Gmail Displays Suspicious Message Warnings From Hacked Accounts

Back in 2008, had introduced a new feature which allowed you to track suspicious access to your account. This feature was gradually made more prominent in 2010 through Google Suspicious Login Protection. Google has in fact taken this protection further with the introduction of two-step login verification thanks to Gmail accounts in China being hacked and several other security measures they have put in place.

However, your Gmail account can get hacked nevertheless (Read: How to find if your Gmail account is hacked and what to do) and there is nothing you can do about it. But what if your friends email account gets hacked and you receive a desperate email from them asking for cash or some help?

Well, this is not unusual and there are several times when you might receive emails from your contacts which come from a legitimate email address asking you for financial help. These messages "might" be genuine but many a times these are nothing but online scams. Thankfully, you can avoid such scams if your friend is using a Gmail or Google Apps related email address. How? Well, thanks to several security measures, Gmail now display a suspicious email warning if they believe that the account has been hijacked.


Take for example an email from my friend who is on my contact list. The above screenshot displays a warning saying that the message might be suspicious (and it is indeed because my friends account was compromised). This is definitely a good feature because it will allow users to instantly know that something is wrong. Based on this message (and the content of the email), I alerted my friend and he confirmed that his account was compromised.

I am not sure if Gmail does this for emails from non-Gmail accounts, but it is definitely helpful when a email service is intelligent enough to know when an account has been hijacked. This information might be collected using several security measures, one of them might be the suspicious account login feature Gmail has. However, it might not just be limited to it.

WARNING: Fotos_Osama_Bin_Laden.exe Email Attachment Is A Banking Trojan

As if the various Osama Bin Laden video scams on were not enough, a new malware is being spread through emails now. If you receive any emails with an attachment named or something similar, DO NOT OPEN IT.

Banking Trojan

According to F-Secure Labs, an email is doing the rounds of the internet with an attachment named, this could be named differently too as The file contains an executable named Fotos_Osama_Bin_Laden.exe.

The executable does not contain any photos of Osama Bin Laden but is infected with the Trojan-Downloader:W32/Banload.BKHJ, which is a banking Trojan. It installs on the system and will start to monitor your online banking sessions via a Browse Helper Object (BHO) and try to redirect your payments to wrong accounts.

If you have downloaded or clicked on the attachment run an free online scanner or a anti-malware after disabling access to the internet. You might also want to run scans using your Antivirus. If you don’t have one, head over to our Free Antivirus section to find one.

The new Trojan is playing on human curiosity generated by the death of Osama Bin Laden. There are actually no leaked photos or videos of the event. As an advice, please don’t click on any links which tell you that you can watch a censored video or pictures of Osama Bin Laden’s death.

You will not be able to watch any videos or pictures unless the US government releases them. So hold your horses until then and don’t spread the virus of become affected by it. Reporting Intrusion And Theft of User Data

The extremely popular broadband Internet service review site,, is advising of a data breach and theft of user credentials and e-mail addresses. Forum members received an e-mail advising them of an attack that occurred on Wednesday during the hours of 2:00 PM and 6:00 PM, wherein “a large botnet” of compromised machines performed an SQL injection attack and retrieved random membership details from a large number of accounts stored in their database which held accounts as old as 10 years.

There is an ongoing discussion in the forums where Justin Beech, founder of DSL Reports, advises that although compromised accounts have had their passwords reset, the attackers may be using the stolen credentials to gain access to other services such as PayPal or Amazon as many users frequently set the same password for online logins. While warning e-mails were sent out to users roughly 6 hours after the attack started, Justin advises that measures were taken to stop the breach before attackers reached 8% of their goal.

Many posters are outraged by the lax security involving the storage of plain-text passwords and lack of mechanisms to mitigate against widely known attacks, like SQL injection on live web applications. Other posters are commending Justin on his open style of reporting the breach and talking one-on-one with members in an effort to show his dedication to resolving the issue.

All users with accounts of should be changing their passwords for the forums as well as any others that may be tied to their membership e-mail address.

Speculation: NSA Building Exaflop Supercomputer?

The United States Government’s National Security Agency (aka the where-privacy-goes-to-die agency) is apparently building a new supercomputer called the for its High Performance Computing Centre. The supercomputer will cost about $895.6 million, as revealed by unclassified documents. The supercomputer is to be built at the headquarters of the agency in Fort Meade, Md. and is slated for completion by 2015.


The NSA is a surveillance organization (to use a nonspecific and broad generalization) that has been operating since 1952 and is responsible for the decryption of foreign intelligence and the safeguarding and encryption of USA’s domestic signals. The agency has a history of using supercomputers, starting with the purchase and use of one of the first Cray supercomputers (The Cray X-MP/24) which is now decommissioned and is on display at the National Cryptologic Museum.

While exactly how large this computer that the NSA is building is unknown, it is very likely that the computer will be able to perform at 1 exaFLOP. A FLOP, or FLoating point OPerations per Second is a measure of how fast a computer is. It is basically the number of floating point calculations performed in unit time by the computer. A simple hand-held calculator is about 10 FLOPS on an average to show instantaneous results.

An exaFLOP is 10 followed by 18 zeroes (10^18)

In comparison, the combined computing power of the top 500 supercomputers in the world is about 32.4 petaFLOPS (32.4 x 10^15). That is, the new supercomputer being constructed by the NSA is about 31 times faster than the top 500 supercomputers in the world taken together.

However, all this is still speculation, garnered by the power requirements for the new computer about 60 megaWatts. The calculation is based on the Sequoia BlueGene/Q IBM supercomputer that is also under production that needs performs around 20 petaFLOPS and needs 6 megaWatts of power.

Of course, the NSA needs more computing power to sift through all the emails, phone calls and messages we send each day, right?

Windows Phone 7, Android, Chrome, and Firefox Survive Pwn2Own

Earlier in the week, we reported that Internet Explorer (running on Windows 7) and Safari (running on Snow Leopard) had been hacked almost instantaneously on the first day of pwn2own, an annual hackfest. Google’s Chrome browser made it through as the sole participant who had registered to take a crack at Chrome failed to turn up.

pwn2ownThe following days of the competition witnessed Firefox web browser, and Android and Windows Phone 7 mobile operating systems survive pwn2own 2011 in a similar manner as contestants either failed to turn up or withdrew.

On the other hand, Apple’s poor show in the competition continued with the legendary Charlie Miller succeeding in bypassing iPhone’s defense by exploiting a bug present in Mobile Safari.

RIM’s Blackberry OS, which was tested next, also fell quite easily. Once again, a flaw in its Webkit based browser was the culprit. The team made up of Vincenzo Iozzo, Willem Pinckaers, and Ralf Philipp Weinmann targeted the browser as unlike RIM’s operating system, WebKit is well documented and well known.

Meanwhile, after examining the vulnerabilities exploited by Stephen Fewer to hack Internet Explorer 8, Microsoft has stated that they have already fixed the concerned vulnerability in Internet Explorer 9. It didn’t however explain why older versions of internet explorer were yet to be patched, and when, if at all, they will be patched. All the exploits used in the competition are properties of TippingPoint ZDI, which passes them on to the concerned vendors, and provides them six months to fix the issue.

Avast 6 Beta Released, Introduces AutoSandbox and WebRep

Although I normally recommend Avira Antivir and Microsoft Security Essentials to anyone looking for a free antivirus, Avast is another option worth considering. In fact, it is one of the most popular free antivirus utilities available in the market, and with good reason. Avast performed quite well in all of Av-comparative’s on-demand and performance tests carried out over the past year.

A couple of days back, Avast Software released the first beta of Avast 6. The biggest draws of the new version are:

  • AutoSandbox: Avast Pro already features a sandboxing option that enables users to surf the web and run applications in an isolated environment that can’t affect the rest of the system. In the new version, Avast has gone a step further and added auto-sandboxing, which can automatically run suspicious programs in a sandbox.
  • WebRep: WebRep’ is a browser toolbar, which is largely similar to WOT (Web of Trust). It is plugin for Internet Explorer and Firefox that displays the reputation score of the website you are currently browsing based on the feedback collected from the community as well as the expertise of Avast’s researchers.

Avast 6 also adds a SafeZone’ to the premium version, which offers a special virtualized area for sensitive transactions. Script Shield’ and Site Blocking’, which were previously available only in the Pro version, are now included even in Avast Free.


Head over to the forums to download the beta version. However, don’t forget to uninstall any previous version or other antivirus products before installing it. Also keep in mind that unexpected stability and performance issues might be present, since this is the first public beta build.

via DownloadSquad

Do You Want Big Brother Spying on You?

Back in 2006, the   U.S. Attorney General, Alberto Gonzales, under the Bush Administration, called for new rules that would require ISPs and cell phone companies to collect more data (spy) on all of their users. It’s called Mandatory Data Retention. At the time, there was enough opposition to this idea that it never got far.

Recently, the  House Judiciary Subcommittee on Crime, Terrorism and Homeland Security held a hearing to promote this controversial idea once more. Several members of congress have already proposed legislation on data retention, and support for it is coming from both Democrats and Republicans. The Obama administration’s Department of Justice is also expected to support forced data retention.

Currently, ISPs and phone services already keep transaction records for 90 days, in accordance with the 1996 Electronic Communication Transactional Records Act. After 90 days, the records are deleted, and some law enforcement agencies would like to see these records kept much longer.

Big-Brother-is-Watching-YouSince it’s obvious to many that this is another case of Big Brother is watching, how can these politicians justify their call for more intrusion into business’s and customer’s internet and phone traffic?

Most of this call to action is the result of law enforcement and defense agencies wanting longer retention periods, and politicians that want to look like they are tough on internet crime, such as child pornography. However, privacy advocates such as the Electronic Frontier Foundation (EFF) and the Center for Democracy & Technology (CDT), see it as having bad unintended consequences for user privacy, First Amendment anonymous speech, and ballooning costs for retaining the information.

In my opinion, new laws requiring data retention are going to cause more problems than they solve.

Law enforcement agencies can already ask internet and telecom providers to collect extensive information on suspects. Collecting more data will help law enforcement and Homeland Security catch criminals and terrorists, but these new laws will treat all of us like suspects.

The collected information will seriously clamp down on anonymous speech and whistle blowing. Do you trust the government to stop itself from trying to track down sources of leaked information or people who voice strong anti-government or opposition party speech?

Government and law enforcement won’t be the only ones able to access this data. How many websites are hacked every day? How many government agencies have data stolen from them? We’ve already seen what’s happened with WikiLeaks and government employees who get fooled into giving out information.

It will also make simple visits to legal sites more ominous. Would you want everyone to know you’d visited a site about STDs, mental health, bankruptcy, adult entertainment, or any other normally private topic.

Civil courts will be able to get access to this information. It could be used in divorce cases, to prove infidelity. It could be used in law suits to prove prior knowledge or associations.

The internet and telecom providers can handle the additional open-ended costs of mandatory data retention, since those costs will be transferred to the consumers. It will be the same as a new hidden tax. Smaller businesses, and start-ups may not be able to bear the added costs, thus reducing innovation, and killing competition with the big internet companies.

In summary, new data retention laws would be good for big government, law enforcement and big business. They would be bad for the average joe consumer, free speech and free association. If you don’t agree (or you hate freedom), you have the freedom to comment below.

How Safe is Gmail, Twitter and Facebook? Is HTTPS Safe? We Show You How It Isn’t

Hey, isn’t HTTPS the most safe and secure way to access a website? Not exactly, here is where we show how people can use a simple method to crack , and .


So you think you can’t be hacked? Well, think again, you can be hacked using a simple image and JavaScript on a secure HTTPS. Before I go ahead on this, watch a video below created by our author Amit Banerjee which shows you how vulnerable you are on the Internet.

As you can see from the above video, it is very easy for anyone to know when you are logged into Gmail, Twitter and Facebook without having to place any suspicious code on your PC. All you need to do is visit a website to check whether or not you are logged in on these sites. Your information can be tracked, no matter whether it uses HTTPS or not and whether you visit the website or not.

This is basically very scary because this is a cross-platform hack and is done through a image which is hosted by these services. Though, I do know that on how this is done, I don’t have any solutions to negate this problem right now,  but I am really trying to figure out one. Till then there is nothing you can do about it. Fun right?

I have reached out to Gmail, Facebook and Twitter about this and am awaiting a response. Will update this post once I get one. Till then, you are not safe on the internet.

The hack basically uses the HTTP status code to find out whether you are logged in or not into these services. Since these images are hosted on Gmail, Twitter and Facebook a user basically has to log in to view them, so it becomes easy to figure out when you are logged in or not. If you are curious to see this in action, visit this page.

For more information, check out Hack A Day on how HTTP Status codes can be abused.

(Video and most of the reporting done by Amit Banerjee)

Anonymous Calls for a Global Protest on Jan 15

With the recent spate of attacks on Wikileaks (and as a side effect, the anon culture of 4chan and Usenet) anonymous freedom groupAnonymous has decided to ante up the pressure on traditional global media. Anonymous is urging faceless internet users to move into the real world and protest against the censorship of news and Wikileaks.


While the common internet user will not know the implications of hindering net neutrality, free speech, freedom of the press and freedom of assembly the very things that Governments are vouching to quell and prohibit on the internet protests such as these will be an eye opener for many such users.


With banners stretching across The Pirate Bay and other free speech and pro-piracy websites as well as 4chan’s notorious /b/ board, it is safe to assume that January 15th will be quite the red-letter day in the history of the free society movement. Actively denouncing aggressive copyright policies and standing up for ideas rather than authorship, the protest aims to be so large that the traditional media will have to cover this activism. Anonymous calls people all over the world to peacefully protest on the streets of their city for these ideals.

One can see and join events all over the world (or create one of their own) at

Mozilla Slips Up, Publishes User IDs and Encrypted Passwords

Mozilla-Password-Breach Close on the heels of the Gawker Media security breach, Mozilla has disclosed that it had accidentally published a partial database of user account information. As many as 44,000 user ids and password hashes were left publicly accessible.

The affected accounts were inactive ones, which were using md5-based password hashes. MD5 is a weak encryption technique that is crackable. Security firm Sophos explained:

MD5 has cryptographic weaknesses that permit creation of the same hash from multiple strings. This permits security experts to compute all the possible hashes and determine either your password or another string that will work even if it is not your password.

Active accounts on Mozilla’s add-on repository use SHA-512 password hash with salting that offers stronger protection.

The good news is that almost no one noticed. According to Mozilla, the database was accessed by only one person outside of the company. That person is the security researcher who alerted Mozilla about the issue under the Web bounty program, which offers $500 to $3,000 in cash rewards for valid security related bug reports. Nevertheless, Mozilla has deleted the password of all the affected accounts as a precautionary measure.