HideMyAss VPN

Wednesday, August 14, 2013

Arbor Networks uncovers large-scale password bruteforcing campaign – and CSO discovers that it’s growing larger every day

Arbor Networks have recently released a report that claims to have uncovered a large-scale password bruteforcing campaign that’s been in operation since April this year.
For the last few months, the campaign has reportedly been targeting websites running the Wordpress or Joomla blogging platforms, while a smaller number of attacks have been aimed at Datalife Engine, a Russian platform.

Infected Windows computers are used to bruteforce domains by targeting administration pages and guessing typical usernames and passwords until they gain access to the accounts. PHP shell files that grant complete control over the webserver are then disguised as add-ons to Wordpress, Joomla or Datalife Engine, and are uploaded to the system.

Arbor Networks have managed to at least partially trace the hackers, thanks to the inclusion of hardcoded Command & Control addresses in the malware. The discovery of these addresses meant that Arbor Networks was able to uncover the attacker’s logs, in turn uncovering unprecedented additional information about the scale of the campaign.

The logs suggest that there are around 25,000 infected Windows computers and over 6,000 domains that have been compromised, most of which are located in Russia and the Ukraine. Security website CSO has also discovered that attempts against domains in different countries are increasing, so it would appear that this campaign is becoming bigger and more complex – and thanks to the fact that the attackers have modified the malware to stop it recording logs that sites like CSO can access, there is no way to check the most recent statistics and details.

As things stand, it appears that you’ll only be at risk of this botnet if you work for a company that utilises one of the blogging platforms, but that’s not to say that the malware won’t evolve to target private computers. It’s therefore wise to change your password to something more complex, with lots of numbers and symbols in it, to minimise the risk.

Whilst a VPN service would not be able to defend against an attack of this nature, it's another wise protective measure that you can take to shield your computer when browsing the internet, allowing you to encrypt your internet traffic for increased security.

Chinese hacker group APT 12 returns with updated tools

The APT 12 group of hackers, thought to have links to the Chinese People's Liberation Army, has
launched several new attacks after a few months of inactivity.
The group received widespread media coverage in January after a large security breach at The New York Times and several other high-profile companies, which shed some light on their methods and manner of operation.

APT 12 seem to have made a reappearance in May, using new versions of Backdoor.APT.Aumlib and Backdoor.APT.lxeshe, as well as command and control infrastructures used previously to target Taiwanese companies and an international finance and economic policy group.
The hackers have reportedly made a few changes to the network communication protocols in their malware to ensure that the traffic patterns generated are different to those seen in older versions of the programmes. It would seem that the group hopes these changes will allow them to avoid discovery by intrusion detection systems.

The evolution of these malware types marks a significant step, as before this Aumlib had not been modified since May 2011 at least, while lxeshe has not changed since at least December 2011. It’s possible that there are currently ongoing attacks using these updated versions of the malware. Ned Moran, senior malware researcher at FireEye, recommends that companies 'ensure that their detection tools are also able to identify these new variants’.

If you’re worried about the security of your network or personal computer, then using a VPN service can help to protect your private data from prying eyes - allowing you to surf anonymously and encrypt your internet traffic for increased security.

Sunday, August 11, 2013

How to setup OpenVPN on Windows 7

Windows 7 OpenVPN Instructions

Before You Get Started...

Installation of VPNReactor requires administrative privileges on your computer. If you don't already have administrative access on your computer, this may be provided by your IT department.
If you have installation questions or need to reach VPNReactor technical support, please email us at the PRO email listed on the bottom of this page.

