Kerbs on Security

Who is Anna-Senpai, the Mirai Worm Author?

12 hours 45 minutes ago
On September 22, 2016, this site was forced offline for nearly four days after it was hit with “Mirai,” a malware strain that enslaves poorly secured Internet of Things (IoT) devices like wireless routers and security cameras into a botnet for use in large cyberattacks. Roughly a week after that assault, the individual(s) who launched that attack -- using the name “Anna Senpai” -- released the source code for Mirai, spawning dozens of copycat attack armies online. After months of digging, KrebsOnSecurity is now confident to have uncovered Anna Senpai’s real-life identity, and the identity of at least one co-conspirator who helped to write and modify the malware.
BrianKrebs

Adobe, Microsoft Push Critical Security Fixes

1 week ago
Adobe and Microsoft on Tuesday each released security updates for software installed on hundreds of millions of devices. Adobe issued an update for Flash Player and for Acrobat/Reader. Microsoft released just four updates to plug some 15 security holes in Windows and related software.
BrianKrebs

Extortionists Wipe Thousands of Databases, Victims Who Pay Up Get Stiffed

1 week 1 day ago
Tens of thousands of personal and possibly proprietary databases that were left accessible to the public online have just been wiped from the Internet, replaced with ransom notes demanding payment for the return of the files. Adding insult to injury, it appears that virtually none of the victims who have paid the ransom have gotten their files back because multiple fraudsters are now wise to the extortion attempts and are competing to replace each other's ransom notes.
BrianKrebs

Krebs’s Immutable Truths About Data Breaches

1 week 2 days ago
I've had several requests for a fresh blog post to excerpt something that got crammed into the corner of a lengthy story published here Sunday: A list of immutable truths about data breaches, cybersecurity and the consequences of inaction.
BrianKrebs

Stolen Passwords Fuel Cardless ATM Fraud

1 week 6 days ago
Some financial instutitions are now offering so-called "cardless ATM" transactions that allow customers to withdraw cash using nothing more than their mobile phones. But as the following story illustrates, this new technology also creates an avenue for thieves to quickly and quietly convert stolen customer bank account usernames and passwords into cold hard cash. Worse still, fraudulent cardless ATM withdrawals may prove more difficult for customers to dispute because they place the victim at the scene of the crime.
BrianKrebs

The FTC’s Internet of Things (IoT) Challenge

2 weeks ago
One of the biggest cybersecurity stories of 2016 was the surge in online attacks caused by poorly-secured "Internet of Things" (IoT) devices such as Internet routers, security cameras, digital video recorders (DVRs) and smart appliances. Many readers here have commented with ideas about how to counter vulnerabilities caused by out-of-date software in IoT devices, so why not pitch your idea for money? Who knows, you could win up to $25,000 in a new contest put on by the U.S. Federal Trade Commission (FTC).
BrianKrebs

The Download on the DNC Hack

2 weeks 1 day ago
Over the past few weeks, I've been inundated with questions from readers asking why I haven't written much about two stories that have consumed the news media of late: The alleged Russian hacking attacks against the Democratic National Committee (DNC) and, more recently, the discovery of malware on a laptop at a Vermont power utility that has been attributed to Russian hacker groups. I've avoided covering these stories mainly because I don't have any original reporting to add to them, and because I generally avoid chasing the story of the day -- preferring instead to focus on producing original journalism on cybercrime and computer security.
BrianKrebs

Happy Seventh Birthday, KrebsOnSecurity!

