Ten International Organizations trying to Hack into Your Computer

Updated: August 25, 2012

Hackers have been around since the early development of computers. Although they have gone by different names at different times, they've been fundamentally known as malicious all-knowing individuals who can play with your personal information as they please and harm you or protect you depending on circumstances.

1. The German Police and Intelligence Agencies

In February 2007 German Interior Minister Wolfgang Schaeuble has confirmed plans to seek a change to the constitution to allow the state secret access to the computers of private individuals. Germany's Federal Court of Justice rejected the request because no law allows authorities to spy suspect's computers. However, according to German Web site Der Spiegel, the German foreign intelligence agency BND has supposedly been spying on computer systems around the world over the past couple of years.

Why they made this list

German police have hired a company to create Trojans capable of capturing traffic from Skype and SSL. Digitask, a security company, was asked to create a "Skype Capture Unit" based around Trojans planted on targeted PCs covertly transferring data to a remote server. This is supported by two leaked documents and one of them is still available in its original form here. In the end it looks like 2,500 IP addresses were targeted and hacked in this fashion.

Why they do it:

While there are no specific references, one might easily suspect that the purpose of such rather random attacks is the gathering of data from possible suspects or even their own employees.

How to keep clear of such threats:

The police, assuming they have the proper warrants to do so, will need to enter the target's place and install the trojan manually, or create an e-mail to trick the target to install it on their own. Depending on the target's knowledge and/or experience with such malware and their system's defenses, they may not take the e-mail bait or their security applications may detect the presence of the trojan and destroy it before it can be installed. However, altering a person's computer configuration is a flagrant violation of law, so nowadays the Germans claim to have stopped using their Skype hacking application.

2. The RIAA

The recording industry wants the right to hack into your computer and delete your stolen MP3s. The Recording Industry Association of America (RIAA) is the trade group that represents the U.S. recording industry and they seem to go a little overboard while protecting their interests. We can't say for sure if the RIAA is still actively hacking into anyone's computer, but it's factual that they tried to make it their lawful right back in 2001 when the anti-terrorism bill was approved by Congress. Reports from 2003 confirm that they didn't really care too much about taking the modest approach and actually pursued the idea that they could alter information in your computer in the name of protecting the music industry from those evil P2P criminals.

Why they made this list

Under the fragile protection of the obscure Berman bill (which by the way died in the committee and was never reintroduced) the RIAA apparently hired a group of hackers called Gobbles Security to develop and deploy a security exploit that will allow them to monitor P2P traffic across the internet. However, the rumor was denied by the RIAA, strangely enough about the same time as the Berman bill was politely snubbed even by Hollywood business people.

Why they would still do it:

The RIAA's ferocious fight against music piracy, although seemingly unjust according to some, will most likely end up with them trying to identify in order to be able to personally approach individuals who illegally download copyrighted material.

How to keep clear of such threats:

RIAA will most likely not break the law in their attempt to limit music piracy, but be sure to check if the Hollywood lobbyist don't manage to push a law that will allow them to legally sweep your hard drive looking for anything that looks suspicious. In the end it's all about individual privacy vs. large corporate interests.

3. The Chinese controlled GhostNet

A network of digital spies generally known as GhostNet believed to have been controlled from China has hacked into classified documents on government and private computers in 103 countries since 2007. Initially started as a government controlled agency designed to gather data about the Tibetan exile community, the cyber-espionage organization has considerably diversified their activities over the course of the last couple of years, reaching highly protected military, diplomatic and private targets.

Why they made this list

Once the hackers had infiltrated the systems using modern sophisticated techniques, they gained control using malware-type applications installed directly on the compromised computers and eventually sent and received data on the machines. The core of the procedure is a Trojan dubbed as Ghost Rat which allows the attacker direct and real-time control over the entire functionality of the affected computer, including any important data stored on the hard drive.

Why they would still do it:

While the Chinese propaganda machine is denying any support for this organization, all sings point to the Third Technical Department of the People's Liberation Army, a military branch of the Chinese government. The gathering of military or economical data is crucial to any country's army so most likely GhostNet will go on developing more sophisticated means of accessing computers all across the globe.

How to keep clear of such threats:

Although well financed and supported, organizations like these don't posses (as of yet) other means than the traditional, conventional hacking tools: finding exploits, deploying the malware, gathering the data. So in reality, the best defense against threats of this kind is an updated, well protected machine.

