Tag Archive for: hacker

Children’s computer game Roblox insider tricked by hacker for access to users’ data

/in



Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in
The hacker had access to personal information, the ability to change passwords and two-factor authentication, and could steal valuable in-game items from some of the ‘richest’ players in the game
Find your bookmarks in your Independent Premium section, under my profile
A hacker who bribed a worker for the online video game Roblox managed to gain access to the personal information of a smaller number of users, the ability to change passwords and email addresses, and allocate in-game currency.
The hacker first paid an insider to look up data about users, and then targeted a customer support representative. They said they did it to “prove a point” to the company.
Speaking to Motherboard under the condition of anonymity, the hacker could also change security settings, enact bans, and steal items from other users.
Roblox is a free-to-play game that “lets you play, create, and be anything you can imagine,” according to its description on the Microsoft Store. It is available on a number of platforms, including Android and iOS smartphones, Xbox game consoles, and Windows computers.
Players can customise characters and then navigate ‘minigames’ such as running obstacle courses, scuba diving, acting as a superhero, and many other activities.
According to Techcrunch, its millions of users rage from between eight and 18, although its key demographic is between nine and 15 years old.
“A lot of kids come to Roblox to play with their friends,” Craig Donato, Roblox Chief Business Officer told Techcrunch. “It’s like a virtual playground where they tend to jump from game to game with their friends – almost like jumping like I used to jump from the swing set to the monkey bars.”
In screenshots reportedly seen by Motherboard, the hacker claimed to show a customer support panel containing user data from high-profile players such as YouTuber Linkmon99 – known for being the “richest” player due to the value of their in-game items.
The YouTuber confirmed to Motherboard that the email address shown was one “secretly”…

Source…

Y0ur P@ssw0rd S*cks: Hacker Answers Security Questions

/in


Y0ur P@ssw0rd S*cks is a bi-weekly column that answers the most pressing internet security questions web_crawlr readers have to make sure they can navigate the ‘net safely. If you want to get this column a day before we publish it, subscribe to web_crawlr, where you’ll get the daily scoop of internet culture delivered straight to your inbox.

You may know crimew as the hacktivist who discovered the TSA No Fly List on an unsecured server earlier this year, as exclusively reported by the Daily Dot. The discovery even spawned an internet meme, but that’s a story for another day.

We asked crimew three questions that are most commonly asked by those interested in the world of hacking.

First things first, what exactly is a hacker? It may seem like a silly question. While many people associate the term with criminal activity, hacker is a very broad term. Although the context of this conversation will center around computer hackers, a hacker doesn’t even have to be someone who focuses on electronic devices.

As crimew puts it: “A hacker is anyone who finds creative solutions to problems.”

So, what one piece of advice would a skilled hacker give to help everyday users stay safe online from nefarious actors? It’s much simpler than you’d think.

There’s a popular belief that criminal hackers are spending most of their time breaking into individual people’s social media accounts, leading to worry among many. But in reality, most hacks are done at scale. Criminal hackers steal passwords, credit card numbers, and health data from large databases, for example.

One of the best moves you can make, crimew says, is to keep all your software updated. Sometimes you’re worried that an update will introduce a new feature you aren’t excited about. We get it. But applying all your updates, especially those for your web browsers and operating systems, will help keep you from randomly getting hacked.

Also make sure to check out web_crawlr’s other security tips, which cover a wide array of topics related to everyday life in the digital age.

Now, an answer to the question you have almost certainly asked at some point: “Why haven’t…

Source…

‘Ethical’ hacker tries to stay a step ahead of the bad guys

/in


The internet is a tough neighborhood and Nikolas Behar is a hacker. He’s among the many who show up every year at DEFCON in Las Vegas, the hacker convention. But Niko, as everyone calls him, insists he’s on the right side of the firewall.

He considers himself an ethical hacker, and he works for groups that need protection from criminal hackers trying to break into their vaults of valued passwords and data.

“A lot of people, when they think about hackers, they think about people in hoodies,” Behar said. “But there’s a movement in the industry that’s trying to change that narrative and show that hackers aren’t necessarily bad.”

As an ethical hacker, Behar has to think like a criminal. When he works for a client, he tries to break into their system to spot vulnerabilities. One example, he was able to hack into the system of a hospital client.

“So what I was able to do was park across the street in my rental car with a special antenna. And I was able to connect to their Wi-Fi and communicate with a heart monitor on their network from across the street,” he said. “All because they didn’t configure their Wi-Fi correctly and it was leaking outside the building.”

Another time when he was working for a hedge fund, he got into their building after hours and jumped over a cubicle wall to find two unlocked computers.

“So we demonstrated that we would have been able to make a $5 million trade without anybody really noticing because there’s a cubicle that’s supposed to be secure and the wall of the cubicle doesn’t go all the way to the ceiling. And the stuff in the cubicle is not locked or encrypted.”

So, who exactly are the unethical hackers? Sometimes, they work for national governments that want to pose a security threat to the U.S. Sometimes, they’re just looking for money, and that’s why they target people like us and your personal information.

“First name. Last name. Social security. Date of birth. And then you take all that data and you can sell in bulk to the highest bidder,” said Christian Dehoyos, a cybersecurity architect who leads San Diego’s chapter of the group the Open Worldwide Application Security…

Source…

Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware

/in


Dec 02, 2023NewsroomCybercrime / Malware

TrickBot Malware

A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced.

Vladimir Dunaev, 40, was arrested in South Korea in September 2021 and extradited to the U.S. a month later.

“Dunaev developed browser modifications and malicious tools that aided in credential harvesting and data mining from infected computers, facilitated and enhanced the remote access used by TrickBot actors, and created a program code to prevent the TrickBot malware from being detected by legitimate security software,” the DoJ said.

“During Dunaev’s participation in the scheme, 10 victims in the Northern District of Ohio, including Avon schools and a North Canton real-estate company, were defrauded of more than $3.4 million via ransomware deployed by TrickBot.”

Cybersecurity

Dunaev, who pleaded guilty to committing computer fraud and identity theft and conspiracy to commit wire fraud and bank fraud, faces a maximum of 35 years in prison. He is scheduled to be sentenced on March 20, 2024.

Dunaev is also the second TrickBot gang malware developer to be arrested after Alla Witte, a Latvian national who, was sentenced to two years and eight months in prison in June 2023.

The development came nearly three months after the U.K. and U.S. governments sanctioned 11 individuals suspected of being part of the TrickBot cybercrime group.

TrickBot, which started off as a banking trojan in 2016, evolved into a multi-purpose tool capable of delivering additional payloads to infected hosts and acting as an initial access facilitator for ransomware attacks.

Cybersecurity

After surviving law enforcement to dismantle the botnet, the infamous Conti ransomware crew gained control over the operation. However, both Conti and TrickBot suffered a major blow last year following Russia’s invasion of Ukraine, when Conti pledged allegiance to Russia.

This led to a series of leaks dubbed ContiLeaks and TrickLeaks that gave away valuable information about their internal chats and infrastructure, ultimately resulting in the shut down of Conti and its disintegration into numerous other groups.

Found this article…

Source…