Dec 092013

Thug charged with hate crime after he brutally attacked Orthodox Jewish man at random in ‘Knockout Game’

  • Amrit Marajh, 28, of Brooklyn, was arrested on charges of assault as a hate crime and aggravated harassment as a hate crime 
  • He is alleged to have punched Shmuel Perl, an Orthodox Jewish man, in the face 
  • Police are investigating if it was a so-called ‘Knockout Game’ assault, in which the object is to knock out an unsuspecting person with one punch

Daily Mail / UK
by David Mccormack
by Associated Press Reporter
November 25, 2013


Knockout Game Player & alleged attacker Amrit Marajh

Knockout Game Player & alleged attacker Amrit Marajh


New York City police have arrested a man on charges of assault as a hate crime after a 24-year-old Orthodox Jewish man was punched in the face.

Police are investigating whether it was part of a so-called ‘Knockout Game’ assault, in which the object is to knock out an unsuspecting person with one punch.

Amrit Marajh, 28, of Brooklyn, had just left a bar at around 2:45a.m. on Friday with three friends and was talking about boxing when the topic of the knockout game came up, police sources said.


Victim Shmuel Pearl, left, pictured leaving the 66th precinct police station in Brooklyn on Friday

Victim Shmuel Pearl, left, pictured leaving the 66th precinct police station in Brooklyn on Friday


Shmuel Perl, 24, said that he overheard his alleged attackers daring each other to punch him out just before he was actually assaulted

Shmuel Perl, 24, said that he overheard his alleged attackers daring each other to punch him out just before he was actually assaulted


His victim, Shmuel Perl, 24, has said that he overheard his alleged attackers daring each other to punch him out minutes before he was actually assaulted. Perl was stuck once, but wasn’t seriously injured.

Marajh was arrested on charges of assault as a hate crime and aggravated harassment as a hate crime and released after posting $750 bail. His three friends were taken into custody, but released without charge.

Marajh’s lawyer has denied that the attack had anything to do with the brutal game, but New York Police Department Commissioner Ray Kelly said there was no question that the game was the motive for the attack, reports ABC.

‘He makes a statement that he was punched in the side of the face,’ Kelly said. ‘He also makes a statement that just prior to it they were talking about the “Knockout Game”.’


Marajh, was released on $750 bail for allegedly attacking Shmuel Perl, in the early hours of Friday morning

Marajh, was released on $750 bail for allegedly attacking Shmuel Perl, in the early hours of Friday morning


Police are investigating similar recent incidents of 'Knockout Game' assaults, including ones in New Jersey, Pennsylvania and Washington D.C.

Police are investigating similar recent incidents of ‘Knockout Game’ assaults, including ones in New Jersey, Pennsylvania and Washington D.C.


Police are investigating similar recent incidents, including in New Jersey, Pennsylvania and Washington, D.C. At least two deaths have been linked to the attacks this year.

New York City police have deployed additional officers to city neighborhoods where at least seven attacks occurred in the past few weeks, including an assault on a 78-year-old woman.

Authorities and psychologists say the ‘Knockout Game’ assaults have been around for decades – or longer – and it’s played mostly by impulsive teenage boys looking to impress their friends.
Video: ‘Knockout Game’ Suspect Charged With Hate Crime

Direct Link:



Oct 122013

Cryptolocker Ransomware:  What You Need To Know!
by Joshua Cannell
October 8, 2013


FBI / Cryptolocker Ransomware: What You Need To Know

FBI / Cryptolocker Ransomware: What You Need To Know


Just last month, antivirus companies  discovered a new ransomware known as Cryptolocker.

This ransomware is particularly nasty because infected users are in danger of losing their personal files forever.


Cryptolocker Ransomware (view)

Cryptolocker Ransomware (view)


Spread through infected websites, this ransomware has been targeting companies through phishing attacks.

Cryptolocker will encrypt users’ files using asymmetric encryption, which requires both a public and private key.

The public key is used to encrypt and verify data, while private key is used for decryption, each the inverse of the other.

Below is an image from Microsoft depicting the process of asymmetric encryption.


asymmetric encryption.

asymmetric encryption.


The bad news is decryption is impossible unless a user has the private key stored on the cybercriminals’ server.

Currently, infected users are instructed to pay $300 USD to receive this private key.

Infected users also have a time limit to send the payment. If this time elapses, the private key is destroyed, and your files may be lost forever.

