Darknet - The Darkside

Don`t Learn to HACK - Hack to LEARN. That`s our motto and we stick to it, we are all about Ethical Hacking, Penetration Testing & Computer Security. We share and comment on interesting infosec related news, tools and more. Follow us on Twitter, Facebook or RSS for the latest updates.

23 February 2006 | 6,581 views

Advertisers may face public humiliation over adware

Prevent Network Security Leaks with Acunetix

Companies could find themselves put up for public humiliation by the U.S. Federal Trade Commission if they continue to advertise through insidious ad-serving software.

Such a move might help in the battle against adware, FTC Commissioner Jon Leibowitz said Thursday at an event here hosted by the Anti-Spyware Coalition. Adware is software that displays pop-up ads on PCs, often after Internet searches.

Anti-spyware software is a requirement just like Anti-virus software. Common vulnerabilities in browsers make it very easy for malicious software to infect your machine through Internet Explorer for example.

“I think that could have a beneficial effect,” Leibowitz said in an interview. “In this context, maybe shaming a company on how they are spending money might inure to the benefit of consumer’s privacy.”

Viruses, spyware, trojans and adware are big problems now with solutions for all of them (firewalls and intrusion detection help massively of course).

The FTC would publicly announce and publish the name of a company that advertises using adware that installs itself surreptitiously on consumer PCs or using spyware, Leibowitz said. He would recommend publicly shaming advertisers to the other FTC commissioners if the adware problem doesn’t decrease, he said.

Source: News.com



22 February 2006 | 4,156 views

who is backbone?

This is just an introductory article about myself, nothing interesting (for the most of you) will be revealed in this article, I re-edited it because it had to meet the EU standards (you know Romania will be part of it on 1st of January 2007).

A long time ago…

…I was a big game addict, computers had no sense to me without games, this was the only use I had for them (apart from listening to music and watching movies), till the internet came into my life. I started playing on the internet as many of you I think did, chating on IRC.
The first time I got into hacking was when I first downloaded WarMaster, a quite 31337 mIRC script with many trojans included.

And then I opened my eyes…

…and realized that I couldn’t do anything, was just another lam3r showing off on IRC. At that point I started to make my own mIRC scripts, still think that metalfish was a big success, towards my scripting knowlege that is. But it was not enough…
I started to read many tutorials, white papers and so on but really couldn’t understand a big part of them so I’ve changed my orientation towards webdevelopment, this way have learned JavaScript & PHP which later become useful towards XSS.

Darknet, again?

Being in the mailinglist of darknet for quite a long beriod I was really happy to see it again on-line and up to date, so I joined it to share my knowledge, hopefully someone will apreciate this… and here I am.

In my articles…

I’m going to talk about viruses, web technologies, win related articles and so on… and why not some IRC stuff to, just to get you started, and teach you a couple of things I know, thill then make the final step and join the dark side of the internet.


22 February 2006 | 5,120 views

Phishing Sites Getting More Advanced with SSL

Phishing is a difficult enough form of fraud to avoid for most computer users, but when some of the biggest names in the financial industry fail to do their part to detect and eliminate these online scams, consumers often are placed in an untenable situation.

Case in point: A source recently forwarded a link to one of the “best” phishing attacks I’ve ever seen. This one — targeting the tiny Mountain America credit union in Salt Lake City, Utah — arrives in an HTML-based e-mail telling recipients that their Mountain America credit union card was automatically enrolled in the Verified by Visa program, a legitimate security program offered by Visa that is supposed to provide “reassurance that only you can use your Visa card online.”

The fake MountainAmerica.net Web site

The e-mail includes the first five digits of the “enrolled card,” but those five digits are found on all Mountain America bank cards, so that portion of the scam is likely to be highly convincing for some recipients. The message directs readers to click on a link and activate their new Verified by Visa membership.

Beware, make sure your non tech-savvy friends & relatives are aware of how tricky these scammers are getting.

Someone YOU know could be falling for this soon.

Sources: SlashdotWashington Post


22 February 2006 | 5,369 views

Jan 2006 Virus and Spam Statistics

January at a glance: Vicious and Varied
The numbers are indeed concerning: 19 new email-born significant virus attacks, of which a troubling 8 (42%) were graded “low intensity”, 7 (37%) “Medium Intensity” and 4 (21%) were massive attacks & a rare phenomenon for a single month.

One outbreak of specific interest, consisting of 7 variants, illustrates how viruses are growing in sophistication: the first variant was launched around December 25th as a low intensity virus, however with subsequently released variants the attack’s intensity grew into a massive outbreak towards the end of the month.

