Slyck.com
 
Slyck Chatbox - And More

66,000 Names and Personal Details Leaked On P2P

Discuss Slyck's latest news
Forum rules
PLEASE READ BEFORE POSTING: Slyck Forum Rules

66,000 Names and Personal Details Leaked On P2P

Postby Malicious Intent » Sat Apr 29, 2006 11:06 pm

The personal details of 66,000 subscribers to a Japanese national newspaper have leaked online via file sharing software.

It is the latest in a long line of serious leaks in Japan, which have included sensitive military, police and medical records.

The newspaper, Mainichi Shimbun, has confirmed that names, addresses and phone numbers have all been leaked, but no financial information.

The information was originally part of a database being used by Mainichi Friend, who was an affiliate of the newspaper, according to the company. Mainichi Friend was managing a readers' club, which closed in late March.

The data emerged on a Japanese file sharing network called Share, which is being developed by an anonymous author as a successor to the popular Winny network. The developer of Winny was arrested in 2004.

Both Winny and Share use code based on the principles of Freenet to help obscure the link between IP addresses and shared folders, offering a certain level of anonymity.

The leak originated from an employee who moved the data onto his own computer, which had Share installed. Unknown to the employee, the computer also had a virus that shares the whole hard drive on the file sharing network.

Ironically, the leak was discovered by the paper’s own reporters, who were investigating cybercrime.

According to antivirus firm Trend Micro, it is the first major leak on the Share network, but is far from the first major leak in Japan.

Winny has recently been at the centre of a string of serious leaks, mostly due a virus called Antinny, which uploads files from private folders onto Winny’s distributed file cache.

Just last February, confidential information leaked from the personal computer of a petty officer in the Japanese Maritime Self-Defense Force (MSDF). As a result, the MSDF was forced to revise its random-number cipher codes for communications.

More recently, the U.S. military suffered when access codes to their Misawa base in Japan were leaked onto Winny by a Japanese interpreter, who worked for a military subcontractor. A daily report on warehouse repair work in the base also appeared on the network.

In November last year, access codes for restricted areas at 29 airports were leaked onto the network by an All Nippon Airways captain’s personal computer. Passwords for 17 airports were leaked a month later, this time from an infected copilot’s computer.

The worst two leaks came last month when the details of 3 years worth of investigations and 1,500 individuals leaked from a computer belonging to an Okayama Police investigator. Shortly afterwards, details of a further 4,400 people were leaked from a police inspector’s computer in the Ehime. The disclosed details of investigations date as far back as 1984. Again, the computer was running Winny and was infected with a virus which shared private folders. The exposed data includes the names of sex crime victims.

The police have apologized and launched a free telephone consultation service, but unlike airport security codes, the leaked information cannot simply be replaced.

Other leaks have involved confidential information on hospital patients in Toyama, more than 8,000 names and addresses from an advertising company’s database, corporate information about Yahoo! customers and even a list of supporters of a political party.

Once the data is on either the Winny or Share networks, it is very difficult to remove. To aid anonymity, files are automatically uploaded and cached within the network. Simply removing the infected computer will have little impact, even if no other users deliberately download or share the data.

Modern P2P networks do not automatically share folders which potentially contain sensitive information and the vast majority of these leaks were due to a virus, but the lessons from Japan are clear. Users should ensure they know what is being shared and regularly scan their computers for viruses and other malware.

<i>The original version of this article stated that Winny and Share contained code from Freenet. As pointed out to Slyck.com by Freenet developers, this is not true. It is thought that Winny and Share were inspired by the design principles of Freenet, but do not contain any actual code and are both written in different programming languages. This article has been changed accordingly.</i>
User avatar
Malicious Intent
 
Posts: 918
Joined: Tue Mar 30, 2004 12:03 pm
Location: Swindon

Re: 66,000 Names and Personal Details Leaked On P2P

Postby HoboJoe » Sat Apr 29, 2006 11:14 pm

Malicious Intent wrote:The newspaper, Mainichi Shimbun, has confirmed that names, addresses and phone numbers have all been leaked, but no financial information.