Files targeted are those commonly found on most PCs today; a list of file extensions for targeted files include:

3fr, accdb, ai, arw, bay, cdr, cer, cr2, crt, crw, dbf, dcr, der, dng, doc, docm, docx, dwg, dxf, dxg, eps, erf, indd, jpe, jpg, kdc, mdb, mdf, mef, mrw, nef, nrw, odb, odm, odp, ods, odt, orf, p12, p7b, p7c, pdd, pef, pem, pfx, ppt, pptm, pptx, psd, pst, ptx, r3d, raf, raw, rtf, rw2, rwl, srf, srw, wb2, wpd, wps, xlk, xls, xlsb, xlsm, xlsx

In some cases, it may be possible to recover previous versions of the encrypted files using System Restore or other recovery software used to obtain “shadow copies” of files. The folks at BleepingComputer have some additional insight on this found here.



Malwarebytes detects Cryptolocker infections as Trojan.Ransom, but it cannot recover your encrypted files due to the nature of asymmetric encryption, which requires a private key to decrypt files encrypted with the public key.


MalwareBytes detected Trojan

MalwareBytes detected Trojan


In order to make removal even easier, a video was also created to guide users through the process (courtesy of Pieter Arntz).



While Malwarebytes cannot recover your encrypted files post-infection, we do have options to prevent infections before they start.

Users of Malwarebytes Anti-Malware Pro are protected by malware execution prevention and blocking of malware sites and servers.

To learn more on how Malwarebytes stops malware at its source, check out this blog.

Free users will still be able to detect the malware if present on a PC, but will need to upgrade to Pro in order to access these additional protection options.


MalwareBytes Protected System

MalwareBytes Protected System



Also, the existence of malware such as Cryptolocker reinforces the need to back up your personal files.

However, a local backup may not be enough in some instances, as Cryptolocker may even go after backups located on a network drive connected to an infected PC.

Cloud-based backup solutions are advisable for business professionals and consumers alike. Malwarebytes offers Malwarebytes Secure Backup, which offers an added layer of protection by scanning every file before it is stored within the cloud in an encrypted format (don’t worry, you can decrypt these).


MalwareBytes Secure Backup

MalwareBytes Secure Backup


To find out more on remove Cryptolocker, check out the official removal guide from Malwarebytes.

Direct Link:





Sep 082013

How internet encryption works

You may not realise you use encryption, but you probably do – and if someone breaks it, your details are theirs to own


The Guardian / UK
by Charles Arthur, technology editor
September 5, 2013


Online shopping and banking, Skype video chat and Apple's iMessage all rely on internet encryption.  (Photograph: fotovisage / Alamy)

Online shopping and banking, Skype video chat and Apple’s iMessage all rely on internet encryption. (Photograph: fotovisage / Alamy)


Don’t be fooled by the suggestion that only terrorists, paedophiles and those with “something to hide” use encryption on the internet. Anyone who shops online uses it – though probably without realising that that’s what the padlock symbol in the address bar of their browser means.

When you see that padlock on a shopping site or bank site, or when you use Skype for video chat, or Apple’s iMessage, or BlackBerry’s messaging and email systems, or a host of others, your communication is encrypted. If someone breaks that encryption, your details – such as your credit card, address, and what you’re buying – are theirs to own.

Modern computer-based encryption uses “public-key encryption”, which has been in use since 1973 – having been developed, in secret, by GCHQ. (It finally admitted its work in 1997.)

Public key encryption relies on the fact that it is much harder to figure out the factors of a number – what numbers were multiplied together to produce it – than to multiply them to make the number. Quick, what two numbers do you multiply together to produce 323? (Answer at the end.) If you choose two large prime numbers, a computer can multiply them together easily, but it can’t deconstruct the result with anything like the same ease.

The key to public key encryption is thus to generate large numbers using numbers that only you (or your computer) know. The large number can be published online, and used to encrypt a message using specific and well-tested mathematical formulae. In effect, the large number is a digital padlock which you make available to anyone so they can secure a message. Only you hold the keys to the padlock, so it doesn’t matter how many copies are out there. When you link to a shopping site, the creation of the secure link is enabled in the first place by that padlock-and-key process.

But if someone can figure out the factors of the big number, they have in effect cracked your padlock. The difficulty of doing so rises with the size of the number: “brute force” decryption attempts to find its factors by slogging through the number range. A key’s strength is measured by the number of digital bits it uses, and the encryption method. The old benchmark used to be a 40-bit “key” encoded with the RC4 algorithm; these days that could be cracked in moments by a standard desktop computer. These days, 256 bits or more (which theoretically should take thousands of years to crack) is common.

While the NSA, GCHQ and other intelligence agencies can afford to spend millions on custom-built chips to crack encrypted signals, many hackers have begun to use the power of modern graphics processing units (which drive the screen on your computer) to crack passwords. The latest software can manage 8bn guesses per second – and crack passwords up to 55 characters long. Crack that, and you can access the user’s account – at which point, encryption might not matter.

(Answer: 323 is the multiple of 17 and 19 – both prime numbers.)


