Cyber Crimes Unit

A new scam has spread quickly across Facebook this weekend, pretending to be a link to a TV news report about an alleged Facebook killer.

Here’s a typical message that has been seen spreading between social networking users:

(BREAKING NEWS) Facebook-Killer
[LINK]
07-29-2011 – News гepoгts of a maп they are calling the ‘Facebook Killer’ have ƍone ramрant, he has claimed 9 lives in the United States so far that we ᴋnow

Other variants of the scam read:

(CNN) The Facebook-Killer
[LINK]
‎07-29-2011 – News reporтs of a man tһey are calling tһe ‘Facebook Killer’ have ɡone rampant, he hаs claimed 9 lives in tһe Uniтed Sтaтes so far thαt we know ..

Clicking on one of the links will take you, not to a genuine TV news report from the likes of CNN, but to a fake YouTube webpage instead, where you are tricked into sharing the link further with your online friends.

For those who haven’t learned the scammers’ trick yet, “Jaa” is Finnish for “Share”. If you click the button, you’re sharing the link with your friends *before* you have even seen the supposed video.

What’s particularly interesting to me though is that the webpage appears to have attempted to work out where I am in the world, in an attempt to make the video more interesting to me. Through GEO-IP lookup techniques it has attempted to work out where in the world I am – and so is presenting (in my case) a video which claims the serial killer is in the British city of Salisbury.

Furthermore, if you look down the page you’ll see supposed comments left by other viewers of the video including one which says:

This is UNREAL! I live in Salisbury

Again, however, this is a trick by the scammers. If you look at the webpage’s code you will see that it substitutes the name of the city into the comments as well.

But imagine that you came to this page without your skeptical hat on. What would happen if you did click twice to “prove” that you were over 13 years old, and share the link with your friends?

Well, you would be taken to what is commonly termed as a survey scam. These are surveys, or competitions, which trick you into handing over your personal information and either earn the scammers commission or require you to sign-up for an expensive premium rate service.

Don’t be tricked into clicking on such links and sharing them with your online friends – you’re only making life more profitable for scammers who earn a crust from creating new spam campaigns on social networks.

If you got hit by this scam, make sure you have removed the entries from your news feed (to stop them being shared amongst your friends), marking them as spam if you like, and check your profile does not have any unwanted “Likes” under your “Likes and interests”.

If you use Facebook and want to get an early warning about the latest attacks, I strongly recommend you join the Sophos Facebook page where we have a thriving community of over 100,000 people.

Follow @gcluley

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/NUoN1V8CPYs/

British police have tonight named the teenager they arrested in Shetland last week, in relation to the LulzSec and Anonymous hacking groups.

Jake Davis, 18, will appear in court on Monday charged with five offences including unauthorised computer access and conspiracy to carry out a DDoS (distributed denial-of-service) attack against the SOCA website.

(SOCA is the UK’s Serious Organised Crime Agency – the very group that investigates serious cybercrime in Great Britain. You can just imagine how they must have felt when cybercriminals launched an attack against their website which made it inaccessible).

Here is the full list of the charges against Jake Davis:

• Unauthorised access to a computer system, contrary to Section 3 of the Computer Misuse Act 1990;

• Encouraging / assisting offences, contrary to S46 of the Serious Crime Act 2007;

• Conspiracy with others to carry out a Distributed Denial of Service Attack on the website of the Serious and Organised Crime Agency contrary to S1 Criminal Law Act 1977

• Conspiracy to commit offences of section 3 Computer Misuse Act 1990, contrary to S1 Criminal Law Act 1977

• Conspiracy between the defendant and others to commit offences of section 3 Computer Misuse Act 1990 contrary to S1 Criminal Law Act 1977.

Davis, reportedly an avid online chess player, was arrested on Yell, one of the northern isles of Shetland. Frankly, it’s hard to imagine a more remote place in the British Isles to be.

Although there have been plenty of internet rumours speculating that the police might have been tricked by the hackers into arresting the wrong person, the authorities have been confident since Davis’s arrest that he was the one they believed to be “Topiary”.

A few days before Davis’s arrest, Topiary’s Twitter account was strangely wiped and replaced with a single message:

“You cannot arrest an idea”

Both Topiary and LulzSec’s Twitter accounts have remained silent since Davis’s arrest.

