Bigmouthmedia Search Engine News: /fraud/

Manchester named UK's top piracy city

Mon, 17 Sep 2012 08:48:00 GMT

There are more illegal downloads in Manchester per person than any other city in the UK, according to a survey studying illegally shared music.

Nottingham and Southampton followed, in second and third respectively.

Monitoring service Musicmetric collected the statistics independently in what is one of the largest analysis of its kind to be conducted.

Musicmetric monitored global activity of BitTorrent files, and concluded in the first half of 2012, UK internet users illegally downloaded more than 40 million albums and singles online.

Ed Sheeran was the UK's most pirated act - his 2011 album was downloaded illegally roughly 55,512 times a month, and was the most popular download in more than 460 cities and towns in the UK.

In contrast, legal sales of Sheeran's album for the first half of this year reached 448,000.

"According to their data, there are more illegal downloads in the UK still than there are legal purchases," the BPI's chief executive Geoff Taylor told the BBC, adding such high volumes of piracy were having a negative impact on investment in new music.

"[It] compares to about 240 million tracks that were sold legally. A lot of people are getting very rich from stealing other people's things.

"That's wrong, and we think that musicians deserve to be paid for what they do, just like everyone else."

Globally, the UK ranked second in terms of highest number of illegal downloads, trailing behind the US - which clocked 96,681,133 illegal downloads - by more than half.

Pop star Rihanna's most recent album, Talk That Talk, was the most pirated album in the world - reaching 1,228,313 downloads so far this year.

Digg | delicious | Reddit | Google | Twitter | Sphinn | StumbleUpon | YahooBuzz | Facebook | Mixx | Contact bigmouthmedia

GoDaddy goes down

Tue, 11 Sep 2012 06:36:00 GMT

Many thousands of websites crashed after one of the world's biggest internet domains GoDaddy went down.

A possible hack has been blamed for site disruption yesterday, with many users expressing annoyance via the websites hosts Twitter page.

"Hey, all. We're aware of the trouble people are having with our site. We're working on it" a representative for GoDaddy wrote on the company's Twitter page.

They apologised to their users for any frustration caused by the technical glitch believed to be the result of a hacking incident.

One Twitter account - @AnonymousOwn3r, which recognises itself as the "security leader" of the infamous hacking group, said the attack had been carried out by an individual and not the organisation itself.

The worldwide hosting service is reported to have generated a staggering £687m in sales last year alone. In an interview with the BBC, Rick Ferguson, Director of Security Research at computer corporation Trend Micro said: "What I've seen and heard is it was a DoS attack on the DNS infrastructure.

"If it is true, then that has not been constructed to scale up in a sizeable DDos. The GoDaddy site can cope with a sizeable amount of traffic, but its DNS may not have been.

"Of course, that's speculation and without confirmation from GoDaddy on the nature of the attack, we don't yet know the full facts," he concluded.

Anonymous is an organised group of hackers and hacking advocates who were responsible for staging protests in India against internet censorship and in April of this year, and also claimed responsibility for defacing almost 500 websites in China.

Digg | delicious | Reddit | Google | Twitter | Sphinn | StumbleUpon | YahooBuzz | Facebook | Mixx | Contact bigmouthmedia

Apple and Amazon assess security after Honan hack

Wed, 08 Aug 2012 07:49:00 GMT

Apple and Amazon are reviewing their security processes after Wired journalist Mat Honan's digital world was wiped by hackers last Friday.

In the space of one hour, hackers managed to access and wipe Honan's tablet, computer and phone and take over his Google and Twitter profiles using personal information obtained through his Amazon and Apple accounts.

The hackers easily obtained the small amount of information necessary to destroy the technology journalist's "entire digital life" by utilising vital flaws in the customer service security procedures at both companies.

First, a call was placed to Amazon, who allowed a fake credit card to be added to Honan's account after requesting only an email and billing address for security verification, both of which are easily accessible on the Internet.

After hanging up, the assailants again called Amazon customer services and provided the new credit card number as a security verification, before changing the password on the account.

This allowed the hackers full access to Honan's Amazon account, including details of the last four digits of all stored credit cards - the exact digits that Apple use for their security verification.

After passing Apple's security checks, the digital invaders gained access to Honan's iCloud account and reset passwords for Google and Twitter before wiping all data from his iPad, iPhone and MacBook, including 8 years of emails and every photo of his young daughter's life so far.

In an article for Wired, detailing events that took place during and after the hack, Honan said: "Those security lapses are my fault, and I deeply, deeply regret them. But what happened to me exposes vital security flaws in several customer service systems, most notably Apple's and Amazon's."

Apple has now suspended the facility for customers to reset their Apple ID over the phone by verifying only a few pieces of easily obtainable information. A spokesman told the Telegraph: "We are reviewing all of our processes for resetting account passwords to ensure our customers' data is protected."

Wired have reported that Amazon have also banned callers from making changes to their account information over the phone.

Honan, who is one of a number of recent hacker victims, concluded: "I'm mostly mad at myself....But I'm also upset that this ecosystem that I've placed so much of my trust in has let me down so thoroughly."

Digg | delicious | Reddit | Google | Twitter | Sphinn | StumbleUpon | YahooBuzz | Facebook | Mixx | Contact bigmouthmedia

Researcher claims 'Botnet' hijacks Android smartphones

Thu, 05 Jul 2012 08:00:00 GMT

Microsoft researcher Terry Zink has said there is evidence that spam is being sent from Yahoo mail servers by smartphones using Android operating systems. These phones have apparently been hijacked by an illegal botnet.

"We've all heard the rumours," said Mr Zink in a blog post.

"But this is the first time I have seen it - a spammer has control of a botnet that lives on Android devices.

"These devices login to the user's Yahoo Mail account and send spam."

A botnet is a large illegal network of infected desktop or laptop computers, which are used to send out masses of spam emails.

Mr Zink said the IP addresses used to send the emails originated from Android devices in Russia, Indonesia, Oman, Lebanon, Saudi Arabia, Ukraine, Venezuela and Thailand. The emails typically attempt to get people to buy prescription drugs and the like.

"We are seeing a lot of activity from cybercriminals on the Android platform," security expert Graham Cluley, from anti-virus firm Sophos, told the BBC.

"The best thing you can do right now is upgrade your operating system, if that's possible.
"And before you install apps onto your device, look at the reviews, because there are many bogus apps out there."

Over the last few months, Google's Android OS has suffered from several high-profile issues with malware affected apps. Google Play, their official app store, has had problems with fake apps, usually free pirate versions of popular games like Angry Birds.

A Google spokesman told the BBC they were working on making the Android platform more secure: "We are committed to providing a secure experience for consumers in Google Play, and in fact our data shows between the first and second halves of 2011, we saw a 40 per cent decrease in the number of potentially malicious downloads from Google Play."

Digg | delicious | Reddit | Google | Twitter | Sphinn | StumbleUpon | YahooBuzz | Facebook | Mixx | Contact bigmouthmedia

Phishing scam targets LinkedIn password leak victims

Thu, 07 Jun 2012 09:00:00 GMT

The LinkedIn users who had their passwords leaked online by a Russian Hacker yesterday have already been targeted by an email phishing scam.

The emails are designed to look like official LinkedIn emails and ask users to 'confirm' their email address by clicking a link. However, when a user clicks on the link, they are taken to a counterfeit website.

LinkedIn have confirmed on their blog that the affected users have had their passwords reset and will receive an email with instructions on how to set new passwords.

"Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid," said LinkedIn director Vicente Silveira in an official blog post, confirming that a security breach had occurred.

"These members will also receive an email from LinkedIn with instructions on how to reset their passwords.

"These affected members will receive a second email from our customer support team providing a bit more context on this situation and why they are being asked to change their passwords."

However some analysts believe that LinkedIn's measures to combat the leak have not been sufficient.

"I'd really like to see a clearer statement from them on their front page," Gartner's Ant Allen told the BBC.

"A statement that they were taking steps to minimise the risks of passwords being exposed in the future and the risks to users if passwords were exposed would do a lot to reassure people. Simply saying, 'we need you to reset your password as a security precaution' is not enough."

6.4 million LinkedIn passwords were leaked along with a message encouraging other hackers to help decrypt the data.

However LinkedIn is not the only social network to have been attacked yesterday. Dating website eHarmony has also been hit with 1.5 million passwords leaked, according to tech news site Ars Technica.

Digg | delicious | Reddit | Google | Twitter | Sphinn | StumbleUpon | YahooBuzz | Facebook | Mixx | Contact bigmouthmedia

Researchers find spyware in Simurgh

Wed, 30 May 2012 07:13:00 GMT

Internet users in Iran and Syria who try to get around censorship controls are being targeted by spyware, researchers from the University of Toronto have found.

The team discovered installation software for a proxy tool called Simurgh was also implanting keylogging spyware.

Simurgh software is used to keep the web users identity anonymous and allow them to gain access to blocked sites, but a corrupted version also adds a Trojan virus to the PC - sending data to a site registered with a Saudi Arabian ISP.

Data sent includes usernames, machine name, windows clicked and each keystroke entered.

Simurgh makers posted a message of warning on their website, suggesting versions of the software downloaded from file sharing site 4shared could have been compromised. Meanwhile, antivirus providers Sophos and Avira have updated their malware scanners to identify when the code is present.

"This Trojan has been specifically crafted to target people attempting to evade government censorship," Morgan Marquis-Boire, a technical adviser in Toronto University's Munk school of Global Affairs, said.

"If found to be installed on a computer one must consider all online accounts (email, banking etc) to have been compromised and it is advised that all online passwords be changed as soon as possible."

The discovery comes following another malware attack in the Middle East - dubbed Flame - which sought to steal sensitive data.

"Unlike Flame, which is highly targeted malware that has only been found on a handful of computers globally, this malware is targeting users for whom having their communications compromised could result in imprisonment or worse," Chester Wisniewski, senior security advisor at Sophos, wrote on the company's blog.

"Many thousands depend on the legitimate Simurgh service, which makes it likely that far more people have been impacted by this malware."

Digg | delicious | Reddit | Google | Twitter | Sphinn | StumbleUpon | YahooBuzz | Facebook | Mixx | Contact bigmouthmedia

Yahoo CEO issues apology after CV scandal

Tue, 08 May 2012 09:01:00 GMT

Yahoo CEO Scott Thompson apologised to employees after an accusation by investor Daniel Loeb, who alleges Thompson elaborated his CV.

"I want you to know how deeply I regret how this issue has affected the company and all of you, we have all been working very hard to move the company forward and this has had the opposite effect. For that, I take full responsibility, and I want to apologise to you." Thompson said in a memo to employees.

Thompson's CV boasts a degree in computer science; however, this degree is actually in accounting. According to Loeb, Stonehill College, where the alleged degree was completed, didn't begin awarding computer science degrees until four years after Thompson graduated.

A copy of his resume was released by Reuters on Monday, following suspicions regarding the disclosure of his academic credentials. Thompson said he completely respects the board's plans to conduct an independent review of the situation.

The former president of eBay and Paypal, Thompson has only been with the company since January - which puts the company in an even more difficult position.

Adam Seessel, director of research at Martin Capital Management, told Reuters: "If it were normal times, this would warrant a dismissal. But he's so new and the company is in such a sensitive spot. Sometimes in the heat of the battle, you can't get rid of your commander ... and a battle is going on."

Yahoo has been associated with a string of errors recently, including turning down Microsoft's offer to buy it for a $33 share. The company has been "running neck and neck with HP for the worst board in America for a number of years", Eric Jackson, a Yahoo shareholder, said to Forbes Magazine.

Digg | delicious | Reddit | Google | Twitter | Sphinn | StumbleUpon | YahooBuzz | Facebook | Mixx | Contact bigmouthmedia

Court rules Pirate Bay to be blocked by UK ISPs

Mon, 30 Apr 2012 07:00:00 GMT

The High Court has ruled Swedish file-sharing website The Pirate Bay must be blocked by internet service providers in the UK. This means that TalkTalk, O2, Sky, Everything Everywhere, and Virgin Media will have to stop their users from accessing the site.

Launched in 2003, Pirate Bay hosts download links to free music and video that has been mostly pirated. In November 2011 the British Phonographic Industry (BPI) asked UK ISP's to block the site voluntarily. The ISP's refused to do so unless a court order was made.

"The High Court has confirmed that The Pirate Bay infringes copyright on a massive scale," said the BPI's chief executive Geoff Taylor in an interview with the BBC.

"Its operators line their pockets by commercially exploiting music and other creative works without paying a penny to the people who created them.

"This is wrong - musicians, sound engineers and video editors deserve to be paid for their work just like everyone else."

The ISP's will now comply with the ruling. Talking to the BBC, Virgin Media confirmed it will honour the high court judgement.

However, the company was keen to stress that the blocking of Pirate Bay is only part of the solution: "As a responsible ISP, Virgin Media complies with court orders addressed to the company but strongly believes that changing consumer behaviour to tackle copyright infringement also needs compelling legal alternatives, such as our agreement with Spotify, to give consumers access to great content at the right price."

Digg | delicious | Reddit | Google | Twitter | Sphinn | StumbleUpon | YahooBuzz | Facebook | Mixx | Contact bigmouthmedia

Apple warns appayola-using app-makers

Tue, 07 Feb 2012 09:37:00 GMT

App Store competition can be tough, but Apple has warned the consequences of trying to game the system are tougher.

Apple is reminding app-makers that using appayola services - paying to artificially inflate an app's chart ranking - will lead to them being stripped of their ability to release apps in the App Store.

In a post on Apple's Developer website, the company said: "Once you build a great app, you want everyone to know about it. However, when you promote your app, you should avoid using services that advertise or guarantee top placement in App Store charts.

"Even if you are not personally engaged in manipulating App Store chart rankings or user reviews, employing services that do so on your behalf may result in the loss of your Apple Developer Program membership."

The reminder appears to have come in response to a recent conversation on the forum for the mobile games site Touch Arcade. In the forum posting, an independent developer claimed to have been contacted by an ad network charging $5,000 (£3,200) for a guaranteed spot in the App Store's Top 25 placement listing for free apps.

The developer also alleged that the company claimed to use a bot farm to automatically download apps and drive up their rankings, as well as implicating eight free apps currently in the Top 25 listing as using the unnamed bot farm's services.

Making the Top 25 is a coveted position in the App Store, and the potential revenue rewards for download popularity are certainly alluring. However, analysts are quick to point out that long-term business models cannot be built on the artificial use of bot farms.

For example, a really bad game in the App Store may just make it into the Top 25 by using appayola firms, but once "real human" users start playing, the rankings can sink very quickly.

Digg | delicious | Reddit | Google | Twitter | Sphinn | StumbleUpon | YahooBuzz | Facebook | Mixx | Contact bigmouthmedia

Anonymous puts government sites on the bonfire

Tue, 08 Nov 2011 09:25:00 GMT

Hacktivist collective Anonymous struck again this weekend, carrying out attacks on both El Salvador and Israeli government sites.

El Salvador's president's website went offline after being swamped with over 30 million visits on Saturday, and the legislative assembly, police and ministry of justice also came under attack.

Presidential spokesman David Rivas pinned the attack on Anonymous and believed it to be part of vigilante Operation Justice El Salvador - sparked by the group's stance on the country's human rights record.

Economy minister, Hector Dada Hirezi added that the group "tried to attack our website to publicise the private information of internal and external users."

On Sunday the Israeli government's website also faced the wrath of Anonymous, as the group threatened action via YouTube video if humanitarian boats attempting to reach Gaza continued to be blocked.

"Your actions are illegal, against democracy, human rights, international, and maritime laws. Justifying war, murder, illegal interception, and pirate-like activities under an illegal cover of defense will not go unnoticed by us or the people of the world," the video said.

Afterwards several of the Israeli government sites went down, citing 'server error' as the problem.

Elsewhere however, the hacking group found they had bitten off more than they could chew when it came to Mexican drug cartel Los Zetas. 'Operation Cartel' was abandoned after an Anonymous member was kidnapped and only released when the hackers threatened to expose corrupt supporters of the gang.

Guy Fawkes weekend perhaps wasn't all the vigilantes had hoped for in the end, as plans to 'destroy' Facebook and an alleged attack on Fox News failed to materialise.

Digg | delicious | Reddit | Google | Twitter | Sphinn | StumbleUpon | YahooBuzz | Facebook | Mixx | Contact bigmouthmedia