Giant spambot scooped up 711 million email addresses

Woman on computerImage copyright
Getty Images

Image caption

Millions of computer users will be unaware that their email accounts have been targeted or even hijacked

A malware researcher has discovered a spamming operation that has been drawing on a list of 711.5 million email addresses.

The scale of the scheme appears to make it the biggest find of its kind.

The addresses – and in some cases associated passwords – have apparently been gathered to help spread banking malware.

Members of the public can check if their accounts have been affected via the Have I Been Pwned service.

Its operator, Troy Hunt, acknowledged that some of the listed addresses corresponded to non-existent accounts.

But he added that the number that had been collated still totalled a “mind-boggling amount”.

Hidden images

The Spambot discovery was first flagged by a Paris-based security expert who calls himself Benkow.

It was then brought to wider attention by the ZDnet news site.

Image copyright

Image caption

Benkow said this email was one example of the type of spam that had been used

The database of 711 million user details can be divided in two.

In cases where the attackers know only an email address, they can only target the owner with spam in the hope of tricking them into revealing more information.

But in cases where they also have the user’s login password and other details, they can secretly hijack their accounts to aid their campaign via a spambot known as Onliner.

Benkow acknowledged that it was “difficult to know where [the] credentials had come from”, but suggested that they might have been gathered from previous leaks, a Facebook phishing campaign and illegal sales of hacking victims’ details.

In some cases, the perpetrators had gathered details of the accounts’ simple mail transfer protocol (SMTP) server and port settings.

This information could be used to fool email providers’ spam-detecting systems into letting messages through that might otherwise have been blocked.

“While the list of mailable addresses is quite large, it is probably no larger than any seen previously,” Richard Cox, former chief information officer of the Spamhaus project, told the BBC.

“The lists of compromised accounts are more worrying.

“When compromised accounts are used for spam, they can only be stopped by their providers suspending the account – but when that many are involved, it will severely overload the security/abuse departments of those providers, making it a slow process and that is what keeps the spam flowing.”

Image copyright
Getty Images

Image caption

The spamming campaign seems to have been designed to steal banking details

Benkow added that the Onliner spambot had been hiding tiny pixel-sized images in the emails it had sent out, which were used to harvest information about recipients’ computers.

This meant that the right kinds of malware attachments required to infect different types of devices could be included when follow-up messages masquerading as business invoices were delivered.

Mr Hunt said that the Spambot lists had been tracked to a Netherlands-based computer server, but it had yet to be shut down.

For now, affected users are able to check only if their email addresses have been targeted, but not if their accounts have been hijacked.

But Benkow told the BBC there were still protective steps affected users could take.

“I recommend you to change your password, and be more vigilant with the emails that you receive, now you know that you’re on malware deliverers’ lists,” he said.

Article source:

Google error disrupts corporate Japan’s web traffic

woman holding credit card at laptopImage copyright
Getty Images

Image caption

Online banking services were among those affected.

Google has admitted that wide-spread connectivity issues in Japan were the result of a mistake by the tech giant.

Web traffic intended for Japanese internet service providers was being sent to Google instead.

Online banking, railway payment systems as well as gaming sites were among those affected.

A spokesman said a “network configuration error” only lasted for eight minutes on Friday but it took hours for some services to resume.

Nintendo was among the companies who reported poor connectivity, according to the Japan Times, as well as the East Japan Railway Company.

The country’s Internal Affairs and Communications Ministry has launched an investigation into the error which resulted in Google temporarily hijacking traffic to a major telecoms provider, NTT Communications Corp, which claims to have over 50 million customers in Japan.

Because Google cannot provide transit to third party networks, explains industry expert BGPMon, the traffic was lost.

Article source:

The elevators that go sideways as well as up and down

BBC Click visits a test lift shaft where they are showing off a lift that goes sideways as well as up and down.

The elevators are being developed by Thyssenkrupp.

Instead of using a steel rope, the cabin is carried by linear motors – the same technology that drives Japan’s “bullet train”.

See more at Click’s website and @BBCClick.

Article source:

TEDGlobal: The computer that can smell explosives

Osh AgabiImage copyright

Image caption

Oshi Agabi envisages airports that will need no visible security system allowing people to just walk on to planes

Nigerian Oshi Agabi has unveiled a computer based not on silicon but on mice neurons at the TEDGlobal conference in Tanzania.