"Information on where you live, how to contact you, adn who you are have been made public. But don't worry. You still have your <insert Japanese credit card company name here> cards!"

:roll:
User avatar
HoboJoe
 
Posts: 752
Joined: Sun May 01, 2005 9:22 pm
Location: Current Hideout: Canada

Postby AussieMatt » Sun Apr 30, 2006 12:14 am

Isamu Kaneko the developer of Winny, has stated numourous times that he is able to develop a patch for antiiny the Winny virus but he is not permitted to write any Winny code because of his still pending trail that is still continuing after he was arrested two years ago ,Kaneko currently is out on bond and lives at home .
AussieMatt
 
Posts: 1044
Joined: Wed Mar 03, 2004 10:03 am

Postby put4558350 » Sun Apr 30, 2006 3:28 am

strange!

This company let employee copy "user data information" to "his" personal used pc.
put4558350
 
Posts: 15
Joined: Sun Jun 26, 2005 8:05 pm

Postby IneptVagrant » Sun Apr 30, 2006 3:35 am

put4558350 wrote:strange!

This company let employee copy "user data information" to "his" personal used pc.


Its really not that uncommon of a pratice. Lots of companies use VPNs to let employees work remotely. And of course this leads to people coping files so they can work offline.
IneptVagrant
 
Posts: 1247
Joined: Tue Nov 15, 2005 5:07 am
Location: close the world . . . . . . . . . . . . . . txEn eht nepO

Postby webe3 » Sun Apr 30, 2006 5:27 am

Scary stuff! I am glad the launch codes to nuclear missles are not online!

(Nor can they be, unless a mole leaked them and then it still would not do any good as you cannot use them online....most are a totally closed system and not on the net. And they are also changed regularly.)

But I can just see it on the net now...."Hey kids, want to start a real war?? Well you can with your own nuclear launch codes! Simply hack in to NORAD and type these codes in! Be sure to target someplace miles away from your house!" LOL!

Now it is getting to the point on the net where, even unintentionally, some program can be made to share your personal info and there is very little you can do about it. Scary stuff, indeed.
webe3
 
Posts: 756
Joined: Sat Jul 27, 2002 2:01 pm

Postby herk » Sun Apr 30, 2006 5:58 am

Just remember kiddies..
You can always trust a Police Ossifer.
herk
 
Posts: 42
Joined: Sat Jan 01, 2005 4:58 pm

Postby AussieMatt » Sun Apr 30, 2006 7:34 am

webe3 wrote:Scary stuff! I am glad the launch codes to nuclear missles are not online!

(Nor can they be, unless a mole leaked them and then it still would not do any good as you cannot use them online....most are a totally closed system and not on the net. And they are also changed regularly.)

But I can just see it on the net now...."Hey kids, want to start a real war?? Well you can with your own nuclear launch codes! Simply hack in to NORAD and type these codes in! Be sure to target someplace miles away from your house!" LOL!

Now it is getting to the point on the net where, even unintentionally, some program can be made to share your personal info and there is very little you can do about it. Scary stuff, indeed.


Maybe not the luanch codes but a rouge nation or terroists could find the raw materials to make a dirty bomb .

Virus causes leaks of confidential nuclear power plant info
People warned anew about P2P networks


First posted 06:42pm (Mla time) June 26, 2005
By Erwin Lemuel Oliva
INQ7.net



A RECENT virus that hit the Mitsubishi Electric Plant Engineering has leaked company secrets related to nuclear power plant inspections over several years, the anti-virus firm Sophos reported on Friday, warning users anew from downloading files from peer-to-peer networks.
An infected computer of an employee of the Japanese firm is suspected to have leaked about 40 megabytes of confidential information to the Internet, Sophos said, citing Japanese press reports.

