Articles for July 2016

Over 100 suspicious, snooping Tor nodes discovered | ZDNet


Researchers have discovered at least 110 nodes on the Tor network that are “misbehaving” and potentially spying on service activity.

Over 72 days, computer science PhD student Amirali Sanatinia and Guevara Noubir, professor at the College of Computer and Information Science at Northeastern University uncovered nodes on the network which were not behaving as they ought.

The nodes, otherwise known as Tor Hidden Services Directories (HSDirs), servers which receive traffic and directs users to hidden services, are a crucial element needed to mask the true IP of users on the network.

Source: Over 100 suspicious, snooping Tor nodes discovered | ZDNet

Criminals plant banking malware where victims least expect it | Ars Technica


A criminal gang recently found an effective way to spread malware that drains online bank accounts. According to a blog post published Monday, they bundled the malicious executable inside a file that installed a legitimate administrative tool available for download.

The legitimate tool is known as Ammyy Admin and is used to provide remote access to a computer so someone can work on it even when they don’t have physical access to it. According to Monday’s blog post, members of a criminal enterprise known as Lurk somehow managed to tamper with the Ammyy installer so that it surreptitiously installed a malicious spyware program in addition to the legitimate admin tool people expected. To increase their chances of success, the criminals modified the PHP script running on the Ammyy Web server, suggesting they had control over the website.

Source: Criminals plant banking malware where victims least expect it | Ars Technica

FBI says its malware isn’t malware because ‘we’re the good guys’ | ZDNet

The FBI does “not believe” that the hacking tools it uses to break into the computers of suspected criminals should be considered “malware,” because it says they’re used with good intentions.

In the court filing, first spotted by Julian Sanchez, a senior fellow at the Cato Institute, the FBI said that its hacking tools, so-called network investigative techniques (NIT), are not “malicious.”

Source: FBI says its malware isn’t malware because ‘we’re the good guys’ | ZDNet