The system has been trained to recognise the smell of explosives and could be used to replace traditional airport security, he said.

Eventually the modem-sized device – dubbed Koniku Kore – could provide the brain for future robots.

Experts said that making such systems mass-market was challenging.

All of the big tech firms, from Google to Microsoft, are rushing to create artificial intelligence modelled on the human brain.

While computers are better than humans at complex mathematical equations, there are many cognitive functions where the brain is much better: training a computer to recognise smells would require colossal amounts of computational power and energy, for example.

Mr Agabi is attempting to reverse-engineer biology, which already accomplishes this function with a fraction of the power it would take a silicon-based processor. “Biology is technology. Bio is tech,” he says. “Our deep learning networks are all copying the brain.”

He launched his start-up Koniku over a year ago, has raised $1m (£800,000) in funding and claims it is already making profits of $10m in deals with the security industry.

Koniku Kore is an amalgam of living neurons and silicon, with olfactory capabilities — basically sensors that can detect and recognise smells.

“You can give the neurons instructions about what to do – in our case we tell it to provide a receptor that can detect explosives.”

He envisages a future where such devices can be discreetly used at various points in airports, eliminating the need for queues to get through airport security.

As well as being used for bomb detection, the device could be used to detect illness by sensing markers of a disease in the air molecules that a patient gives off.

Image copyright
Getty Images

Image caption

Oshiorenoya Agabi wants to create a brain-based computer system

The prototype device shown off at TED – the pictures of which cannot yet be publicly revealed – has partially solved one of the biggest challenges of harnessing biological systems – keeping the neurons alive, said Mr Agabi.

In a video, he showed the device being taken out of the lab.

“This device can live on a desk and we can keep them alive for a couple of months,” he told the BBC.

  • Human-pig ‘chimera embryos’ detailed
  • Colourful, creative and close up: Wellcome Images 2017

Ultimately though he has much bigger ambitions.

“We think that the processing power that is going to run the robots of the future will be synthetic biology-based and we are laying the foundations for that today.”

The fusion of biology and technology gained headlines recently when Elon Musk, chief executive of Tesla and Space X, announced his latest venture – Neuralink – which aims to fuse the human brain with AI, using neural lace.

Image copyright
Getty Images

Image caption

Much of AI research is focused on mimicking the job of neurons

Advances in neuroscience, bioengineering and computer science means that much more is known about how the human brain works than ever before.

This is fuelling the development of neuro-technology – devices that aim to mould the brain into computers.

Much of the current work is aimed at improving brain function, particularly for those with brain-related injuries or diseases.

Prof John Donoghue, who heads up the Wyss Centre for bio and neuro-engineering in Geneva, has been at the forefront of work attempting to allow people with paralysis to move limbs using their brain waves.

He believes the field is at a “tipping point” where biological and digital systems will come together.

The idea being pursued by Mr Agabi is interesting, he said.

“Digital computers are fast and reliable but dumb, whereas neurons are slow but smart,” he said.

“But they are not so good in a little dish and the big problem will be keeping them alive and happy. That is going to be a big challenge,” he added.

“Will we have a dish of neurons computing on our desk? I don’t know.”

But he added that scientists in Geneva were already able to “keep neurons in a dish and communicate with them for a year”, adding that such systems were an “exciting tool to study brain circuitry”.

Other scientists are developing silicon chips which mimic the way that neurons work and could ultimately prove more stable, he said.

But Mr Agabi is not convinced such systems will win out over his.

“The idea of mimicking silicon is very hard and we don’t think it can be scaled,” he told the BBC.

Article source:

Chinese man charged over US hack attacks

Los Angelese airportImage copyright

Image caption

The arrest was made soon after Mr Yu touched down in Los Angeles

A Chinese man has been arrested in the US for allegedly selling malware used to hack into American companies.

US authorities claim in court papers that Yu Pingan bought and sold malicious software including the rarely used Sakula program.

That malware has been implicated in the 2014 hack attack on the US federal Office of Personnel Management (OPM).

Information on a huge number of US workers employed in sensitive or secret work was stolen in that data breach.