Direct Link:

Aug 192013

FBI spooks use MALWARE to spy on suspects’ Android mobes – report

Spear-phishing: It’s not just for the bad guys

The Register / UK
by Bill Ray
August 2, 2013


FBI spooks use MALWARE to spy on suspects' Android mobes - report

FBI spooks use MALWARE to spy on suspects’ Android mobes – report


The Federal Bureau of Investigation is using mobile malware to infect, and control, suspects’ Android handsets, allowing it to record nearby sounds and copy data without physical access to the devices.

That’s according to “former officers” interviewed by the Wall Street Journal ahead of privacy advocate Christopher Soghoian’s presentation at hacker-conflab Black Hat later today.

The FBI’s Remote Operations Unit has been listening in to desktop computers for years, explains the paper, but mobile phones are a relatively new target.

It would never work with tech-savvy suspects, though: suspects still need to infect themselves with the malware by clicking a dodgy link or opening the wrong attachment. This is why computer hackers are never targeted this way – they might notice and publicise the technique, said the “former officers”, who noted that in other cases it had proved hugely valuable.

Such actions do require judicial oversight, but if one is recording activities rather than communications, the level of authorisation needed is much reduced. A US judge is apparently more likely to approve reaching out electronically into a suspect’s hardware than a traditional wiretap, as the latter is considered a greater intrusion into their privacy.

Gaining control of that hardware still requires a hole to crawl through; ideally a zero-day exploit of which the platform manufacturer is unaware.

The WSJ cites UK-based lawful spook spyware supplier Gamma International as selling such exploits to the Feds. The company was recently in the news after allegations that it was also supplying dodgy governments with kit – allegedly including malware disguised as the Firefox browser.

Given the convergence of mobile and desktop, it’s no surprise to see desktop techniques being applied to mobile phone platforms by both hackers and law enforcement agencies.

The usual techniques of not opening unknown attachments or unsigned downloads should protect you against the FBI, just as it would against any spear-phishing attempt. But then again, if you know that, they probably wouldn’t try using it against you.


Direct Link:

Aug 102013

N.S.A. Said to Search Content of Messages to and From U.S.


The New York Times
by Charlie Savage
August 8, 2013


N.S.A. Said to Search Content of Messages to and From U.S.

N.S.A. Said to Search Content of Messages to and From U.S.




The National Security Agency is searching the contents of vast amounts of Americans’ e-mail and text communications into and out of the country, hunting for people who mention information about foreigners under surveillance, according to intelligence officials.

The N.S.A. is not just intercepting the communications of Americans who are in direct contact with foreigners targeted overseas, a practice that government officials have openly acknowledged. It is also casting a far wider net for people who cite information linked to those foreigners, like a little used e-mail address, according to a senior intelligence official.

While it has long been known that the agency conducts extensive computer searches of data it vacuums up overseas, that it is systematically searching — without warrants — through the contents of Americans’ communications that cross the border reveals more about the scale of its secret operations.

It also adds another element to the unfolding debate, provoked by the disclosures of Edward J. Snowden, the former N.S.A. contractor, about whether the agency has infringed on Americans’ privacy as it scoops up e-mails and phone data in its quest to ferret out foreign intelligence.

Government officials say the cross-border surveillance was authorized by a 2008 law, the FISA Amendments Act, in which Congress approved eavesdropping on domestic soil without warrants as long as the “target” was a noncitizen abroad. Voice communications are not included in that surveillance, the senior official said.

Asked to comment, Judith A. Emmel, an N.S.A. spokeswoman, did not directly address surveillance of cross-border communications. But she said the agency’s activities were lawful and intended to gather intelligence not about Americans but about “foreign powers and their agents, foreign organizations, foreign persons or international terrorists.”

“In carrying out its signals intelligence mission, N.S.A. collects only what it is explicitly authorized to collect,” she said. “Moreover, the agency’s activities are deployed only in response to requirements for information to protect the country and its interests.”

Hints of the surveillance appeared in a set of rules, leaked by Mr. Snowden, for how the N.S.A. may carry out the 2008 FISA law. One paragraph mentions that the agency “seeks to acquire communications about the target that are not to or from the target.” The pages were posted online by the newspaper The Guardian on June 20, but the telltale paragraph, the only rule marked “Top Secret” amid 18 pages of restrictions, went largely overlooked amid other disclosures.

To conduct the surveillance, the N.S.A. is temporarily copying and then sifting through the contents of what is apparently most e-mails and other text-based communications that cross the border. The senior intelligence official, who, like other former and current government officials, spoke on condition of anonymity because of the sensitivity of the topic, said the N.S.A. makes a “clone of selected communication links” to gather the communications, but declined to specify details, like the volume of the data that passes through them.