We will publish more information as it becomes available, or follow me on Twitter for updates.

Follow @gcluley

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/e95BBi-2Nsk/

The word Trojan has many meanings, and when it is used without qualification in headlines, it’s hard to know which one is meant.

An olden-day Trojan was an inhabitant of the ancient city of Troy, near modern Çanakkale in Turkey, on the Anatolian side of the Dardanelles.

The word is also short for Trojan horse. Once, this meant the dissembling wooden gift which tricked those same Trojans into defeat in Virgil’s epic Latin poem The Aeneid; today, it refers to the sort of dodgy software which tricks you into giving up control of your PC.

In Australia, if you want to renovate your house, you’ll need power tools, and they might be Trojans; in the USA, if you get lucky, you’ll need a condom, and you might roll out a different sort of Trojan.

(Since the ancient Trojans are best remembered for puncturing a hole in their own defences – to admit the aforementioned wooden horse – thus allowing the enemy to spill into their city and destroy it, I’ve never quite understood the metaphor in branding condoms as ‘Trojans’. Perhaps that’s why I’m not in marketing.)

But there’s another sort of Trojan, namely an asteroid or small satellite which shares its orbit with a planet or larger satellite.

This sort of Trojan makes fascinating study, because it involves dealing with the interaction of three celestial objects. The so-called three-body problem is a special case of the n-body problem, first expounded by Sir Isaac Newton in his 1687 book known as Principia, in which he also introduced the Law of Universal Gravitation.

Obviously, the zero-body and one-body problems are trivial and uninteresting. And it turns out that the mathematics for the two-body problem – for example, working with the sun and the earth, or the earth and the moon – is fairly straightforward. Sir Isaac sorted things out for n=2 back in the 17th century.

It seems obvious that the mathematics ought quickly to get hairy as n increases. When n=20, for example, you’d expect a jolly spicy set of equations. But it might be a surprise to learn that things get almost insurpassably tough right at once. As Wikipedia rather drily remarks, “for n ≥ 3 very little is known about the n-body problem.”

What we do know, thanks to the brilliant 18th century mathematician Joseph-Louis Lagrange, is that there are “five positions in an orbital configuration where a small object affected only by gravity can theoretically be stationary relative to two larger objects”.

To this day, they are called Lagrange points, denoted by L1 to L5.

And that’s where our brand-new Trojan comes in.

Discovered in October 2010, this celestial body has now been confirmed as the very first astronomical Trojan known to orbit along with Earth.

The Trojan loops, well, quite loopily, around L4, which itself loops around the sun, 60 degrees ahead of our Earth-bound trajectory.

The Trojan, which is estimated to be about 300m across, therefore precedes us round the sun. Fortunately, it maintains a reliable, healthy and, most importantly, consistent distance from our planet.

That’s what makes it harmless: it’s locked into orbit with us, rather than on any sort of collision course. At least for now.

And it’s important because Earth Trojans – of which there may be many – are hard to find. Trojans of Mars, Jupiter and Neptune are known; so are Trojans of Saturn’s moons. But Earth Trojans circle mostly in our daylight sky, making them really tricky to spot.

But where, I’m sure you are now dying to ask, is the link to computer security, and to computer Trojans?

Here you go.

Astronomers, like malware researchers, deal with huge numbers of new discoveries. Naming something if it’s one of the very first examples of its type is one thing. Reliably naming objects by the million is quite another.

For this reason, malware researchers have shifted from catchy names like Jerusalem, Tremor and Grand Old Duke of York (don’t ask – that one’s a story in its own right) to taxonomic dullnesses such as Troj/FakeAV-DB and Mal/ObfJS-E.

Catchy names now appear only occasionally for really well-known viruses, such as Conficker and Stuxnet.

Astronomers, unsurprisingly, have a similar approach, so I’m sorry to have to tell you that this super-cool, first-of-its-kind, Earth Trojan is unmajestically known simply as 2010 TK7.

If you’ve got a cooler name, please leave a comment and let us know. We’ll pass your suggestions on to the astronomical powers-that-be.

And be sure to check out the animations which yielded the above 2010 TK7 diagram.

Follow @duckblog

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/CFl04vz7G1E/