange to fight for Internet freedom – along the way defacing websites, shutting down servers, and scrawling messages across screens web-wide.    More

Anonymous Targets Secret Meeting, London Police

PCWorld.Com - Hacktivist group Anonymous claims it has "literally explosive" information about a secretive gathering of powerful men that takes place annually in California, and the group may be on the verge of leaking material from the London Metropolitan Police and agencies affiliated with the U.K. judicial system.


Anonymous reportedly intends to occupy the entrance to Bohemian Grove in Monte Rio, Calif., today as a protest against Bohemian Grove's secrecy.

Take a look at Anonymous's YouTube call to action:

According to AlterNet, Anonymous may also be gearing up to leak information from several organizations, including the London Metropolitan Police and agencies affiliated with the U.K. judicial system.     More