4. The Carders

A "Carder" is a digi-criminal who specializes in stealing information, and in the end, funds from credit cards. In the virtual world, credit card hacking is somewhat sophisticated and automatized. A hacker could use various ways of installing a credit card hacking software known as Bugbear into your system. This program is basically a keylogger, allowing the recipient of the data to eventually identify your credit card data. This usually goes hand in hand with identity theft.

Why they made the list

With over 130 million credit card numbers stolen in the last 2 years and over 40 million dollars recorded as withdrawn in cash from ATMs all over the world, the carding business is flourishing. The techniques used by carders and identity thieves are innovative, brilliant and always improving, making this probably the most dangerous branch of the hacking world as far as the average individual is concerned.

Why they would still do it:

As more and more people gain access to the digital world, the more credit cards are brought into the online environment each passing day. Also with the accelerated increase of Internet users across the world, the average surfer becomes more and more unaware of common defensive practices against such threats.

How to stay safe:

A good general practice would be to avoid using your main credit or debit card on the less reputable sites. Most banks offer pre-paid MasterCards and VISA cards which can be fueled with just the right amount for the transaction you have in mind. It is also recommendable to secure your home or office wireless network as it is a very common practice for card hackers to cruise around looking for unsecured networks which can easily accept the deployment of keyloggers. Checking your credit card statement monthly for any suspicious transactions is also an extremely good habit.

5. The Nokia 1100 Hackers

Although this is only indirectly related to some organization trying to hack your own computer, the Nokia 1100 hackers make for an interesting group in their own way as they are able to use the phones to access individual bank accounts and perform actual transactions with the money. There is actually an exploit in a certain model of the 1100 series, manufactured in Bochum, Germany. Phones made around 2003 in that now-closed factory have the flawed firmware version that can be hacked and they actually sell for up to $32,000 on certain underground hacking forums.

Why they made the list

Using special software written by hackers, certain models of the 1100 can be reprogrammed to use someone else's phone number and receive their text messages. As it is very common for European banks to actually send a transaction code via text message to their client's phone in order for them to approve money transfers and payments, it's easily understandable why receiving SMS messages that were meant for someone else could be turned into a lucrative business. Rumors have been confirmed by independent investigators who actually managed to hack a Nokia 1100 phone with the correct firmware version.

Why they would still do it:

Although Nokia denies such assumptions, it is a proved fact that their now discontinued 1100 model was and is still being used to receive text messages by simulating other people's identities. In fact, investigators of this fraud managed to get offers as high as $33,000 for their old Bochum made Nokia 1100 handsets.

How to stay safe:

It does seem that the practice of texting mTAN numbers to their clients has somewhat lost its popularity amongst European banks, but it's still fairly common in certain Arab countries. As long as the bankers don't set up their security systems to be able to deal with such threats, there's not a lot individuals can do to protect their bank accounts of these hacks.

6. The Cult of the Dead Cow

One of the most prominent hacking organization in the world, The Cult of the Dead Cow, part of the so called cDc Communications network has been a pain in the internet's butt since 1984. Their activities and their accomplishments are frowned upon by corporate media networks and major companies like Microsoft and Google, but encouraged by a certain part of the web population.

Why they made this list

There's one of their "hacktivities" in particular that was a clear violation of one's online privacy and it made cDc infamous across the web: The Back Orifice (a pun on Microsoft's BackOffice server software) that would give the hacker full control of the infected computer, going as far as being able to spy on the unsuspected user through their own webcam and microphone, which is a pretty powerful tool as some would say.

Why they would still do it

The cDc actually run a website and a weblog where they boast about their latest "hacktivities" and they're not shy at all to admit to them. Many tools they release are related to computer security and are sometimes dubbed "hacker tools", one of the things they still make available for the general public being the infamous Back Orifice.

How to stay safe:

Writing the malicious software that would be able to hack into your webcam is very much a triviality for many computer programmers of average skill so all it takes is a person who's computer-illiterate enough to actually click on suspicious file attachments and shady website links. Even more, the Back Orifice is still available for download. Our advice to those concerned about their privacy is to try and behave with decency in the online environment and maybe not sing and dance naked in front of a webcam. In all fairness, most computers these days do come equipped with an electronic light that actually tells you that the webcam is running even if you didn't start it yourself.

7. The NSA Red Team

In a world where every Russian kid has access to advanced and powerful hacking tools, spam is part of everyone's daily life and someone from Nigeria or Ghana emails you everyday about some dead relative giving you millions, it doesn't come as any real surprise to anyone that the US entertains their own elite team of hackers to insure safekeeping of classified data or to counter-attack any attempts at national security. This is generally know as the almost mythical "red team."

Why they made this list

Although the NSA admitted to the existence of the red team, the activities that concern the privacy of the regular internet users remain subject to speculation. It is known for a fact that they do use the same techniques of distributing malicious software across the web as illegal hackers (in fact, it's rumored that many once-illegal hackers ended up working for the NSA), only they do it under the protection of the law. It is however believed that the help of this elite team has been asked for and received in FBI cases that concerned tracking down sexual predators, potential terrorist plots or other hackers with malicious intentions.

How to stay safe

According to an unnamed member of the "red team", their success rate when trying to access some information located in a computer connected to the Internet is very close to 100%. While this may raise some fear against evil doers, it may also bring some concern amongst the average internet users. We will not get into political debates about how far should the government be allowed to go when it comes to breaking our privacy for the higher purpose of upholding the values of the law, but it is fair enough to admit that there have not been clear reports from the regular population about their private information being disclosed to third parties. After all, the first rule of the NSA red team is "do no harm."

8. Groups of Advanced Spammers

 

Spam is something that we've grown accustomed to in our daily lives. People spam you with diet pills, Viagra ads, false lottery tickets always looking to offer you a deal, get your personal information and eventually profit. But the so called "advanced spammers" have added some hacking procedures to their arsenal. It looks like their spammy little sites get deployed on unsuspecting computers on the web via traditional hacking methods and they use them to attract visitors and sell their products.

Why they made this list

The technique involves using a Trojan virus that allows the attacker to control the infected system's Internet connection and storage space thus allowing the spammer to run a number of small websites straight from the hijacked computer. Then the spammer gets visitors to come to these websites, usually landing pages for selling subscriptions to adult content content or something similar.

Why they still do it

The question of how lucrative the spam business is got as old as the internet. The continued existence of internet spam is probably a good sign that it's still somewhat lucrative for the attackers so they will probably keep on going with refining their approach and hoping to keep selling things.

How to stay safe

The array of attack methods is limitless and so are the means of defending against it. Traditional security software along with good spam filters should do the job, but it's also a matter of educating the larger audience about the extent of internet scams. There's also unconventional methods of discouraging spammers, like the one described here

.

9. The Mujahideen Electronic Net

 

Believed to be the root of the new trend in religious extremism - computer hacking, the online forum actively recruits, trains and sponsors gifted software programmers in order for them to develop advanced hacking tools used for various extremist activities.

Why they made this list

While their activities are mostly in the field of religious propaganda, actively hacking websites they consider to be a threat to the purity of their religion or posting instructions on how to build home made bombs, it looks like as of June this year their "hacktivities" have grown in proportion, going as far as defrauding private innocent users in order to support their expansion.

How to stay safe

It's actually believed that in general they find their victims on websites or forums dedicated to pro-actively bash or fanatically support one religion or the other so it would probably be a good idea to keep your main email address private and never share personal information with complete strangers on any online community you belong to.

10. The Gaming Hackers

Although it may not seem too serious of a topic for most Internet users, the gaming community has its own rotten apples that invest time and resources into using their access to the gaming world for their own purposes. In a time of online gaming boom more and more people are attracted to this universe and most of the time they do not only bring their enthusiasm into the game, but also money which has become vital to this industry. This is where game hackers come in and take advantage of unsuspecting members of the community to the end of actually acquiring financial gain out of it.

Why they made this list

With real money on the line in online games and virtual worlds like Second Life and World of Warcraft, the stakes are higher than ever and the gaming hackers are improving their attacks by each passing day. Just to throw one significant example on the table that's related to the online gambling community: a hack called a Sybil attack - which simulates people actively participating in the game room - makes it possible for online poker players to gain a big advantage over their opponents by seeing in real time mode what cards have been dealt to their simulated game partners. The same principle of hacking has been successfully ported to the Second Life universe, where real money have become currency for virtual properties trading and it ended up with the hacker making a profit by defrauding unsuspecting gamers.

How to stay safe

The "normals" as the gaming security experts call genuine online gaming users with no specific training in the software development or system security fields are prone to using default of very standard username/password combos, making the hacker's job really easy. It's also recommended to employ an username that doesn't necessarily suggest your real name, occupation or current location.

Featured Research