Monday, February 23, 2015

Fink RAT Co-creator Meets Big Daddy Uncle Sam

One of the co-creators of the Blackshades Remote Access Trojan (RAT) that infected more than 500,000 computers has pleaded guilty to charges of hacking.

 Alex Yücel, 24, faces up to 10 years in prison for his involvement with the $40 program designed to secretly remotely control victims' computers...

Through his creation and sale of the Blackshades RAT, Alex Yücel enabled anyone, for just $40, to violate the property and privacy of his victims...

According to documents filed in the Manhattan federal court, the Blackshades RAT - which was used to secretly take nude photos of Miss Teen USA - could give an attacker complete control over an infected system...
(more)

Indian Oil Ministry Investigating Possible Bugging

India - A sticky tape with a micro-insertion found beneath a table in the office of a top bureaucrat in the ministry has raised suspicion over snooping attempts to tap information on sensitive energy related matters, sources told HT.

“We cannot rule out any possibility... the matter has been brought to the notice of the investigative agencies, who will look into the matter,” a top petroleum ministry bureaucrat told HT requesting not to be identified...

A similar incident of a possible bugging of a government office was reported in June 2011 when suspicion surrounded the office of the then finance minister Pranab Mukherjee. The office of the home ministry and the Intelligence Bureau later confirmed that it was just a suspicion and no bugging took place in the office.
(more)

Indian Corporate Espionage Scandal Deepens

India - A corporate espionage scandal involving allegations of stolen documents from India’s government deepened this weekend, following the arrests of employees at conglomerates controlled by four of the country’s most prominent tycoons, including billionaire brothers Mukesh and Anil Ambani.

The arrests mark the first time since the election of Narendra Modi as prime minister last year that police have launched an investigation targeting such high-profile industrial businesses, and are set leave the companies and their wealthy owners facing a lengthy and potentially damaging legal investigations.
(more)

C.S.I. yi-yi - DNA Can Be Faked!

In a recent story in The New York Times, Andrew Pollack reports that "scientists in Israel have demonstrated that it is possible to fabricate DNA evidence, undermining the credibility of what has been considered the gold standard of proof in criminal cases.

"The scientists fabricated blood and saliva samples containing DNA from a person other than the donor of the blood and saliva. They also showed that if they had access to a DNA profile in a database, they could construct a sample of DNA to match that profile without obtaining any tissue from that person."

You can just engineer a crime scene,” Dan Frumkin, lead author of the paper, which has been published online by the journal Forensic Science International: Genetics, told the Times. “Any biology undergraduate could perform this.”
(more)

Saturday, February 21, 2015

Smart TVs Are Not The Only Things Eavesdropping On You

When the story broke that certain Sansung television sets were eavesdropping on their owners -- a polite way of saying the sets were spying -- it raised some alarms and forced Samsung to rewrite its privacy policy. But if you think hi-tech TVs are the only things capable of gathering your private information and sharing it with others, think again:

Our smartphones and computers, of course, listen to us when we're making audio and video calls. But the microphones are always there, and there are ways a hacker, government, or clever company can turn those microphones on without our knowledge. Sometimes we turn them on ourselves. If we have an iPhone, the voice-processing system Siri listens to us, but only when we push the iPhone's button. Like Samsung, iPhones with the "Hey Siri" feature enabled listen all the time. So do Android devices with the "OK Google" feature enabled, and so does an Amazon voice-activated system called Echo. Facebook has the ability to turn your smartphone's microphone on when you're using the app.
(more)

This is something my clients don't have to worry about. I give them SpyWarn MicSpike™... free. ~Kevin

Friday, February 20, 2015

Spyware Makes Android Phones Play Possum

A particularly devious new Android malware can make calls or take photos even if you shut the device down, according to security research firm AVG.

To achieve this, the malware hijacks the shutting down process — making it appear as though your Android device is shutting down. You see the animation, the screen goes black, but the phone is actually still on.

In this state, the malware can use the phone to send your messages to a third party, record a call or take a photo, essentially turning your phone into a device that spies on you.

AVG, which posted code excerpts showing some of the malware's functionality, names this threat Android/PowerOffHijack.A. According to the company, it infects devices running Android versions below 5.0 and requires root permissions in order to act.

