Security Firm Discovers Secret Plan To Hack Numerous Websites and Forums (softpedia.com)

← Back to Stories (view on slashdot.org)

Security Firm Discovers Secret Plan To Hack Numerous Websites and Forums (softpedia.com)

Posted by BeauHD on Tuesday April 19, 2016 @01:49PM from the foiled-again dept.

An anonymous reader writes: According to Softpedia, "Security researchers from SurfWatch Labs have shut down a secret plan to hack and infect hundreds or possibly thousands of forums and websites hosted on the infrastructure of Invision Power Services, makers of the IP.Board forum platform." The man behind this plan was a hacker known as AlphaLeon, maker of the Thanatos malware-as-a-service platform. AlphaLeon hacked IP.Board's customer hosting platform, and was planning to place an exploit kit that would infect the visitors to these websites with his Thanatos trojan, in order to grow his botnet. Some of the companies using IP.Board-hosted forums include Evernote, the NHL, the Warner Music Group, and Bethesda Softworks (Elder Scrolls, Fallout, Wolfenstein, Doom games).

29 comments

Min score:

Reason:

Sort:

Virus by fluffernutter · 2016-04-19 13:54 · Score: 1

Sometimes Slashdot makes me feel infected.

--
Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
1. Re:Virus by wbr1 · 2016-04-19 14:59 · Score: 1
  
  It's called slow clap.
  
  --
  Silence is a state of mime.
2. Re: Virus by Anonymous Coward · 2016-04-19 16:23 · Score: 0
  
  Don't forget the variant, Pecked by Birds.
  That's the one that causes UID 666 to come shit up your thread.
3. Re:Virus by Anonymous Coward · 2016-04-19 21:33 · Score: 1
  
  Nobody here would know how to get the clap.
4. Re:Virus by LifesABeach · 2016-04-20 01:17 · Score: 1
  
  Does AlphaLeon have a white kitty cat also? It would make sense then.
5. Re: Virus by Anonymous Coward · 2016-04-22 12:53 · Score: 0
  
  Don't be silly. Knowing how is easy, knowing who is not.
Would we notice? by Anonymous Coward · 2016-04-19 14:02 · Score: 1

and Bethesda Softworks (Elder Scrolls, Fallout, Wolfenstein, Doom games)
They're all a bunch of zombies anyway, why not make their machines one too?
Thanatos as a virus scanner? by Anonymous Coward · 2016-04-19 14:20 · Score: 0

I noticed in one of the side stories the title "New Thanatos Trojan Can Delete Competing Malware From The Target". If you had a way to remove Thanatos afterward, wouldn't that be a great way to clean out the system? If there was a competing trojan to Thanatos that could do the same thing, I'd be interested to see the two fighting it out on a throw-away system just to see what happens.
1. Re:Thanatos as a virus scanner? by FatdogHaiku · 2016-04-19 15:29 · Score: 1
  
  I know just the place for it...
  https://xkcd.com/350/
  
  --
  You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
2. Re:Thanatos as a virus scanner? by Anonymous Coward · 2016-04-19 21:38 · Score: 1
  
  From what I've read, Thanatos is a banking malware, and by competing malware it deletes other banking trojans, not ANY malware. Otherwise it would be a 500 MB trojan, just like Kaspersky.
With no clear indicator of intent by rmdingler · 2016-04-19 14:20 · Score: 3, Interesting

I cannot tell if this is parody or... "Shut down a secret plan" ....no wait, I know which one it is.

--
Happiness in intelligent people is the rarest thing I know.
Ernest Hemingway
1. Re:With no clear indicator of intent by Anonymous Coward · 2016-04-19 19:11 · Score: 0
  
  It's the new wave of computer security. Now these heroes aren't defending us from merely haxx0rin haxx0rz, these heroes are defeding us from seeeeeekrit haxx0rin haxxorz bent on wuuurld domainashun. Wif de haxx. Rilly. Also, anyone fancy a new imperial cloak? Cheap this week!
2. Re:With no clear indicator of intent by Anonymous Coward · 2016-04-20 00:52 · Score: 0
  
  I got no mod points, but that was funny to me :)
3. Re:With no clear indicator of intent by gweihir · 2016-04-20 06:20 · Score: 1
  
  Just like the FBI with "terrorists": If you do not have enough to spread fear and advance your agenda, create some!
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
4. Re:With no clear indicator of intent by rmdingler · 2016-04-20 12:51 · Score: 1
  
  Yes, it is true that the governors use the fear of any threat, preferentially foreign, no matter how remote it's actual threat of inflicting damage may be.
  This isn't new to the FBI, or even the NKVD or the OSS... this is 1500's Machiavellian in nature.
  
  --
  Happiness in intelligent people is the rarest thing I know.
  Ernest Hemingway
5. Re:With no clear indicator of intent by gweihir · 2016-04-21 00:13 · Score: 1
  
  Indeed. A very old strategy, that is just as despicable today as it was throughout history. Machiavelli was probably just the first that described this well and who had his writing survive. Today, people could easily know better with all the access to information the average person has, but apparently the cave-man reflexes are stronger and so this obvious manipulation-technique keeps working.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
IPB is still around? by Anonymous Coward · 2016-04-19 14:22 · Score: 0

I stopped using it in 2003 when a drive-by worm kocked the board suddenly offline with everything gone.
infecting with malware? by Gravis+Zero · 2016-04-19 14:31 · Score: 1, Funny

seems a bit redundant, i mean, these people are already using PHP. ;)

--
Anons need not reply. Questions end with a question mark.
Kernelmode.info by Anonymous Coward · 2016-04-19 16:10 · Score: 0

malware RE junkies and newbs might enjoy this forum.
Microsoft Windows strikes again .. by khz6955 · 2016-04-19 18:50 · Score: 1

"to be attractive to its customers, Thanatos had to run on a very large number of infected hosts"

DOH!

"In the infosec community this structure is called a botnet"

Thank you slashdot for this razer sharp technical analysis of distributed botnets :)
1. Re:Microsoft Windows strikes again .. by Anonymous Coward · 2016-04-19 20:08 · Score: 0
  
  In this case no, it is Linux strikes again, the intended hosts were Linux based.
LOL Invision Power. by Khyber · 2016-04-19 18:55 · Score: 2

Their entire suite of software is shit and vulnerable. IPBoard is a complete piece of utter garbage where features that forums should have by default are pay-for plugins.

--
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
He who smelt it, dealt it by Anonymous Coward · 2016-04-19 19:02 · Score: 0

Or this is a story told by Surfwatch to promote itself as a security research company.
In the absense of verifiables, and with the obvious questions (how can it be a secret plan and yet Surfwatch know about it?), How could Surfwatch have known *intent* of attacker?), I'm inclined to view this as part or all PR.
1. Re:He who smelt it, dealt it by Anonymous Coward · 2016-04-19 19:58 · Score: 0
  
  You don't promote yourself by advertising that another company was hacked. That's how you get sued.
2. Re:He who smelt it, dealt it by Anonymous Coward · 2016-04-19 19:59 · Score: 0
  
  That's how they all do it, even the big names
3. Re: He who smelt it, dealt it by Anonymous Coward · 2016-04-22 13:00 · Score: 0
  
  For?
Seen the ad by Anonymous Coward · 2016-04-19 19:55 · Score: 0

I've actually seen the ad on the darknet. Glad someone reported it. Kinda stupid to advertise a thing like that out in the open.
99 problems by Anonymous Coward · 2016-04-19 21:34 · Score: 0

if you're using IP.Board I feel bad for you son.... i have 99 problems but that crappy forum ain't one