Computer scientists said that it would be difficult to systematically search the contents of the communications without first gathering nearly all cross-border text-based data; fiber-optic networks work by breaking messages into tiny packets that flow at the speed of light over different pathways to their shared destination, so they would need to be captured and reassembled.

The official said that a computer searches the data for the identifying keywords or other “selectors” and stores those that match so that human analysts could later examine them. The remaining communications, the official said, are deleted; the entire process takes “a small number of seconds,” and the system has no ability to perform “retrospective searching.”

The official said the keyword and other terms were “very precise” to minimize the number of innocent American communications that were flagged by the program. At the same time, the official acknowledged that there had been times when changes by telecommunications providers or in the technology had led to inadvertent overcollection. The N.S.A. monitors for these problems, fixes them and reports such incidents to its overseers in the government, the official said.

The disclosure sheds additional light on statements intelligence officials have made recently, reassuring the public that they do not “target” Americans for surveillance without warrants.

At a House Intelligence Committee oversight hearing in June, for example, a lawmaker pressed the deputy director of the N.S.A., John Inglis, to say whether the agency listened to the phone calls or read the e-mails and text messages of American citizens. Mr. Inglis replied, “We do not target the content of U.S. person communications without a specific warrant anywhere on the earth.”

Timothy Edgar, a former intelligence official in the Bush and Obama administrations, said that the rule concerning collection “about” a person targeted for surveillance rather than directed at that person had provoked significant internal discussion.

“There is an ambiguity in the law about what it means to ‘target’ someone,” Mr. Edgar, now a visiting professor at Brown, said. “You can never intentionally target someone inside the United States. Those are the words we were looking at. We were most concerned about making sure the procedures only target communications that have one party outside the United States.”

The rule they ended up writing, which was secretly approved by the Foreign Intelligence Surveillance Court, says that the N.S.A. must ensure that one of the participants in any conversation that is acquired when it is searching for conversations about a targeted foreigner must be outside the United States, so that the surveillance is technically directed at the foreign end.

Americans’ communications singled out for further analysis are handled in accordance with “minimization” rules to protect privacy approved by the surveillance court. If private information is not relevant to understanding foreign intelligence, it is deleted; if it is relevant, the agency can retain it and disseminate it to other agencies, the rules show.

While the paragraph hinting at the surveillance has attracted little attention, the American Civil Liberties Union did take note of the “about the target” language in a June 21 post analyzing the larger set of rules, arguing that the language could be interpreted as allowing “bulk” collection of international communications, including of those of Americans.

Jameel Jaffer, a senior lawyer at the A.C.L.U., said Wednesday that such “dragnet surveillance will be poisonous to the freedoms of inquiry and association” because people who know that their communications will be searched will change their behavior.

“They’ll hesitate before visiting controversial Web sites, discussing controversial topics or investigating politically sensitive questions,” Mr. Jaffer said. “Individually, these hesitations might appear to be inconsequential, but the accumulation of them over time will change citizens’ relationship to one another and to the government.”

The senior intelligence official argued, however, that it would be inaccurate to portray the N.S.A. as engaging in “bulk collection” of the contents of communications. “ ‘Bulk collection’ is when we collect and retain for some period of time that lets us do retrospective analysis,” the official said. “In this case, we do not do that, so we do not consider this ‘bulk collection.’ ”

Stewart Baker, a former general counsel for the N.S.A., said that such surveillance could be valuable in identifying previously unknown terrorists or spies inside the United States who unwittingly reveal themselves to the agency by discussing a foreign-intelligence “indicator.” He cited a situation in which officials learn that Al Qaeda was planning to use a particular phone number on the day of an attack.

“If someone is sending that number out, chances are they are on the inside of the plot, and I want to find the people who are on the inside of the plot,” he said.

The senior intelligence official said that the “about the target” surveillance had been valuable, but said it was difficult to point to any particular terrorist plot that would have been carried out if the surveillance had not taken place. He said it was one tool among many used to assemble a “mosaic” of information in such investigations. The surveillance was used for other types of foreign-intelligence collection, not just terrorism investigations, the official said.

There has been no public disclosure of any ruling by the Foreign Intelligence Surveillance Court explaining its legal analysis of the 2008 FISA law and the Fourth Amendment as allowing “about the target” searches of Americans’ cross-border communications. But in 2009, the Justice Department’s Office of Legal Counsel signed off on a similar process for searching federal employees’ communications without a warrant to make sure none contain malicious computer code.

That opinion, by Steven G. Bradbury, who led the office in the Bush administration, may echo the still-secret legal analysis. He wrote that because that system, called EINSTEIN 2.0, scanned communications traffic “only for particular malicious computer code” and there was no authorization to acquire the content for unrelated purposes, it “imposes, at worst, a minimal burden upon legitimate privacy rights.”

Direct Link: