Thursday, October 09, 2008

Yahoo Software Engineer Accused of using Hacking Techniques in Terrorist Bomb Plots

In July, an Islamic terrorist group sent e-mail messages claiming responsibility for bombings in Indian cities before the acts took place. The messages were sent by hacking into unsecured wireless networks and one suspect in the case has been identified as software engineer, Mohammed Asghar Mansoor Peerbhoy, who is a Yahoo employee.

Peerbhoy allegedly made several work related trips to the U.S., while employed by Yahoo. It is alleged that he, along with two other Indian software engineers, were part of a media terror cell. One of the engineers has been identified as Atiq Iqbal and Mobin Kader Chaikh and Asif Basrudding Shaikh have been named as the techie connections in the case. One worked for an IT firm and the other was a qualified mechanical engineer. Fifteen people have been arrested in the case thus far.

One of the emails which the hackers sent can be viewed on

The Times of India alleged that Peerbhoy admitted in an interrogation to attending a hacking course, where two foreigners were present. This was an ethical hacking course designed for training internet security workers. Ethical hacking courses are offered all over the place and given that India is part of the global economy, the tie between foreigners and terrorist activity is questionable.

The Indian authorities are stating that the wireless networks were hacked using a fairly well-known technique often referred to as wardriving. Once they secured an unsecured network (pardon the pun), they programmed the e-mails to be sent shortly before the blasts, according to the authorities.

Wardriving is a pretty simple hacking method where someone drives around until they find an unsecured signal. Most wireless cards have the capability of sniffing out available networks. Once an unsecured network is found - getting on it normally only requires the click of a mouse. Teen age hackers are known to engage in this activity for fun. In most cases, any wireless network can be made "hacker proof" by simply password protecting by using the instructions you get when you buy the router. Wardriving has recently been made a felony in the United States.

This story illustrates that you don't have to be very sophisticated to commit crime or terrorism with a computer. Quite often, pretty simple techniques can equate to devastating results. Much more sophisticated do-it-yourself hacking kits, which sometimes come with technical support, are easily obtained on the Internet black market.

Saying that, the end result in this case is tragic.

India has suffered a rash of bombings in recent history. The specific terrorist group behind the incidents in question is known as the Indian Mujahideen, known locally as the IM. It is believed to be affiliated with another Indian terrorist group known as Student Islamic Group of India (SIMI). The Indian government suspects SIMI has been penetrated by Al Qaeda.

Initial arrests in this case were made when Indian authorities tracked down suspects in the case after discovering cell phone numbers the group used and investigating them.

Tuesday, October 07, 2008

How Using Pirated Software Turns People into Internet Crime Victims

The Business Software Alliance's October report called Online Software Scams: A Threat to Your Security reveals the dangers of buying or downloading pirated software. Sadly, pirated software doesn't always advertise that it is counterfeit and often appears to be the "real thing" to the untrained eye. This poses a clear and present danger to anyone shopping for software, whether it be on a e-commerce site, peer to peer (P2) site or at a more traditional shopping venue.

In the report's introduction it points to an actual example of how a misguided employee of the Wagner Resource Group of McLean Virginia used his office computer to download video and music files using Limewire and exposed the entire corporation to the dark side of the Internet. "In this case, the Wagner employee’s action set off a terrible chain reaction, opening up the firm’s computers to outsiders and exposing the names, dates of birth, and Social Security numbers of about 2,000 of the firm’s clients, including US Supreme Court Justice Stephen Breyer, according to the report.

Although many view downloading a video or music file as a victimless crime, the consequences can become personal when cyber criminals add a little malicious software (often referred to as crimeware) to the mix. Specifically, it can lead to identity (information) theft or turn a user's machine into a zombie, which is controlled remotely and used to commit other misdeeds on the Internet.

It is estimated that one-third of all software is counterfeit. In 2008, a study was conducted that revealed that if software piracy could be reduced by 10 percent in the United States it would generate 32,000 new jobs, 41 billion in economic growth and 7 billion in tax revenues.

A lot of pirated software is sold via downloads. When this occurs, the normal form of payment is a credit or debit card. This means that the person, who buys pirated software is providing this information to a criminal, who in turn might use it again or sell it to a third party. Like pirated software, credit/debit card information is sold on the Internet in underground chat rooms.

The report also covers another area, where Internet crime is known to flourish, or auction sites. In 2005, a study was done on software sold on eBay and roughly 50 percent of the items purchased had malicious/unwanted elements or had been tampered with.

While auction sites have worked with outside industries on preventing theft and abuse, they generally disclaim any responsibility for what occurs on their site. Additionally, there is little to no protection for the consumer buying these products (my opinion).

Because of this, the BSA is calling for auction sites to assume responsibility, step up the warning process on their sites and slow the process down by eliminating the "buy it now" process, which makes monitoring illegal sales nearly impossible.

The software industry isn't the only industry calling out issues with auction sites. In August, two bills were introduced to combat crime on auction sites, which were largely supported by the National Retail Federation. The sale of stolen or counterfeit goods in general has long been an issue on these sites. A good resource to learn about the danger of counterfeit goods in general is the International Anticounterfeting Coalition.

The BSA offers a lot of tips for consumers on how to avoid becoming a victim in their recently released report. It also offers a more visual means of learning by offering a video on the subject.

Suspected piracy can also be reported at or by calling 1-888-NO-PIRACY.

Sunday, October 05, 2008

TOM-Skype Communications - A Privacy Nightmare Come True

I've blogged frequently about the dangers of engaging in free trade with a not so free China. In the past couple of years -- we've seen an alarming amount of stories about dangerous and defective products, espionage, human rights violations, counterfeiting and privacy violations associated with the People's Republic.

The latest privacy violation was discovered by Nart Villeneuve from the University of Toronto's Citizen's Lab, who discovered that the Chinese were data-mining the communications of TOM-Skype users.

"Skype is software that allows users to make telephone calls over the Internet. Calls to other users of the service and to free-of-charge numbers are free, while calls to other landlines and mobile phones can be made for a fee. Additional features include instant messaging, file transfer and video conferencing," according to Wikipedia.

When Nart Villenueve forgot the password to his Chinese MySpace page and began looking at the Chinese version of Skype (TOM-Skype), he uncovered the massive privacy breach with TOM-Skype. His findings were that full chat messages (including those of Skype users communicating with TOM-Skype users) were being stored on servers in China. He also discovered that the data was being stored on insecure publicly-accessible webservers along with the encryption key needed to decrypt the information. The messages are tracked by keywords relating to what the Chinese would consider "sensitive political subjects." Analysis also revealed that information might be maintained by specific user names.

Also discovered was evidence of security problems at TOM Online, the Chinese company that owns TOM-Skype. Evidence was found that the servers have been compromised in the past and used to store pirated movies.It probably wouldn't be hard for a malicious attacker to access these stored communications, which include detailed user profiles.

Josh Silverman, the president of Skype, did a blog post discussing this subject. He was quick to point out that the only people being monitored were the parties using the TOM version of the software. Of course, this also includes anyone communicating with someone using the TOM version. He also claimed that Skype was unaware of this privacy breach until it was surfaced by the Citizen Lab.

Since September, Chinese Skype users have been directed to the TOM-Skype site to download the software. There has raised concerns that a trojan could be dropped on a user when downloading the Chinese version. A trojan is a form of malicious software, which can be used to steal all the information from a computer.

The full report from the Citizen Lab at the University of Toronto is an interesting read. While there is little doubt from this report that TOM-Skype is being used to track politically sensitive subjects, there are probably a lot of foreigners using TOM-Skype to communicate with loved ones while they work in China. This opens the door for personal information to be stolen and corporate espionage to take place.

Anyone using Skype to communicate with someone in China should be aware that they are being monitored and avoid revealing any personal or sensitive information.