How to Install

  • To download the OpenVPN Windows installer, visit the OpenVPN downloads page here.
    • This is a simple, user-friendly GUI-based OpenVPN client software package for configuration and management on Windows OS.
  • Click Setup a new connection or network
  • Choose Connect to a workplace then Next
    • You may encounter a Security Warning screen: "Do you want to run this software?"
    • If you see the Security Warning screen, click Run to run the software.
  • The Setup Wizard prompt will appear. Click Next to continue.
  • The OpenVPN license agreement and terms appear. Click I Agree to continue.
  • The component selection dialog appears. Leave all components checked with their default settings and click Next.
  • Select your destination folder and click Install.
    • Note the Destination Folder location during install (usually C:\Program Files\OpenVPN or C:\Program Files (x86)\OpenVPN)
  • When the installation is complete, click Next.
  • The wizard will notify you of the completion of the installation and prompt you to click Finish.
  • Download the VPNReactor Windows configuration ZIP.
  • Click Open.
  • Extract the files from the configuration ZIP into the config folder in the OpenVPN destination folder referenced in step 7. By default, it will be C:\Program Files\OpenVPN\config or C:\Program Files (x86)\OpenVPN\config).
    • Click File.
    • Click Extract All.
    • A setup wizard window will open: "Welcome to the Compressed (zipped) Folders Extraction Wizard". Click Next.
    • "Select a Destination" prompt will appear. Click Browse.
    • Locate the Destination Folder referred to in step 7, and find the config folder within it. Click Next to begin extraction.
    • Click Finish.
  • Find the OpenVPN GUI icon on your desktop, right-click on it, and choose Properties from the context menu.
  • Click on Change settings for all users.
  • In the Properties window, check Run this program as an administrator.
  • Click OK to close the Properties window.
  • Click OK to close the OpenVPN GUI Properties window.

How to Connect

  • Find the OpenVPN GUI icon on your desktop and double-click it to launch OpenVPN.
  • In the taskbar tray, right click on the OpenVPN GUI icon.
  • Find the site to connect to from the menu, and choose Connect from the site's submenu.
  • Enter your Login and Password when prompted and click OK.
  • The OpenVPN GUI icon in the tray will turn green once the secure connection is established.

How to Disconnect

  • Right click on the OpenVPN GUI icon in the taskbar.
  • Find the site you are connected to, and choose Disconnect from the site's submenu.
  • The OpenVPN GUI icon in the tray will turn red once the disconnection is complete.

Video Tutorial

How to install desktop client on Windows

This howto will help guide you through the installation process of the Desktop Client.
Step 1:
Launch the msi installer for the client and click next:
OpenVPN Client Install
Step 2:
Read and accept the License and click next:
OpenVPN Client Install
Step 3:
Choose the location to install the program files for the Desktop Client and click Next:
OpenVPN Client Install
Step 4:
You are now ready to install the Desktop Client, click Install to proceed:
OpenVPN Client Install
Step 5:
Please wait while the Desktop Client Installs:
OpenVPN Client Install
OpenVPN Client Install
OpenVPN Client Install
Step 6:
You may see a warning asking you to install the Desktop Clients TAP Adapter, check the box that says "Always trust software from "OpenVPN Technologies, Inc." and click Install:
OpenVPN Client Install
Step 7:
The Desktop Client is now installed, click Finish to complete the installation:
OpenVPN Client Install

Friday, August 9, 2013

Xeros copiers rewriting documents, patent filings reveal plans for Samsung smartwatch, and British police given access to the army’s crime-fighting software

Xerox copiers rewriting documents
David Kriesel, a German computer scientist, has discovered that some Xerox copiers are mistakenly changing numbers on documents. Kriesel uncovered the flaw when he realised that the room dimensions on a construction plan that he’d copied had magically changed from 21.11m to 14.13m. The problem is thought to be caused by Jbig2, an image compression standard that substitutes figures it thinks are the same, which means that numbers such as 6 and 8 are frequently switched incorrectly. Xerox have confirmed that they will release a patch in the next couple of weeks, but Kriesel is worried that the problem could have already affected important documents such as invoices.

Patent filings reveal plans for Samsung smartwatch
Samsung’s detailed smartwatch plans have been unveiled thanks to a series of patent and trademark filings. The company has already registered ‘Samsung Gear’ in South Korea and ‘Samsung Galaxy Gear’ in the US, with drawings showing that the smartwatch will likely feature a flexible screen that wraps around the wrist. The diagrams show that the screen will make up  about half of the device. There will also be a small panel with a back arrow and home key, similar to those found on Samsung smartphones, with the remaining space taken up by a strap made of metal and synthetic materials.

