Solutionary Threat Report - July 2011

Voicemail Hacking

Voicemail hacking was brought to the general public’s attention this month by Rupert Murdoch’s now-defunct Sunday tabloid News of the World. The paper is accused of serious privacy invasions in the name of news. Victims ranged from celebrities, the Royal Family, missing teenagers, families of service personnel killed in Iraq and Afghanistan and possibly 9/11 victims. Anyone could be a victim because hacking into voicemail isn’t that complicated. Cell phone networks allow you to access your voicemail from any phone, not just your own handset. Depending on the network, this could be your own mobile number, or a generic one for all customers. Once connected to the system the user is prompted for a PIN, usually a four-digit number. Certain carriers provide default PINs that customers aren’t required to personalize. This makes it easy for a hacker to gain access. Some voicemail systems let you hear your messages without a password when you call from your own phone. Hackers can take advantage of this by spoofing the caller ID. This makes the call appear to be coming from the phone they are trying to hack. In order to be protected from these hacking attempts, always use a personalized password for accessing voicemail.

Whaling

Phishing is the practice of pretending to be a trustworthy site or company for the sole purpose of stealing an individual’s sensitive information. When gained, cyber criminals then store this information. Whalers just steal the information using an auto-whaler. The tool scours the net for fraudulent sites and steals any login credentials that victims might have entered, making them available to the whalers who had nothing to do with the original phishing. An auto-whaler called “666 Auto Whaler” is turning the tide of these opportunistic criminals. This auto-whaler contains a Trojan that steals passwords. It is ultimately designed to pilfer gaming account logins and IM passwords.

Google Warns Users of Virus

After investigating some unusual search traffic, Google security engineer Damian Menscher discovered Google users that were infected with a virus. The virus hijacks browser searches and redirects search traffic through proxy sites. The 2 million PCs were infected by fake antivirus programs called scareware. While seeking antivirus programs on Google, users were redirected to sites containing false security programs. Google has placed a yellow warning banner of its search page directing affected customers to instructions on how to remove the virus.