2 weeks 6 days ago
Hard to believe it's time to celebrate another go 'round the Sun for KrebsOnSecurity! Today marks exactly seven years since I left The Washington Post and started this here solo thing. And what a remarkable year 2016 has been!
BrianKrebs

Before You Pay that Ransomware Demand…

3 weeks 6 days ago
A decade ago, if a desktop computer got infected with malware the chief symptom probably was an intrusive browser toolbar of some kind. Five years ago you were more likely to whacked by a banking trojan that stole all your passwords and credit card numbers. These days if your mobile or desktop computer is infected what gets installed is likely to be "ransomware" -- malicious software that locks your most prized documents, songs and pictures with strong encryption and then requires you to pay for a key to unlock the files.
BrianKrebs

Report: $3-5M in Ad Fraud Daily from ‘Methbot’

4 weeks 1 day ago
New research suggests that an elaborate cybercrime ring is responsible for stealing between $3 million and $5 million worth of revenue from online publishers and video advertising networks each day. Experts say the scam relies on a vast network of cloaked Internet addresses, rented data centers, phony Web sites and fake users made to look like real people watching short ad segments online.
BrianKrebs

My Yahoo Account Was Hacked! Now What?

1 month ago
Many readers are asking what they should be doing in response to Yahoo's disclosure Wednesday that a billion of its user accounts were hacked. Here are a few suggestions and pointers, fashioned into a good old Q&A format.
BrianKrebs

Yahoo: One Billion More Accounts Hacked

1 month ago
Just months after disclosing a breach that compromised the passwords for a half billion of its users, Yahoo now says a separate incident has jeopardized data from at least a billion more user accounts. The company also warned attackers have figured out a way to log into targeted Yahoo accounts without even supplying the victim's password.
BrianKrebs

New Critical Fixes for Flash, MS Windows

1 month ago
Both Adobe and Microsoft on Tuesday issued patches to plug critical security holes in their products. Adobe's Flash Player patch addresses 17 security flaws, including one "zero-day" bug that is already actively being exploited by attackers. Microsoft's bundle of updates tackles at least 42 security weaknesses in Windows and associated software.
BrianKrebs

‘Operation Tarpit’ Targets Customers of Online Attack-for-Hire Services

1 month ago
Federal investigators in the United States and Europe last week arrested nearly three-dozen people suspected of patronizing so-called "booter" services that can be hired to knock targeted Web sites offline. The global crackdown is part of an effort by authorities to weaken demand for these services by impressing upon customers that hiring someone to launch cyberattacks on your behalf can land you in jail.
BrianKrebs

‘Avalanche’ Crime Ring Leader Eludes Justice

1 month 1 week ago
The accused ringleader of a cyber fraud gang that allegedly rented out access to a criminal cloud hosting service known as "Avalanche" is now a fugitive from justice following a bizarre series of events in which he shot at Ukrainian police, was arrested on cybercrime charges and then released from custody.
BrianKrebs

Researchers Find Fresh Fodder for IoT Attack Cannons

1 month 1 week ago
New research published this week could provide plenty of fresh fodder for Mirai, a malware strain that enslaves poorly-secured Internet of Things (IoT) devices for use in powerful online attacks. Researchers in Austria have unearthed a pair of backdoor accounts in more than 80 different IP camera models made by Sony Corp. Separately, Israeli security experts have discovered trivially exploitable weaknesses in approximately 500,000 white-labeled IP camera models that are not currently sought out by Mirai.
BrianKrebs

DDoS, IoT Top Cybersecurity Priorities for 45th President

1 month 1 week ago
Addressing distributed denial-of-service (DDoS) attacks designed to knock Web services offline and security concerns introduced by the so-called "Internet of Things" (IoT) should be top cybersecurity priorities for the 45th President of the United States, according to a newly released blue-ribbon report commissioned by President Obama.
BrianKrebs

Visa Delays Chip Deadline for Pumps To 2020

1 month 2 weeks ago
Visa this week delayed by three years a deadline for fuel station owners to install payment terminals at the pump that are capable of handling more secure chip-based cards. Experts say the new deadline -- extended from 2017 -- comes amid a huge spike in fuel pump skimming, and means fraudsters will have another three years to fleece banks and their customers by installing card-skimming devices at the pump.
BrianKrebs
Checked
2 hours 15 minutes ago
In-depth security news and investigation
Subscribe to Kerbs on Security feed