The biggest virus attacks are the quickest & fast-moving solutions required
One of the factors measured by Commtouch is the speed of distribution. We consider attacks that peak within eight hours to have “short spans”, since it takes an average of 8-10 hours for a traditional anti-virus vendor to release an updated signature blocking a new virus.

Computer virus statistics from the Commtouch Detection Center indicate that 40% of attacks during January met this profile. Also, there is a clear connection between the attack’s speed and its intensity & the faster attacks are the biggest ones: while the average distribution time of low intensity attacks is a ‘leisurely’ 27 hours and medium-intensity attacks can take 17 hours, massive attacks take as little as 5.5 hours to spread in hundreds of millions of emails.

“The conclusion is clear” adds Lev. “Without a reliable solution for early hour protection that complements the old fashion anti-virus solutions, users are unprotected from the most massive attacks.”

Anti-virus engine statistics & is your AV up for the challenge?
Based in part on a reliable third party lab test, Commtouch was able to compare detection times of 21 leading AV engines against 19 new viruses in January. The results:

- On average, each AV completely missed 6.2 viruses (the attack was completed, and a signature was not yet available).
- The average response time to new viruses among all AV engines was 8.12 hours.

“The data should be of great concern to AV vendors and IT managers alike,” said Lev. “An eight hour response spells a simple truth & a traditional AV solution does not stand a chance against massive attacks that end before a signature is even released.”

Spam is physically sent primarily from the US
The Commtouch Detection Center monitors spam distribution patterns on a global level. January spam statistics show that 43.18% of global spam is sent from US-based sources (down from approximately 50%). China is also a significant ‘launching pad’ for 12.89% of the spam. Korean and German sources distribute about 4% of global spam, and the rest of spam originates from around the globe.

Source: Commtouch


21 February 2006 | 4,177 views

Google has no license for China service

Internet search giant Google Inc.’s controversial expansion into China now faces possible trouble with regulators after a Beijing newspaper said its new Chinese-language platform does not have a license.

The Beijing News reported on Tuesday that Google.cn, the company’s recently launched service that accommodates the China’s censorship demands, “has not obtained the ICP (Internet content provider) license needed to operate Internet content services in China.”

The Ministry of Information Industry, which regulates China’s Internet, was “concerned” and investigating the problem, the paper said.

Google has weathered criticism from United States lawmakers, international free speech advocates and Chinese dissidents for abiding by Chinese censors’ demands that searches on its new Chinese service block links about sensitive topics, such as Tibet and the 1989 anti-government protests in Tiananmen Square.

A spokesperson for Google told the paper that it shared an ICP license with another, local company, Ganji.com & a practice followed by many international companies in China, including Yahoo Inc. and eBay Inc..

Source: ABC News


21 February 2006 | 4,122 views

Antitrust case against Apple approved

Back in September, we posted about Thomas Slattery, an unhappy iTunes user who filed a class action lawsuit against Apple alledging that Apple has a monopoly over the digital music and digital music player market with iTMS and iPods. Back then, the judge dismissed a number of items in Apple’s favor, but didn’t dismiss the whole case. Well it appears as if the case has been approved to go forward, as Mr. Slattery has apparently “met all requirements” for such a lawsuit.

Judge Ware has given Slattery the go-ahead to proceed with his monopolization claim under the federal Sherman Antitrust Act, according to eHomeUpgrade. Slattery claimed that Apple’s system freezes out competitors, and while one antitrust expert called it a long shot, another antitrust law professor said that the key to such a lawsuit would be convincing a court that a single product brand like iTunes is a market in itself separate from the rest of the online music market.

Is the iTMS and the iPod an entire separate market, in and of itself? While I don’t personally think so (iTMS may hold a large majority of the marketshare for digital music, but I still consider there to be some competition), I can see how a lawyer for the aforementioned Mr. Slattery may try to argue such a thing but they would have to argue that Apple has been so overwhelmingly successful in the digital music market as a whole that they have completely taken it over and created their own market, separate from the likes of Napster or Creative music players, in which no one else can enter but themselves.

The fact that the suit got approved to go forward is a little scary, however. We have to wonder: what, pray tell, might the outcome be and how might it affect Apple’s loyal user base?