Software bugs

Mr Yu was arrested earlier this week soon after he disembarked from a flight that landed at Los Angeles international airport. He has been charged with breaching computer networks owned by several US firms.

Legal papers filed to support the arrest do not explicitly mention the OPM as one of the targets of the suspected attacks. Instead, they claim Mr Yu was a key member of a gang that carried out hack attacks on US firms between 2011 and 2014.

The hackers are alleged to have used fake web domains and previously unseen software vulnerabilities to gain a foothold on the networks of companies being targeted, say the court documents.

The targeted firms have not been named but the papers say they were based in California, Massachusetts and Arizona.

The arrest is believed to be linked to the OPM breach because, unlike many other malicious programs, Sakula has only been used to carry out a small number of attacks. As well as being implicated in the OPM breach it was also used in a 2015 attack on US health insurance giant Anthem.

Article source:

Germany bans far-left protest website over G20 riots

Hamburg protesters, 7 Jul 17Image copyright

Image caption

Violent protesters wore face masks, making identification difficult

Germany has banned a far-left internet portal accused of inciting violence and rallying activists who rioted during last month’s G20 summit in Hamburg.

It is now a crime to continue using the site, linksunten.indymedia, Interior Minister Thomas de Maizière said.

Police have seized computers and some weapons in raids on addresses of activists in the south-western Baden-Wuerttemberg region.

Dozens of anti-capitalist protesters clashed with police during the G20.

In a tweet, the German interior ministry described the portal as “the central communications platform among far-left extremists prone to violence”.

It said the site was used to exchange tips about violent protest methods and to spread “anti-constitutional extreme left-wing content”.

In Friday’s police raids, German broadcaster ARD said, knives, batons, piping and slingshots were seized.

Germany mulls tags for potential rioters

Could Germany have avoided G20 clashes?

Who are the G20 protesters?

A banning instruction forces internet service providers (ISPs) to block a particular website, such that users trying to access it see an error message or an official warning.

Sometimes websites take evasive action by switching to a proxy server abroad or by using the internet privacy tool Tor.

In Hamburg, nearly 200 police officers were injured in clashes with masked protesters in early July.

Under the slogan “Welcome to hell”, protesters looted shops, torched cars and threw stones and petrol bombs at police, who tried to disperse them with water cannon and baton charges.

Article source:

Jeff Immelt of General Electric quits race to be Uber boss

Jeff ImmeltImage copyright

Image caption

Immelt said he had “immense respect for the company and founders”

General Electric chair Jeff Immelt has ruled himself out of the race to become the new boss of taxi service Uber.

In a tweet, Mr Immelt said he had “decided not to pursue a leadership position at Uber”.

Hewlett Packard Enterprise chief executive Meg Whitman is now reported to be “the most likely candidate”.

Uber has been searching for a new chief executive since June after previous boss Travis Kalanick resigned following pressure from shareholders.

Skip Twitter post by @JeffImmelt

End of Twitter post by @JeffImmelt

His resignation came after a chaotic few months at the firm and followed a review of practices there amid a series of scandals including complaints of sexual harassment, a macho culture and the departure of senior executives.

Image copyright
Getty Images

Image caption

Hewlett Packard Enterprise’s Meg Whitman has been floated as a candidate

Image copyright

Image caption

Former Uber boss Travis Kalanick resigned following pressure from shareholders

Ms Whitman has previously said she is not interested in the job, posting on Twitter that “I am not going anywhere. Uber’s CEO will not be Meg Whitman.”

Skip Twitter post by @MegWhitman

End of Twitter post by @MegWhitman

However, the New York Times said she was “emerging as the likely candidate” to be selected as Uber’s new chief.

She is currently president and chief executive of Hewlett Packard Enterprise Company, having split its computer and printer business (HP Inc) from its corporate hardware and services operations in 2014.

Under her tenure she has dramatically shrunk the firm, arguing a smaller firm is better able to compete with new start-up rivals.

Uber’s eight-member board is expected to vote later on Sunday on the firm’s new leader.

Article source:

Samsung heir Lee Jae-yong jailed for corruption

Media captionLee Jae-yong was led away from the court in Seoul and onto a bus to prison

A court in South Korea has sentenced Samsung’s billionaire heir-apparent Lee Jae-yong to five years in prison for corruption.

Lee was convicted of bribery in a scandal that also saw the impeachment of South Korea’s former president.

The case has gripped the public amid growing anger against South Korea’s biggest companies, known as chaebols.

Lee, who denied all charges, had faced a jail sentence of up to 12 years.

Also known as Jay Y Lee, the de facto head of the world’s largest smartphone maker had been detained since February on a string of corruption charges.

These included bribery, embezzlement and hiding assets overseas.

What did he do?

The 49-year-old is accused of giving donations worth 41bn won ($36m; £29m) to non-profit foundations operated by Choi Soon-sil, a friend of South Korea’s former President Park Geun-hye, in return for political favours.

Prosecutors said the donations were made to Ms Park’s confidante to win government support for a big restructuring of Samsung that would strengthen Lee’s control over Samsung Electronics.

But Lee’s defence team said that the payments were signed off without his knowledge.

Lee has previously admitted that the firm also gave a horse and money to help the equestrian career of Choi’s daughter, Chung Yoo-ra, but denied seeking favours.

His lawyer said on Friday they would appeal against the court’s decision.

“We are confident the ruling will be overturned,” Song Wu-cheol said.

Who else is involved?

The case contributed to President Park’s eventual impeachment and she now faces trial for corruption herself, something she denies.

Her friend Choi has already been jailed for three years after being found guilty of using her position of influence to solicit favours for her daughter.

Image copyright

Image caption

Chung Yoo-ra won a gold medal for dressage in the 2014 Asian Games

On Friday, two other Samsung executives, Choi Gee-sung and Chang Choong-ki, were also convicted in the same trial as Lee and sentenced to four years in prison. Former Samsung Electronics president Park Sang-jin and executive vice-president Hwang Sung-soo were handed suspended sentences.

Will Lee serve time in jail?

Analysis – by the BBC’s Yogita Limaye in Seoul

This isn’t the first time a top executive of a big conglomerate has been convicted for corruption in South Korea.

But in the past, they’ve either been given suspended sentences or have been pardoned by the president.

The new president, Moon Jae-in, has already said there will be no more presidential pardons.

Image copyright

Image caption

South Korean protesters shouted slogans against Mr Lee in front of the court in Seoul

So if Lee’s sentence is upheld by higher courts and he ends up serving his complete sentence in jail or a significant part of it, that will be a departure from what we’ve seen in South Korea in the past.

And the new government says that will be a strong message to chaebols that they need to clean up the way they do business.

What does it mean for Samsung?

The conviction represents a huge blow to South Korea’s biggest and most well-known business empire. Since the verdict, Samsung shares fell by 1%.

It also raises questions about the future leadership of the family-run conglomerate. Lee has been standing in as chairman since his father, Lee Kun-hee, suffered a heart attack in 2014.

Lee has two sisters, who are in management roles in different parts of the Samsung group, but it is unclear whether they could be brought in to higher positions.

Since Lee’s arrest six months ago, the group’s business operations have continued largely unaffected.

Samsung Electronics posted a record profit of 11tn won for the latest quarter and the firm has released its new flagship Galaxy S8 smartphone, closing the book on the disastrous recall of the exploding Galaxy Note 7.

The Samsung Group, made up of 60 interlinked companies, is crucial to the South Korean economy, with sales equivalent to about a fifth of the national GDP.

The chaebol includes a shipbuilding division, a construction company, and pharmaceuticals and advertising arms.

What is a chaebol?

  • The word chaebol is a combination of the Korean words for clan and wealth
  • It is the name given to South Korea’s massive family-run business empires that wield huge influence in the country
  • They normally own numerous international enterprises
  • Other examples include LG, Lotte and Hyundai

Read more: Chaebols: S Korea’s corporate fiefdoms

Article source:

‘Self-driving’ lorries to be tested on UK roads

Media captionThe technology has already been trialled in the Netherlands using two lorries, with the lead truck having control

Small convoys of partially self-driving lorries will be tried out on major British roads by the end of next year, the government has announced.

A contract has been awarded to the Transport Research Laboratory (TRL) to carry out the tests of vehicle “platoons”.

Up to three lorries will travel in formation, with acceleration and braking controlled by the lead vehicle.

But the head of the AA said platoons raised safety concerns.