The company spokesperson told us some 10,000 devices were infected so far, mostly in China where the malware was first introduced and offered through the local, official app stores.
(more)

Spywarn™ can detect this.

...and what do you do with electronics returning from International trips?

Officials at the departments of Justice and Homeland Security typically expect employees’ smartphones will be bugged when they travel overseas. So, they are experimenting with various ways to neutralize foreign spy gear.

For years, the FBI has warned government and corporate executives not to use hotel Wi-Fi connections, because of reports that foreign travelers were unknowingly downloading spyware.

When DHS personnel travel, “we understand you go there, you go to Ukraine, you come back, there's a good chance that the BlackBerry or any other device, Androids, iOS, whatever, is probably owned. We get that," said Vincent Sritapan, a cybersecurity division program manager at the DHS Science and Technology Directorate.

To contain the damage, Homeland Security limits what employees can see on their mobile device overseas, and "when it comes back, it's usually quarantined," he added.
(more)

No sure what you should be doing? Call us.

Workplace Video Voyeurism: Rabbi Pleades Guilty to 52 Counts

DC - A prominent US rabbi has pleaded guilty to 52 counts of voyeurism after secretly filming women in his congregation's ritual baths.

Barry Freundel, 63, may have recorded as many as 150 women in the changing area at his orthodox synagogue in Washington DC.

Murray Associates case history photo.
Court documents revealed that Freundel set up a recording device hidden within a digital clock radio in the changing and showering area.

The women were disrobing for the ritual Jewish bath, known as a mikvah.

He has confessed to recording at least 52 nude or partially nude women. Prosecutors say he should be jailed.

They say the actual number of women filmed is likely to have been much higher.

Before his arrest in October 2014, Barry Freundel was a rabbi at the Kesher Israel synagogue in the Georgetown area of the US capital for more than 25 years.
(more)

World's Smallest Voice Recorders

Disclaimer: I do not sell, endorse or promote products.
The following is advertising from the manufacturer. It is posted for two reasons.
1. My private investigator and security director readers are interested in investigation tools.
2. My corporate TSCM clients need to know the type of business espionage tools they face.


Smallest sizes, longest recording time, clearest record sound!

Edic-mini Tiny + А77
This is almost weightless and the smallest recorder in the series, enabling it to conduct recording from built-in rechargeable battery for more than two days. The recorder is perfectly suited for everyday use, recording everyday events and unexpected situations in life.
Technical characteristics:
  • Dimensions: 29x15x12 mm;
  • Weight: 7 g;
  • Battery life in record mode: up to 55 hours;
  • Power supply: rechargeable battery.
Detailed description here

Edic-mini Tiny+ B76 
Owing to standard battery as a power supply, B76 is flexible and effective in operation. Due to low power consumption the recorder is able to operate in record mode up to 36 hours. It is perfectly suited both for everyday use and for those who keep the Recorder handy without recording too much.
Technical characteristics:
  • Dimensions: 31x25x6 mm;
  • Weight: 16 g (without battery);
  • Battery life in record mode: up to 55 hours;
  • Power supply: battery of CR2016 type.
Detailed description here


Edic-mini Tiny 16+ A75
Professional voice recorder Edic-mini Tiny16 + A75 is the thinnest among the recorders of the Tiny16 + series. The main distinctive feature of the that model is 16-bit audio codec enable to reduce digital noise. Built-in Automatic Gain Control (AGC) makes it possible to perfectly record very loud sounds and amplify silent ones. It is a professional recording device designed for high- quality audio recording in complicated acoustic environment and from long distance, up to 15 meters.

 Technical characteristics:
  • Dimensions: 77x27x4 mm;
  • Weight: 12 g (without battery);
  • Battery life in record mode: up to 55 hours;
  • Power supply: rechargeable battery.

    Detailed description here

Wednesday, February 18, 2015

Is Your Home Security System Putting You at Risk? ...news at eleven.

HP has released results of a security testing study revealing that owners of Internet-connected home security systems may not be the only ones monitoring their homes. The study found that 100 percent of the studied devices used in home security contain significant vulnerabilities, including password security, encryption and authentication issues.

