Tag Archives: FBI

FBI warns OS X Mac Users about Ransomware Purporting to be from FBI

A new version of ransomware is targeting OS X Mac users can claiming that it is coming from the Federal Bureau of Investigation (FBI). It is not malware and it appears as a webpage that uses JavaScript to load numerous windows. It requires that each frame be closed, but for that to happen a fee is requested thus the name ransomware has stuck.

A similar ransomware scam took place in May of 2012 also using the name of the FBI to lure in victims. The latest inception of ransomware uses “FBI.gov” within the URL in attempt to make the warning appear legitimate.

The scam is complicated. The warning that appears accuses victims of violating various U.S. laws, then locks up the victims computer. It claims that to unlock the computer and avoid legal issues, a fee of $300 needs to be paid via a prepaid Visa card. But the scam doesn’t end there. If a victim realizes that there is a scam taking place and attempts to close the windows, more windows (iframes) pop up with the warning.

The actual FBI website reports the simplest way to remove the ransomware’s iframes is to “click n the Safari menu, choose the “Reset Safari” option, making sure all check boxes are selected.” It also suggests holding down the Shift key while relaunching Safari to prevent reopening windows and tabs from the previous session.

“Ransomware messages are an attempt to extort money. If you have received a ransomware message, do not follow payment instructions. Be sure to file a complaint at www.IC3.gov,” says the FBI’s warning report.

All email and internet users should be warned of ransomware scams although the current version is only targeting OS X Mac users. The FBI encourages anyone who has been a victim of ransomware, e-scams, and phishing to contact the Federal Trade Commission at spam@uce.gov.

 

List of celebrities and political victims of hackers grows

It seems somewhat ironic, Angelina Jolie who starred as “Kate” aka Acid Burn in the movie “Hackers” has now joined the almost dozen celebrities who have had their financial information hacked into and released for the Internet to share.

TMZ reports that both Lady Gaga and Angelina Jolie are the latest in a line of online hack jobs which pulled financial information including social security numbers, credit card information, car loans, banking information and even mortgage amounts and released them online. Among the others hurt by the hackers were Jay-Z, Beyonce, Kim Kardashian, Paris Hilton, Mel Gibson, Ashton Kutcher, Robert Mueller, Tiger Woods, Kanye West, Eric Holder,  Robert De Niro, Dennis Rodman, Michael Vick,  NRA advocate Wayne LaPierre and LAPD Chief Charlie Beck.  There are also reports of Britney Spears, Donald Trump and even the first lady Michelle Obama being victims of these same hacksters. In the First Ladies case, it appears the problem is really with the president as they stated “”Blame your husband, we still love you, Michelle.”

Other political figures include Sarah Palin, Hilary Clinton, Joe Biden and Al Gore.   However, either there is little to be learned online about these particular political figures or they are protected better online than the other victims, there was little information revealed about them.

Credit agencies are making their own inquiries, and as reported by Forbes Magazine, “We learned about this late this afternoon [and] immediately launched an investigation,” a TransUnion spokesperson said by email.

The hackers appeared to be based out of Russia and performed a dump of the information on a website which now appears to be based on an island off the coast of Madagascar  in a technique known as “doxxing.”   But here’s the really interesting part, doxxing is the act of obtaining and posting private information about a person by scouring the Internet and is not necessarily illegal.

“You can post it as long as there is nothing nefarious about it,”  says LAPD cyber crimes detective Andrew Kleinick. “They are public figures and that kind of thing happens. It’s not right, [but] I know of no crime. He continues Continue reading List of celebrities and political victims of hackers grows

Did hacktivist group Antisec take a big bite out of Apple?

Hactivist group Antisec strikes again – or did they?  Did they manage to take a bite out of the big “Apple” and do it from and FBI agent’s Dell notebook?  According to the Anonymous-allied hackers, they have and it’s been reported that a list of 12.4 million Apple Unique Device Identifiers (UDID) was gained.   This information also provided user names, device names and types and for some it included names, addresses, cell and home phone numbers.  Sounds like an identity theft nightmare, or it would be if Antisec wasn’t playing “Robin Hood” to the FBI’s Sheriff John, or so the story goes.

Did this hacking really happen?

According to the FBI (Oh no you didn’t!) .  A recent FBI statement denies stating,  “The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed. At this time, there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.”

According to Antisec, Continue reading Did hacktivist group Antisec take a big bite out of Apple?

Does the FBI Need to Wiretap Websites to do an Effective Job?

America’s Federal Bureau of Investigation, the crime- busting branch of the federal government, wants to extend its wiretapping authority to the world wide web in an effort to more effectively control crime and prosecute suspects. The FBI claims that the proposed changes are a necessary modification to existing laws and they will help the FBI zero- in on criminal activity by harnessing the World Wide Web and secretly watching online activity.

What is This Proposed Change All About?

Back in 1994, Congress passed the Communications Assistance for Law Enforcement Act. It was a sweeping and controversial law when it passed because it allowed wiretapping on a telecommunications level and required telecom businesses to cooperate fully by modifying their electronic devices, equipment, and services to make them immediately compatible for surveillance.  This law has been in place now for almost two decades and supporters say that it has helped organizations such as the FBI and others in their efforts to track criminals and gather evidence.

Now, the FBI wants to extend the Communications Assistance for Law Enforcement Act to the internet and its proposal is based on the simple fact that the internet is a form of communication and therefore should be subject to the same rules and regulations as the telecommunications industries. The FBI wants to be able to access everything from Yahoo to Facebook and beyond and subject these online businesses to the same requirements as the telecom industry.

What is at Stake?

The FBI claims it only wants to protect the public and that the added ability to track potential criminals online would provide another weapon in its arsenal. Critics of the plan say it is another step toward a government- controlled state and a blantant infringement on privacy rights. If we allow government agencies like the FBI to tap our Facebook account and our instant message conversations, what step will they take next? Surveillance cameras aimed at the front windows of our homes? Listening devices placed on our doorstep? Continue reading Does the FBI Need to Wiretap Websites to do an Effective Job?

Did your DNS change for the worse? Make sure you aren’t getting the wrong Internet address

Don’t want to lose your Internet services?  Then check your DNS for malware.  Sound “Greek” to you?  Then this statement from the FBI should get your attnetion.

“To assist victims affected by the DNSChanger malicious software, the FBI obtained a court order authorizing the Internet Systems Consortium (ISC) to deploy and maintain temporary clean DNS servers. This solution is temporary, providing additional time for victims to clean affected computers and restore their normal DNS settings. The clean DNS servers will be turned off on July 9, 2012, and computers still impacted by DNSChanger may lose Internet connectivity at that time.”

As part of a two year long investigation, the FBI arrested and charged six Estonian nationals with running a sophisticated, and fraudulent Internet ring.

The indictment, said Janice Fedarcyk, assistant director in charge of our New York office, “describes an intricate international conspiracy conceived and carried out by sophisticated criminals.” She added, “The harm inflicted by the defendants was not merely a matter of reaping illegitimate income.”

This cyber band of thieves used malware called DNSChanger to:

  • infect approximately 4 million computers in more than 100 countries.
  • 500,000 infections in the U.S. (individuals, companies and even NASA)
  • using and manipulating Internet advertising they generated at least $14 million in stolen fees
  • some instances kept the users’ anti-virus software and operating systems from updating, pulling those machines infected by DNSChanger at risk for more malicious software.

DNS  (Domain Name System) is an Internet service that converts domain names into IP addresses.  It’s what causes the computers to “talk” to each other so that you may use your computer to visit a site.  Without them you would not have any Internet service including email, social networking or access to websites.  Criminals have learned that if they can control a DNS, then they can control where you visit, even sending you to sites that you had no intention of visiting or phony sites set up to shadow a real one and collect information and private data from you.

Sometimes those computers that have been subject to DNS malware (software that is malicious) find that that is not the only malware on their computer or hacking its way into their systems.

Checking your DNS to make sure that it is safe from malware is important because without it you could lose your Internet services.  While it is best and most effectively tested through a computer professional,  it is possible to check you DNS yourself for malware.    The other forms of malware may be stealing your username and passwords and sending them off for others to use for fraudulent reasons like identity theft, credit cards and even medical treatment.

You can visit the FI website to check your DNS and make sure that you continue to have the “all clear” to use the Internet.    There are testing sites available in a variety of languages.  For those that want to test their systems on their own there is a helpful PDF instruction booklet available that will walk you through the various steps needed to test your DNS no matter what time of system you may be operating.

So I did just that.  I thought better safe than sorry and while I didn’t consult a professional I did use the site http://www.dcwg.org/detect/ to check my DNS.   It was easy, there is no software to download and no looking around to find information that I would need to complete the more intricate steps needed to test my laptop.  Actually I didn’t have to do anything but “click” the link provided.  Here’s the image you should see and the message =GREEN. Your computer appears to be looking up IP addresses correctly.

If your DNS does show malware or suspicious activity the FBI would like to hear from you. Visit their website and file your complaint using this form. 

Don’t Open Emails Claiming to be from the FBI: 3 New E-mail Hoaxes

Phishing e-mails and e-mails scams aren’t new. Unfortunately, they are getting even more sophisticated and successful. Why? Despite the growing awareness of phishing scams and computer viruses from e-mails that link to malware, scammers are becoming even better salesmen.

Continue reading Don’t Open Emails Claiming to be from the FBI: 3 New E-mail Hoaxes

What is Mortgage Fraud through Identity Theft?

This begins a two part series on what is mortgage fraud; how it occurs and what can be done about it: such as how to protect yourself and what to do if you are a victim of identity theft and mortgage fraud.

Continue reading What is Mortgage Fraud through Identity Theft?