Last weekend, several hundred Lithuanian Web sites were defaced with pro-Soviet and anti-Lithuanian slogans, according to The New York Times.
Last Friday, Lithuanian government sites were warned of an impending Web attack and mounted appropriate defenses. Several hundred commercial sites did not do so and over the weekend took the brunt of the attack. By Monday, most all of the sites had been restored.
As with last year's Estonian denial-of-service attacks, the new attacks appear to be in reaction to a law outlawing the display of Soviet symbols in Lithuania. Germany has similar laws outlawing the display of Nazi symbols.
Early evidence suggests a group of criminal hackers may have organized the attacks. The IPs used in the attacks appear to be from a variety of nations, but Reston, Va.-based iDefense told the Washington Post that one site, hack-war.ru, appeared to have organized the protest.
Over at our sister site ZDNet, Dancho Danchev examines whether the defacements could escalate into denial-of-service attacks, and concludes they might.
Meanwhile, in his blog, Brian Krebs speculates on nations or nationalistic parties within nations mounting or defending themselves against cyberattacks such as these in the future.
Building on the Trojan released last week, a group of hackers appear to be targeting the Mac OS X platform with more variations.
Last Thursday, Mac antivirus vendors Intego and SecureMac reported a serious vulnerability within the Apple Remote Desktop Agent (ARDAgent). It is part of the remote-management component of Mac OS X 10.4 and 10.5 and is owned by root. Thus, the ARDAgent executable runs this malicious code as root without requiring a password.
The Washington Post's Brian Krebs reported on Monday the presence of a hacker forum devoted to the development of Trojans around this vulnerability. The particular user forum at MacShadows.com has since been removed. Krebs nonetheless managed to obtain screenshots from the forum before it was erased, and also a copy of the Mac Trojan template.
Buried within the template was an e-mail from one of the Trojan's authors, "Andrew."
"Apple tells us that OS X is safe and secure and fails to actually confirm that it is so on their own. We are left to experiment and test our own security and too often we discover that we aren't actually as secure as we were led to believe," Andrew said in an e-mail to the Post.
Despite their existence, there is no evidence these Trojans are circulating widely on the Internet.
Apple's policy remains not to talk about security vulnerabilities and therefore the company has not commented on the ARDAgent issue.
Would you hire a former criminal hacker? Better question: would you elect a former criminal hacker to political office?
(Credit:
U.S. Postal Service Photo)
Credit goes to Brian Krebs over at the Washington Post's Security Fix blog for recognizing that Dmitri Ivanovich Golubov, a 24-year-old from Odessa, has started the "Internet Party of Ukraine." Golubov, whose hacker nickname is "Script," was arrested and even jailed in 2005 in connection with Carderplanet.com, a site that bought and traded credit and debit card credentials. After only six months in prision, Ukrainian politicians convinced a judge to set Golubov free.
What's really interesting, as Krebs points out, is that should Golubov gain a seat in the Ukrainian government, that position would grant him automatic immunity from prosecution for criminal activities under Ukrainian law.
- prev
- 1
- next