British police given access to the army’s crime-fighting software
Military software that was created as a way to cope with human rights abuse cases in Iraq is now being used by the British police to document child abuse, hate crimes, and computer hacking cases. The recent advancements in digital technology had threatened old police systems with the prospect of slowing down court cases and blocking up systems unable to cope with 'big data'. It’s currently estimated that the amount of data associated with each investigation rises by around 120% every year. The software was originally conceived by the Royal Military Police as a way to help the Iraq Historic Allegations Team deal with their massive workload, and the RMP say it’s already being used by several civilian police forces around the UK.

Thursday, August 8, 2013

Motorola announces phone that is ‘always listening’, Syrian Electronic Army targets Reuters and White House, and Apple releases update to deal with malicious chargers

Motorola announces phone that is ‘always listening’
Motorola has announced a new phone that is said to be ‘always listening’ for any voice commands from its owner. The company, which is owned by Google, has revealed that the Moto X will constantly be listening out for the phrase, ‘Ok Google now…’ in order to respond to its owner’s instructions. The phone will be made in the US and customers will be able to customise their device extensively. Google's ownership of the brand makes this new release likely to cause tension in the Android market, since at present the vast majority of Android sales come from Samsung handsets. Several other manufacturers whose phones run on Google’s operating system are struggling to generate enough sales.

Syrian Electronic Army targets Reuters Twitter account and White House emails
Pro-Assad hackers known as the Syrian Electronic Army have targeted Thompson Reuters’ Twitter account and several email accounts used by the White House's social media staff in a bid to spread pro-Assad messages in support of the Syrian government. The White House email accounts were Phished by a collection of emails that claimed to have come from the BBC and CNN. This attack failed, but a Reuters’ Twitter account hack succeeded. The SEA used the account to share political cartoons and messages until it was suspended and restored.

Apple releases update to deal with malicious chargers
We previously reported that a group of researchers from the Georgia Institute of Technology had developed a device that could potentially allow hackers to break into an iPhone using only the phone’s charger. Apple has now confirmed that it is planning to release a software update in order to try to protect its products from these malicious chargers. The update is still pending at the moment but is warning users to be sure that they trust both the charger and charging point before plugging their device in. The malicious chargers and the data-stealing application that they use were displayed at the Black Hat Hacker conference, which is currently being held in Las Vegas.

Latvia refuses US request to extradite hacker

Latvia is refusing to extradite a native man that the US believes was instrumental in writing a computer virus that was then used to steal millions.
Deniss Calovskis was named in January as one of the creators of the Gozi virus, which infected over a million computers and stole data that was used to raid bank accounts and rob significant amounts of money. His two co-creators are Romanian and Russian, with the latter already in a US jail and the former awaiting extradition. The application to extradite Calovskis has now been denied by the Latvian courts twice.

In addition to the decision made in court, Latvia’s foreign minister has backed Calovskis amid claims that the sentence he faces is inconsistent with the crime that he has allegedly committed. The US is said to be seeking a jail term of around 60 years for Calovskis, but the foreign minister, Edgars Rinkevics, says that this effectively equates to a life sentence and observed that, although he couldn’t say whether or not Calovskis broke the law, it seemed grossly disproportionate to what he is alleged to have done. Rinkevics also warned that the trans-national nature of the offence means that it could be extremely difficult to prove that any crimes were actually committed on US soil, and that there was therefore no reason Calovskis couldn’t serve his sentence in Latvia instead if he was indeed found guilty.

Unsurprisingly, the US is less than impressed with this line of argument. US attorney Preet Bharara claimed the three men were part of ‘modern-day bank robbery ring that required neither a gun nor a mask,’ and security analyst Graham Cluley criticised the lack of co-operation between the two countries and pointed out that, ‘If you caught a criminal who stole sums like that in traditional bank robberies, you would expect them to have the book thrown at them’. Calovskis is accused of being directly responsible for manipulating the malware to resemble a bank's webpage, tricking customers into inputting their personal details.

Given the amount of malware and cybercriminals out there, it's never been more important to ensure your computer is properly defended, and a VPN service can help. A VPN provides your computer with an extra layer of protection to help keep your personal data private when you're using the internet.