Write down about at least three companies which were the victim of Computer or Internet crime.

-

 

Write down about at least three companies which were the victim of Computer or Internet crime.

Apple Company:


 

Apple's iPhones enjoy a reputation for being ultra-secure and hard to hack, so most cybercriminals don't bother trying.

However, you shouldn't think of your iPhone as a device that's totally safe from hackers. In February, a team of researchers at Google alerted Apple to vulnerabilities that persisted for two years and allowed hackers to embed malware on iPhones after people visited particular websites.

What Happened?

Even though researchers at Google found these issues months ago and reported them to Apple at that time, the team only recently went public with the discoveries. They revealed five so-called exploit chains that link security vulnerabilities together and allow hackers to get through each layer of the security protections built into an operating system.

The exploit chains took advantage of 14 total security flaws that allowed cybercriminals to gain complete control of the phone after putting malware on it that served as a monitoring implant. They could see all the database files on the device. Infiltrators could even read content from secure messaging apps like WhatsApp and view the material in plain text.

How Many Phones Got Hacked?

The researchers did not discuss the number of iPhone users potentially affected by these problems. However, they confirmed that it was an indiscriminate watering-hole attack. This means that the hackers infected the sites with malware, and all a person had to do to unknowingly receive the malware was visit one of the relevant websites.

Who Is Responsible for the Hacks?

The Google researchers did not attempt to assign blame or suggest anything about the parties that orchestrated these attacks. However, after the news broke, TechCrunch reported that its sources believe the compromised websites containing the malware were likely part of a state-based attack — and likely one from China.

More specifically, the information suggests the hackers planned their attacks to focus on the Uyghur community in China's Xinjiang state. They're a minority group of Muslims, and if this were indeed an attempt to target them, it'd be another instance in a long history of China's attacks on the group. In the past year alone, for example, hundreds of thousands of Uyghurs have been detained in internment camps.

How Did Apple Respond?








Google's researchers gave Apple a 7-day window to fix the identified issues. If the company hadn't done so, Google would have publicized its information immediately after the deadline. Apple fixed the problems and released a security patch six days after it learned of what Google found. However, the company has not released a statement since.

EBay Company:


 EBay administrators said on Wednesday that a cyber-attack carried out three months ago has compromised customer data, and the company urged 145 million users of its online commerce platform to change their passwords.

The company said unknown hackers stole email addresses, encrypted passwords, birth dates, mailing addresses and other information in an attack carried out between late February and early March. The files did not contain financial information.

An eBay spokeswoman said a large number of accounts may have been compromised, but declined to say how many. EBay said it found no evidence of unauthorized access to financial or credit card information at its PayPal payments subsidiary, which encrypts and stores its data separately.

Fraud Alert

Security experts advised EBay customers to be on the alert for fraud, especially if they used the same passwords for other accounts.

“This is not a breach that only hurts EBay. This is a breach that hurts all websites,” said Michael Coates, director of product security with Shape Security.

He said that companies typically only ask users to change passwords if they believes there is a reasonable chance attackers may unscramble encrypted passwords.

Once the passwords are unscrambled, attackers could use automated software that seeks to log into thousands of popular services, including Facebook, Twitter, popular email services and online banking sites

Assessing Responsibility

Research analysts said there was not enough information available to assess whether eBay had been negligent.

Security experts say that virtually every major corporation, government agency and other organization has been hacked at one time.

They say it is almost impossible to prevent hackers from getting into networks using social engineering techniques such as sending carefully crafted phishing emails that lure targets to tainted websites or entice them to click on malicious links. In some cases they infect websites frequented by their targets, such as the sandwich shop of a local restaurant or professional organizations.

EBay’s shares fell as low as $50.30 in early trading on the Nasdaq before recovering to $51.83 in late afternoon.

EBay has been attacked before. In February, the Syrian Electronic Army hacking group breached and defaced websites belonging to PayPal UK and eBay.

Linked In:



The social networking website LinkedIn was hacked on June 5, 2012, and passwords for nearly 6.5 million user accounts were stolen by Russian cybercriminals. Owners of the hacked accounts were no longer able to access their accounts, and the website repeatedly encouraged its users to change their passwords after the incident. Vicente Silveira, the director of LinkedIn, confirmed, on behalf of the company, that the website was hacked in its official blog. He also said that the holders of the compromised accounts would find their passwords were no longer valid on the website. LinkedIn said, in an official statement, that they would email all its members with security instructions and instructions on how they could reset their passwords.

In May 2016, LinkedIn discovered an additional 100 million email addresses and hashed passwords that claimed to be additional data from the same 2012 breach. In response, LinkedIn invalidated the passwords of all users that had not changed their passwords since 2012

Response from LinkedIn:

LinkedIn apologized immediately after the data breach, and asked its users to immediately change their passwords. The Federal Bureau of Investigation assisted the LinkedIn Corporation in investigating the theft. As of 8 June 2012, the investigation was still in its early stages, and the company said it was unable to determine whether the hackers were also able to steal the email addresses associated with the compromised user accounts as well. LinkedIn said that the users whose passwords are compromised would be unable to access their LinkedIn accounts using their old passwords

Arrest of suspect:

On October 5, 2016, Russian hacker Yevgeniy Nikulin was detained by Czech police in Prague. The United States had requested an Interpol warrant for him.

A United States grand jury indicted Nikulin and three unnamed co-conspirators on charges of aggravated identity theft and computer intrusion. Prosecutors alleged that Nikulin stole a LinkedIn employee's username and password, using them to gain access to the corporation's network. Nikulin was also accused of hacking into Dropbox and Formspring, allegedly conspiring to sell stolen Formspring customer data, including usernames, e-mail addresses, and passwords.

Nikulin is facing a Czech hearing to determine whether he will be extradited to the United States. Russian Foreign Ministry spokesperson Maria Zakharova indicated that Russian authorities were trying to block the extradition. Nikulin is currently being held in the Santa Rita Jail. Nikulin is scheduled to undergo a psychological evaluation to determine whether he is mentally competent.







Comments

Post a Comment

Popular posts from this blog

Oop(Object Oriented Programming) Project for final year students

-
Image
  Project Description: Write the C++ Code for the following parts                                                    A.     Create a class Product. Also create two descendants (derived from Product class) Food and Clothes. B.      The class Product must have a data members Product_Id, Price and Name. It contains a constructor to initialize the data members and “getdata ()” method to store the values in data members. C.      The class " Clothes " will have additional data members Color. The Clothes class also contains a constructor to initialize the data members and “getdata ()” method to store the values in data members. It additionally contains ·          storedata () method to store data in file named as “Clothes.txt” ·          readdata () method to read all information from this file ·          deletedata () to delete specific product from file ·          updatedata () to update any record ·          searchdata () to search the details of specific product entere
Read more

Write a C++ program to implement a suitable data structures (using array) of marble plates

-
Image
  Write a C++ program to implement a suitable data structures (using array) of marble plates. Your program should cover the following scenario, Suppose a waiter in a hotel is collecting plates from different tables and giving to dish washer. Dish washer is washing plates and throwing them into rack of plates. Some plates hit others very hard to break other (one above it) and/or itself. You need to develop an application that will find how many plates are broken and plates from which tables are broken. You will identify plates with unique numeric identity number. Every 5 th plate thrown into rack will break itself and one plate below it while every 7th plate will only break itself. Answer: #include "stdafx.h" #include "iostream" #include "conio.h" using namespace std; class Dishwasher { private :       int data[10];       int top;       int bottom;       int size; public :      Dishwasher() {            top = -1;            bottom = 0;        
Read more

Linklist all concepts using Dynamic arrays(using nodes)

-
Image
  Double Link List (Add and Show nodes) #include <iostream> using namespace std; struct node {     int data;     node* pre, *nxt; }; class Link_List {         node *head, *current;     public:         Link_List()         {             head=current=NULL; // Means at the most link list has no node.         }        void List_Add(int n)         {             node*tempNode;             tempNode=new node;             tempNode->data=n;             tempNode->pre=NULL;             tempNode->nxt=NULL;             if(head==NULL)             {                 current=head=tempNode;             }             else             {                 current->nxt=tempNode;                 tempNode->pre=current;                 current=tempNode;             }         }         void show_Forward()         {             node *tempNode=head;             while(1)             {                 cout<<"\t"<<tempNode->data<<endl;                 if(tempNode->n
Read more