In the platoons, the lead vehicle will be controlled by a human driver and will communicate with the rest of the convoy wirelessly.

The following vehicles will be instructed to accelerate and brake by the lead vehicle, allowing the lorries to drive closer together than they could with human drivers.

Lorries driving close together could reduce air resistance for the following vehicles, as the front lorry pushes air out of the way.

This could lead to fuel efficiency savings for haulage companies, which Transport Minister Paul Maynard hopes will be passed on to consumers.

The following vehicles could also react more quickly to the lead lorry braking than human drivers can.

However, human drivers will still steer all the lorries in the convoy.

The TRL will begin trials of the technology on test tracks, but these trials are expected to move to major roads by the end of 2018.

Media captionDriverless lorries could lead to savings being passed to consumers, the Transport Minister Paul Maynard says

The government has been promising such a project since at least 2014.

Last year, for example, it announced its intention to carry out platooning trials but was later frustrated after some European lorrymakers declined to participate.

A Department for Transport spokesman told the BBC that the experiments are now expected to go ahead as the contract had been awarded.


Will the platoon block motorists trying to leave or enter the motorway?

The TRL says it will carefully choose sections of motorway for its trials, taking the number of junctions and traffic into account. All the lorries will have drivers behind the wheel who will be able to take control and break up the convoy to let other drivers join or leave the motorway if there is an obstruction.

What happens if a car tries to squeeze between the lorries?

The platoon lorries will be able to drive more closely together than those driven exclusively by humans, so the gap between them might be uncomfortably close for a driver to try to squeeze into. However, the TRL says its current strategy is to break up the convoy and let the human drivers take control, if a car squeezes in between the lorries. The organisation is considering ways of informing other road users that the lorries are in a “self-driving” convoy.

How much fuel will a convoy actually save?

According to TRL, other trials have seen improvements in fuel economy of between 4% and 10%. A local trial will help determine the benefit platooning can deliver in the UK.

The TRL has announced its partners for the project:

  • DAF Trucks, a Dutch lorry manufacturer
  • Ricardo, a British smart tech transport firm
  • DHL, a German logistics company

Platooning has been tested in a number of countries around the world, including the US, Germany and Japan.

However, British roads present a unique challenge, said Edmund King, president of the AA.

“We all want to promote fuel efficiency and reduce congestion but we are not yet convinced that lorry platooning on UK motorways is the way to go about it,” he said, pointing out, for example, that small convoys of lorries can block road signs from the view of other road users.

“We have some of the busiest motorways in Europe with many more exits and entries.

“Platooning may work on the miles of deserted freeways in Arizona or Nevada but this is not America,” he added.

His comments were echoed by the RAC Foundation.

Its director, Steve Gooding, said: “Streams of close-running HGVs could provide financial savings on long-distance journeys, but on our heavily congested motorways – with stop-start traffic and vehicles jostling for position – the benefits are less certain.”

Campaign group the Road Haulage Association said “safety has to come first”.

Transport Minister Paul Maynard said platooning could lead to cheaper fuel bills, lower emissions and less congestion.

“But first we must make sure the technology is safe and works well on our roads, and that’s why we are investing in these trials,” he said.

Article source:

YouTube football team Hashtag United ‘living the dream’

Hashtag UnitedImage copyright
Hashtag United

Image caption

The team show off their new kit and distinctive “hashtag” hand sign

“We’re average footballers living the professional footballer dream,” says Seb Carmichael-Brown, vice-captain of amateur side Hashtag United.

The squad is a group of mates, most of whom have day jobs off the pitch which have nothing to do with sport.

And yet they have toured the US, Serbia, Ireland and Jersey, had their own kit custom-made by sportswear giant Umbro and average 700,000 views per match.

They’ve also played at the UK’s top stadiums including Wembley and the Etihad, as well as the O2 Arena and Everton’s training ground.

And it’s all thanks to a carefully crafted presence on YouTube.

Image copyright
Spencer Owen/Instagram

Image caption

Team captain Spencer Owen is a successful YouTuber

Crucially, the team didn’t start life as total unknowns. Captain Spencer Owen was already a successful football and gaming YouTuber in his own right, and now has nearly two million followers.

“He has always wanted to own his own football club,” says Seb Carmichael-Brown, who is also Spencer’s brother.

“But it’s not viable for a 28-year-old YouTuber. So we thought, let’s start his own.”

Sunday league activity already has an established YouTube presence – like the Palmers FC team, who have 200,000 followers – so the brothers decided to build something a bit different.

Inspired by EA video game franchise Fifa, they devised a tournament in which the team would play real matches within a fictional league, working their way from fifth to first division, where they are currently. They are promoted or relegated depending on a points system dictated by match wins – their current target is to reach 22 points in order to top their own first division.

This way, Hashtag United can choose their opponents, and include teams from other big YouTube channels like Copa90 and the F2Freestylers as well as sponsored teams.

It also secures occasional access to the big stadiums – sometimes through sponsored deals with, say, BT Sport, and sometimes because they play a team connected to a particularly hallowed arena. So, for example, a match against Arsenal community team Arsenal For All got them on to the pitch of the Emirates Stadium.

Media captionYogscast chief tells newbie YouTubers: ‘Do it for love’

They also work full-time on creating YouTube material.

The team post a match video every two weeks but the channel is peppered with behind-the-scenes videos, fronted by Spencer, showing them travelling, setting up, chatting about forthcoming events among themselves.

A six-person camera crew attends matches, and it takes four to five weeks for a tightly edited match video to find its way on to the official channels.

It costs “thousands” to put on a match in this way, says Mr Carmichael-Brown. Although sponsorship is lucrative – the team’s US tour was paid for by Coca-Cola – overheads are also large.

“Hashtag United have hit a rich vein – younger, digitally native fans alienated from the professional game who just love football,” said social media strategist Sue Llewellyn.

“This is a classic example of keeping it real and personal – talk to your fans like you would talk to your mates. It’s all about trust these days. Younger people don’t like big faceless corporates, they want a more personal, more authentic experience.”

Image copyright
Hashtag United

Image caption

The Hashtag brand also includes four professional e-sports players.

In addition to successful memorabilia and merchandise marketing (the current strip is sold out, says Mr Carmichael-Brown), Hashtag ran an X Factor-style search for a new player, which attracted 20,000 applicants, they claim, and has resulted in a couple of signings.

Then there’s the successful Hashtag e-sports team playing professional Fifa. Team manager Tassal Rushan was crowned regional champion in Paris during EA’s FUT Championship earlier this year – a professional Fifa competition played by e-sports teams from around the world.

Image copyright
Hashtag United

Image caption

Even the camera crew feature in the videos.

The north London ground which the Hashtag football team call their regular home only has the capacity for 1,000 spectators, and the team try hard to keep match dates under wraps.

“We are primarily making videos for YouTube rather than creating live events,” says Mr Carmichael-Brown.

  • Facebook introduces new video service
  • Amazon launches YouTube rival

“A lot of our games go out four to five weeks later. If we have a big crowd, they’ll all have their phones, and the results will leak.”

However, people do try to figure out the venue, he admits, and will turn up on the off-chance that they might catch Hashtag United in action.

“We have recently thought about ways we might move towards a model where all the games are open,” he said.

Perhaps that will form part of the next chapter in the life of Hashtag United – planning is well under way as the team races to the top of its self-created Division One.

Mr Carmichael-Brown is tight-lipped but says the announcement will be made “in the coming months”.

Key players

Image copyright
Hashtag United

Jemel Akeem – defender and YouTuber, age 25

Strong, fast, tall, athletic player.

Joined: three months ago, via the Academy series

Image copyright
Hashtag United

Jack Harrison – midfielder and insurance underwriter, age 32

Workman, warrior, very good with both feet

Joined: at the start

Image copyright
Hashtag United

Ryan Adams – striker and carpenter, age 26

Very fast – and the team’s second top goalscorer

Joined: at the start.

“It’ll be hugely important for them to stay real – in other words stay true to their roots and not end up in the elite player position of being spoilt by money,” said Sue Llewellyn.

“They will also need to be agile in such a fast-moving space, keep innovating and finding new ways to engage their fans.”

That said, social media and sport are a natural partnership, she adds.

“Sports fans are passionate about their game. It’s a basic human need to belong and to want to feel we matter.

“Being part of a digital tribe fulfils that need and it brings people together wherever they are in the world and whatever physical skill level they have.”

Article source: