Netconclave Systems

2Aug/120

Maharashtra has emerged as the centre of cyber crime

Maharashtra has emerged as the centre of cyber crime with maximum number of incidence of registered cases under cyber crimes over the past two years as per the recent National Crime Records Bureau report (NCRB 2011).

At the country level, incidence of cyber crimes (IT Act and IPC) has increased by 67.4% in the year 2011 as compared to 2010.In the city wise break up, Vishakhapatnam tops the chart with maximum number of incidence of cases followed by Bengaluru and Jaipur. Hacking with computer systems and obscene publication were the main cases under IT Act for cyber crimes. Maximum offenders arrested for cyber crimes were in the age group 18-30 years.

In 2010, Maharashtra recorded 246 cases of cyber crimes (both under IT Act and IPC), the figure jumped to 393 in 2011. Also the figure for Andhra Pradesh in 2010 was 171 and the latest figure of 2011 stood at 372 respectively.

In the city wise break up, Vishakhapatnam registered 126 cases (IT Act and IPC) in 2011 followed by Bengaluru at 121 and Jaipur at 96 respectively. Overall, at the city level, 1058 cases were registered. In the year 2010, Pune at 58 reported the maximum number of cases followed by Hyderabad at 56 and Bengaluru at 49 respectively.

Cyber forgery with 61.3% (259 out of total 422) and cyber fraud with 27.9 percent (118 out of 422) were the main cases under IPC category for cyber crimes in 2011. Under ITAct , hacking with computer systems with 54.8% (983 out of total 1791) andobscene publication / transmission in electronic formwith27 .6% ( 496 out of total 1,791) were the main cases in 2011.

In the year 2010, 563 people in the age group 18-30 years were arrested, the figure jumped to 883 in the year 2011.

Charts for visual support

Exhibit 1:

Incidence ofcases cyber crimes      2010      2011        Percentage change
All India     1,322      2,213             67.4

 

Exhibit 2:

Worst performing states: Incidence of cases of cyber crimes (IT Act and IPC)

States                                       2010                            2011
Maharashtra                                        246                            393
Andhra Pradesh                                        171                            372
Kerala                                        156                            245

 

Exhibit 3:

Worst performing cities: Incidence of cases of cyber crimes (IT Act and IPC)

Cities                           2010                                    2011
Vishakhapatnam                           31                                   126
Bengaluru                           49                                   121
Pune                           58                                   83
Jaipur                           27                                   96
Hyderabad                           56                                   67

Exhibit 4: Persons arrested under cyber crimes age group

Number of persons arrested under age group 18-30 years        2010          2011
All India         563           883
Filed under: News No Comments
28Jul/120

Android malwares learn new tricks

Security researchers testing Google's Bouncer malware detection system for Android apps have managed to submit a harmless loocking app and then  updating it to add malicious functionality.

After Google launched its Bouncer system to protect apps in the Google Play Android market in February, the researchers wanted to see if they could turn a good app that was already in the system into something malicious without triggering the Bouncer malware alarm system. They were successful.

First they created an app that was designed to allow users to block text messages from specific numbers, known as  SMS blocker. Once the app was in the market and available for public download, the researchers updated it numerous times to add additional functionality that was totally unrelated. None of these updates triggered Bouncer because the researchers used a masking method that masked the functionality changes from Bouncer, the researcher said. "We used a technique that allowed us to pull a trick over Bouncer.

So their app, which they are refusing to identify, started off as a simple SMS blocker and was updated incrementally to access all sorts of data on the device and even to turn the phone into a zombie for use in various malicious attacks.

The last version in the store allowed us to steal all end user photos, contacts, phone records, SMS messages, and we can hijack a person's device and direct the device to visit a malicious Web site. "The last functionality in the app  allowed us to define a location for the mobile device to go and launch a DDoS against a target."

Eventually, the researchers updated the app and removed the technology that had hidden the malicious functionality. At that point, Bouncer detected it as malicious and pulled it from the market.

Filed under: News No Comments
28Jul/120

London Olympics scam

Facebook users witnessed a scam involving the giveaway of free Olympics tickets.  A wall post on the social networking site was seen which promised free tickets. The post was linked to the domain “http: // liveolympictickets.com”. This page is a near exact replica of the Olympics website and tricks people into buying the  tickets and entering their credit card details. Be warned do not fall for such tricks. Moreover, latest reports show that over 12% of the world’s spam originates in India.So we advice our readers to be vigilant and careful at all times

Filed under: News No Comments
25Jul/120

Reliance Communications Server Compromised

Hacker with nickname "mr.hack3r420" has successfully compromise the web server of Reliance Communications (rcom.co.in)

the Hacker most lickely got this access because of the vulnerability of Information disclosure in Reliance website.Most of the Folders on website are visible to everyone publicly and there is a very interesting file called "Upload_AppId_VId.php" available , using which  the hacker may be able to upload his own php shell on the server to get access to FTP and User accounts.

This is not the first time Reliance become the victim, a while ago, hacker named "ISAC" was able to access Reliance Communications ISP server, and then release the list of all blocked sites by Reliance to Protest against Internet Censorship

Filed under: News No Comments
16Jul/120

Cross-platform Trojan : Mac, Windows, Linux Found

Security researchers working for F-Secure have found a web exploit that detects the operating system of the computer and drops a different trojan to match.The attack was first seen on a Columbian transport website which had been hacked by a third party. This malware is known as GetShell.A and requires users to approve a Java applet installation.
 
It can detect if you're running Windows, Mac OS X, or Linux, and then downloads the corresponding malware for your platform. The malicious files developed for each type of OS connect to the same Command & Control server that F-Secure has localized at IP address 186.87.69.249.

Karmina Aquino, a senior analyst with F-Secure said "All three files for the three different platforms behave the same way. They all connect to 186.87.69.249 to get additional code to execute. The ports are 8080, 8081, and 8082 for OSX, Linux and Windows, respectively.''

Filed under: News No Comments
16Jul/120

Apple’s App Store payment system bypassed

Apple is investigating yet another security breach in its iTunes app store . A Russian hacker worked out a way that allows people to bypass payment in the App Store and download products for free.

The hacker, dubbed ZonD80, posted a video of the crack on YouTube (Deleted by Youtube now) and claims that the technique makes it possible to beat Apple's payment systems by installing a couple of certificates and assigning a specific IP address to the device.

The new service, which has already been subject to attempts at shutting it down, requires no jailbreaking and only minimal configuration changes. It works by funneling purchase requests through a server operated by the hacker, rather than the legitimate one offered by Apple. As a result, charges that normally would be applied to a user's account are bypassed

Filed under: News No Comments
11Jul/120

Keyless BMW Stolen in under 3 minutes

Automobile enthusiasts are pointing to an unusual rise in the number of BMW thefts in the U.K. this year. Expensive cars being stolen isn't anything to be enthusiastic about, but the reason for this new trend definitely is: the cars in question are key less. Multiple BMW models are being swiped without activating car alarms or immobilizers because the thieves are hacking their way into the vehicles.

the video shows how this BMW was stolen in under three minutes.The thieves used devices that plug into the car's On-Board Diagnostic (ODB) port to program a new key fob.

In this particular video, there are a few security flaws that the hackers are exploiting simultaneously: there is no sensor that is triggered when the thieves initially break the window, the internal ultrasonic sensor system has a "blind spot" just in front of the OBD port, the OBD port is constantly powered (even when the car is off), and last but not least, it does not require a password. All of this means the thieves can gain complete access to the car without even entering it.

Filed under: News No Comments
10Jul/120

DNS changer Article

Filed under: News No Comments
5Jul/120

DNS Changer Malware

The warnings about the Internet problem have been splashed across Facebook and Google. Internet service providers have sent notices, and the FBI set up a special website.

Thousands of Canadians could be among the hundreds of thousands of people around the world who might lose Internet access on July 9. That's the day the FBI will shut down all the "clean servers" it set up to combat a massive hacking operation.

Last November the FBI arrested and charged six Estonian men behind the malware as part of Operation Ghost Click. These hackers were able to make a fortune off their project, raking in millions for ads placed on their fraudulent websites.On the eve of the arrests, the FBI hired Paul Vixie, chairman of the Internet Systems Consortium (ISC) to install two temporary Internet servers that would prevent infected users from losing access to the Internet once the DNSChanger botnet was shut down.

DNS (Domain Name System) is a core Internet technology used to convert human readable domain names suchasfacebook.com into an IP address such as 10.181.211.1, which a computer understands.

It's estimated that there is still around 277,00 infections worldwide. If you're concerned about your own PC, or family members, then there's a DNS checker website  http://www.dns-ok.us/

Running the temporary servers for eight months has cost the FBI $87,000. Both Facebook and Google created their own warning messages that showed up if someone using either site appeared to have an infected computer. Facebook users would get a message that says, "Your computer or network might be infected," along with a link that users can click for more information. Google users got a similar message, displayed at the top of a Google search results page. It also provides information on correcting the problem.

Ensure that the DNS Servers are not within the following range of Internet Protocols (IPs) By typing in the command promt  (ipconfig   /all ):

- 85.255.112.0 through 85.255.127.255 -

- 67.210.0.0 through 67.210.15.255 -

-93.188.160.0 through 93.188.167.255 -

-77.67.83.0 through 77.67.83.255 -

- 213.109.64.0 through 213.109.79.255 -

- 64.28.176.0 through 64.28.191.255-

If DNSChanger is detected, users may use software from McAfee, Kaspersky Labs, Microsoft, Norton, or Trend Micro to clean the infection

Filed under: News No Comments
5Jul/120

Android click jack malware

Mobile security researchers have identified an aspect of Android 4.0.4 (Ice Cream Sandwich) and earlier models that clickjacking rootkits could exploit. Researchers at NC State in the US have developed a prototype rootkit that attacks the Android framework and could be used to steal personal information.

What is clickjacking? It is a technique that tricks users and is often used to take over computers,or snag confidential info that is revealed by users who thinks they are on a legitimate webpage.

Like most Android malware, the rootkit can be distributed as a malicious app, opening up a host of potential vulnerabilities on any device on which it is installed.

The rootkit could be bundled with an app and is said to be undetectable by anti-virus. and would allow an attacker to replace a smartphone's browser with a version that captures key strokes to log bank card data and uploads them to a hacker-controlled server

In a demonstration video, the rootkit is shown manipulating the apps on a smartphone. Such a program could be used by cybercriminals to replace an app with a malicious data stealing version that appears legitimate to the user.

http://www.youtube.com/watch?v=RxpMPrqnxC0&feature=player_embedded

Filed under: News No Comments