Home security systems, such as video cameras and motion detectors, have gained popularity as they have joined the booming Internet of Things (IoT) market and have grown in convenience... The new HP study reveals how ill-equipped the market is from a security standpoint for the magnitude of growth expected around IoT...

The HP study questions whether connected security devices actually make our homes safer or put them at more risk...
(more)

Busman's Holiday, or Moonlighting Surveillance

Australia - A police officer installed a tracking device on a woman's car illegally to detail her movements, a magistrates court in Perth has been told.

The detective sergeant, who has been a police officer for more than 20 years, was on holiday at the time of the alleged offence with the woman's boyfriend, also a police officer.
(more)
(Sing-a-long)

Tuesday, February 17, 2015

Yet another Hollywood Bugging Scandal

CA - A West Hollywood City Council aide has been suspended and is being investigated by sheriff’s detectives on charges of eavesdropping on another council deputy and then e-mailing portions of her private conversations to local bloggers and residents in the city.

Ian Owens, a deputy to Councilman John Duran, is accused of bugging the City Hall office of Fran Solomon, the deputy to Councilman John Heilman, said city officials who requested anonymity because they were not authorized to discuss the matter.

But, wait. There's more...

Last month, City Council candidate Larry Block was sued by celebrity spray tanner Jimmy Jimmy Coco. The professional tanner... claimed in his suit that Block was his landlord, that he wrongly evicted him and that he had installed “spy cameras” to catch him in the nude.
(more)

Monday, February 16, 2015

Science Magazine - The End of Privacy

The whole magazine is devoted to privacy.

At birth, your data trail began. You were given a name, your height and weight were recorded, and probably a few pictures were taken. A few years later, you were enrolled in day care, you received your first birthday party invitation, and you were recorded in a census. Today, you have a Social Security or national ID number, bank accounts and credit cards, and a smart phone that always knows where you are. Perhaps you post family pictures on Facebook; tweet about politics; and reveal your changing interests, worries, and desires in thousands of Google searches. Sometimes you share data intentionally, with friends, strangers, companies, and governments. But vast amounts of information about you are collected with only perfunctory consent—or none at all. Soon, your entire genome may be sequenced and shared by researchers around the world along with your medical records, flying cameras may hover over your neighborhood, and sophisticated software may recognize your face as you enter a store or an airport.
(more)

Friday, February 13, 2015

Private Investigators Are Being Nailed for Hacking

Private investigators may be the newest front for federal prosecutors in cracking down on the hacker-for-hire business.

In the coming weeks, a private investigator in New York is expected to plead guilty to charges of paying a so-called hacker-for-hire firm to steal email passwords and credentials, said three people briefed on the matter, who spoke on the condition of anonymity because no charges had been filed yet. The guilty plea would wrap up a nearly yearlong investigation by the Federal Bureau of Investigation and federal prosecutors in New York.

Separately, federal prosecutors in San Francisco on Wednesday announced the indictment of two private investigators and two computer hackers on charges that they illegally entered email and Skype accounts to gather information for matters they were working on for clients. Some of the illegally gathered information was intended to support a lawsuit, authorities said.

The identity of the private investigator in New York, who works for a small firm, could not be determined.
(more)

Study - 16 Million Smartphones Infected with Spyware / Malware

About 16 million mobile devices are infected by malicious software that is secretly spying on users, stealing confidential information and pilfering data plans.

That’s the word from Alcatel-Lucent’s Motive Security Labs, which in a study found that malware infections in mobile devices rose a full 25% in 2014, compared to a 20% increase in 2013. In fact, the uptick is so spectacular that Android devices have now caught up with Windows laptops, which had been the primary workhorse of cybercrime, with infection rates between Android and Windows devices split an even 50/50 in 2014.

“With one billion Android devices shipped in 2014, the platform is a favorite target of cybercriminals who can have lots of infection success without a lot of work,” said Kevin McNamee, director of Motive, in a blog. “Android is more exposed than rivals because of its open platform and by allowing users to download apps from third-party stores where apps are not always well-vetted.”

The mobile infection rate in 2014 was 0.68%. Fewer than 1% of infections come from iPhone and Blackberry smartphones.
(more)