Tag Archive for: abuse

Is It Time to Rethink the Computer Fraud and Abuse Act?

/in


Kentucky resident Deric Lostutter is fighting to regain the right to vote.

Lostutter is now a paralegal but previously was a member of hacktivist group Anonymous and served out a prison sentence after violating a federal anti-hacking law.

His particular state and the nature of his conviction are proving to be sticking points as he seeks re-enfranchisement: Kentucky indefinitely revokes voting permissions for residents with certain kinds of felonies on their records. That includes offenses that, like Lostutter’s, were tried in federal court; as such, he’d need a governor’s pardon to be re-enfranchised.


Lostutter lost voting rights after being convicted in 2017 of violating the Computer Fraud and Abuse Act (CFAA) and lying to the FBI about his actions, and he served two years. He and a co-collaborator had conducted a hack in an effort to put pressure and public attention on two Steubenville, Ohio, high school football players’ rape of an unconscious 16-year-old, as well as on school employees believed to have enabled or hidden the assault.

“I went after a coverup of a rape case,” Lostutter told Government Technology. “Did I commit a crime? Yes: I accessed a website without permission — a football fan website, where I posted allegations and evidence of the coverup to protect the football team. Do I admit that was wrong? Yes. Did I serve my time? Yes. Was it violent? No.”

That lack of permission is where the CFAA comes in. The federal law criminalizes accessing information on an Internet-connected device either without “authorization” or by exceeding the authorization one already has.

The CFAA is a controversial law. While it appears intended to prevent malicious hacking, it’s also come under fire over the years for its vague wording that some say risks scooping up more innocuous individuals alongside genuinely dangerous actors.

The Department of Justice (DOJ) appeared to acknowledge this concern last May when it issued a policy revision clarifying the law’s scope. The DOJ explained that the CFAA should not, for example, be used to charge security researchers or people who exaggerate in their…

Source…

Hackers Can Abuse Visual Studio Marketplace to Target Developers with Malicious Extensions

/in


Jan 09, 2023Ravie LakshmananSupply Chain / CodeSec

Malicious Visual Studio Extensions

A new attack vector targeting the Visual Studio Code extensions marketplace could be leveraged to upload rogue extensions masquerading as their legitimate counterparts with the goal of mounting supply chain attacks.

The technique “could act as an entry point for an attack on many organizations,” Aqua security researcher Ilay Goldman said in a report published last week.

VS Code extensions, curated via a marketplace made available by Microsoft, allow developers to add programming languages, debuggers, and tools to the VS Code source-code editor to augment their workflows.

“All extensions run with the privileges of the user that has opened the VSCode without any sandbox,” Goldman said, explaining the potential risks of using VS code extensions. “This means that the extension can install any program on your computer including ransomwares, wipers, and more.”

To that end, Aqua found that not only is it possible for a threat actor to impersonate a popular extension with small variations to the URL, the marketplace also allows the adversary to use the same name and extension publisher details, including the project repository information.

While the method doesn’t allow the number of installs and the number of stars to be replicated, the fact that there are no restrictions on the other identifying characteristics means it could be used to deceive developers.

The research also discovered that the verification badge assigned to authors could be trivially bypassed as the check mark only proves that the extension publisher is the actual owner of a domain.

In other words, a malicious actor could buy any domain, register it to get a verified check mark, and ultimately upload a trojanized extension with the same name as that of a legitimate one to the marketplace.

A proof-of-concept (PoC) extension masquerading as the Prettier code formatting utility racked up over 1,000 installations within 48 hours by developers across the world, Aqua said. It has since been taken down.

This is not the first time concerns have been raised about software supply chain threats in the VS Code extensions marketplace.

In May 2021, enterprise security…

Source…

IcedID Botnet Distributors Abuse Google PPC to Distribute Malware

/in


IcedID Botnet Distributors Abuse Google PPC to Distribute Malware



Source…

Somersworth Man Sentenced to 66 Months for Distribution and Possession of Child Sexual Abuse Materials | USAO-NH

/in


            CONCORD – Mark E. Butler, 46, of Somersworth, was sentenced to 66 months in federal prison for distribution and possession of child sexual abuse materials, United States Attorney Jane E. Young announced today.

            According to court documents and statements made in court, between June and September 2021, federal and state law enforcement officers investigated the online child sexual exploitation activities of the defendant, Mark E. Butler, who used various social media applications to share child sexual abuse materials. For example, on September 23, 2021, Butler distributed a one-minute video depicting a prepubescent child engaged in sexual conduct to an undercover agent. On October 13, 2021, investigators executed a federal search warrant to seize electronic devices used by Butler to distribute and possess child sexual abuse materials. Butler admitted that he used the internet to obtain child sexual abuse materials. Subsequent forensic analysis of Butler’s Apple iPhone and evidence obtained from a cloud storage service provider confirmed Butler’s use of several social media applications, emails, and text messages to send child sexual abuse materials to other individuals.

            In addition to his sentence, Butler was sentenced to five years of supervised release following his release from prison and a $6,000 restitution payment.

            “Protecting children is a paramount priority and those who engage in child exploitation will be prosecuted and we will seek significant sentences as demonstrated in this case,” said U.S. Attorney Young. “This case is another example of the collaborative work our law enforcement partners engage in to identify and prosecute those who possess and distribute child sexual abuse materials.” 

            “Butler possessed and distributed child exploitation materials and his sharing of this material perpetuates a cycle of abuse. Homeland Security Investigations and our partners will continue to pursue individuals who are involved in any part of the child exploitation cycle,” said Matthew Millhollin, Special Agent in Charge of Homeland Security Investigations in New…

Source…