Source: Arstechnica


21 February 2006 | 5,485 views

Severe Security Hole in Apple Mac Safari Web Browser

As the German IT portal heise online conveys, a new security hole in the Safari webbrowser for Apple’s Mac OS X has been discovered. This security hole is rather severe, as it invokes the execution of shell scripts under certain circumstances.

Once again the Safari option “open safe” files automatically after download bears the blame. If this facility runs across a shell script that is missing the so-called Shebang-row, the system won’t ask the user whether to execute the file automatically anymore – it’ll just execute it anyways. Unfortunately you can simply rename a shellscript without a Shebang-row to known-good filetype extensions like JPG or PNG and put that renamed script into a ZIP file – zipping as well an administrative file that’ll connect that file with the shell. A target Mac then “knows” automatically how to open that file if it receives that ZIP – it’ll take it as totally normal to execute the “jpg file” with the shell.

To circumvent this issue immediately, you can exercise two countermeasures – the first one is to disable that unsafe option in Safari, the second one is to move the terminal to another place, as the connection between shellscript and terminal has a hardcoded file path to the terminal. Additionally, you should never ever work with administrator privileges – as one should be used to with windoze, this rule of thumb has the same virtues on a Mac as well

Source: 4null4.de

A rare exploit for Mac eh, it is possible to exploit, it’s not just a theory, you can find a proof of concept here:

http://www.mathematik.uni-ulm.de/numerik/staff/lehn/macosx.html

With a Babelfish Translation.


20 February 2006 | 16,708 views

Google’s Defense of Privacy – Tells Feds to BACK OFF

Google has offered multiple reasons why it shouldn’t have to comply with a Justice Department subpoena. One is privacy. An excerpt:

If Google is forced to compromise its privacy principles and produce to the Government on such a flimsy request, its search query and URL data, Google will, without a doubt, suffer a loss of trust among users. Google’s success can be attributed in large part to the high volume of Web users attracted to Google.com every day. The privacy and anonymity of the service are major factors in the attraction of users–that is, users trust Google to do right by their personal information and to provide them with the best search results. If users believe that the text of their search queries into Google’s search engine may become public knowledge, it only logically follows that they will be less likely to use the service.

The Justice Department subpoena normally would have been a routine matter, and America Online, Microsoft and Yahoo voluntarily complied with similar requests. But Google’s resistance sparked a furor over privacy, with Sen. Patrick Leahy, a Vermont Democrat, asking the Justice Department for details, and a bill appearing in the House of Representatives that would require Web sites to delete information about visitors.

Google lashed out at the U.S. Justice Department on Friday, saying that a high-profile request for a list of a week’s worth of search terms must not be granted because it would disclose trade secrets and violate the privacy rights of its users.

In a strongly worded legal brief filed with a federal judge in San Jose, Calif., the search company accused prosecutors of a “cavalier attitude,” saying they were “uninformed” about how search engines work and the importance of protecting Google’s confidential information from disclosure.

This response came after the Justice Department last month asked a judge to force Google to hand over a random sample of 1 million Web pages from its index, along with copies of a week’s worth of search terms to aid in the Bush administration’s defense of an Internet pornography law. That information is supposed to be used to highlight flaws in Web filtering technology during a trial this fall.

Source: Cnet


20 February 2006 | 175,829 views

Browse Anonymously at Work or School – Bypass Firewall & Proxy

AnonymousInet has relaunched! A nice clean FREE web based proxy service.

AnonymousInet

http://www.anonymousinet.com/

Works great for me, it’s fast and free!

It also encodes the URL so stupid simple content filters wont stop it.


19 February 2006 | 7,706 views

Spanish ‘Super’ Hacker Jailed for 2 Years over DoS attack

A Spanish hacker who launched a denial of service attack that hobbled the net connections of an estimated three million users has been jailed for two years and fined 1.4m. Santiago Garrido, 26, (AKA Ronnie and Mike25) launched the attack using a computer worm in retaliation for been banned from the popular “Hispano” IRC chat room for breaking its rules.

The resulting surge in malicious traffic disrupted an estimated three million users of Wanadoo, ONO, Lleida Net and other ISPs, or approximately a third of Spain’s net users, at the time of the 2003 attack.

Source: The Register

Graham Cluely of Sophos states:

This type of activity causes serious damage and disruption, and any hackers engaged in such behaviour must be punished accordingly. The Spanish Civil Guard should be congratulated for seeing this case through to its conclusion

Sophos believes that more than 60 per cent of all spam today originates from zombie computers, which can be used by criminal hackers to launch distributed denial-of-service attacks, spread unwanted email messages or to steal confidential information