The infected computer was said to have distributed the confidential information to users of Winny, a popular peer-to-peer file-sharing network in Japan, which has a quarter of a million users.

Officials of the Mitsubshi firm said the leak was caused by a 30-year-old engineer who used his personal computer for company work. The leaked information included photographs of the interior of the nuclear power plants, and the names and addresses of inspecting engineers.

Sites referred to in the leaked data include Kansai

Electric Power's Mihama nuclear plant and a power station in Tsuruga, as well as pressurized water reactors in Tomari and Sendai, Sophos said.

The computer virus that infected the employee's computer remains unidentified.

"The fall-out from this breach acts as an unpleasant reminder that all businesses need to take computer security seriously. If you allow your employees to put sensitive company data onto their own home computers, you are running the risk that they will not be as well defended as the PCs within your organization," Graham Cluley, senior technology consultant at Sophos, reminded users.

Indeed, viruses do hide in file sharing networks.

"Yes, a lot of viruses deliberately give themselves alluring names and save themselves in file-sharing folders on infected computers. They then rely on users of the P2P system to search for keywords like 'Paris Hilton' or "Britney" (the list goes on and on) and try and download the files.They then run the files and get infected," Cluley told INQ7.net in an e-mail interview.

"It's bad enough when an individual has data stolen from them by a malware attack, but a nuclear power station being the victim is a real cause for concern," Cluley added.

This is not the first that that a virus can scoop up files from an infected user's hard drive and distribute them on the net, he said. "In the past some have emailed confidential documents onto other users, other viruses have posted the documents onto usenet newsgroups or (as appears to have happened in this case) made them available via P2P file-sharing networks. Some deliberately look for documents that contain words like "confidential," the Sophos consultant said.
AussieMatt
 
Posts: 1044
Joined: Wed Mar 03, 2004 10:03 am

Postby bkf » Sun Apr 30, 2006 8:03 am

"Maybe not the launch codes but a rouge nation or terroists could find the raw materials to make a dirty bomb"

Computers are starting to become very dangerous especially when 90 % of the worlds users don’t have any protection, any idea how to check their systems, any desire to check, or any idea what to do about it to fix it. The mass collections of data on people and other things is not helping either.
bkf
 
Posts: 99
Joined: Wed Dec 21, 2005 1:28 pm
Location: Earth

Postby AussieMatt » Sun Apr 30, 2006 8:45 am

Look at this gem from the EULA of Peer Impact. Peer Impact is a Walled Garden p2p network ,so it is supposedly less prone to the spread of viruses .

THIS SOFTWARE IS NOT INTENDED FOR USE IN THE OPERATION OF NUCLEAR FACILITIES, AIRCRAFT NAVIGATION OR COMMUNICATION SYSTEMS, AIR TRAFFIC CONTROL SYSTEMS, LIFE SUPPORT MACHINES OR OTHER EQUIPMENT IN WHICH THE FAILURE OF THE SOFTWARE COULD LEAD TO DEATH, PERSONAL INJURY OR SEVERE PHYSICAL OR ENVIRONMENTAL DAMAGE.
AussieMatt
 
Posts: 1044
Joined: Wed Mar 03, 2004 10:03 am

Postby SlyckScratch » Sun Apr 30, 2006 1:17 pm

Winny Command Parsing Buffer Overflow Vulnerability

Secunia Advisory: SA19795
Release Date: 2006-04-24
Last Update: 2006-04-27

Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched

Software: Winny 2.x

Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.

CVE reference: CVE-2006-2007

Description:
eEye Digital Security has reported a vulnerability in Winny, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error within the parsing of specific commands received via the file transfer port. This can be exploited to cause a heap-based buffer overflow and allows arbitrary code execution.

The vulnerability has been reported in version 2.0 b7.1. Prior versions may also be affected.

Note: It has also been reported that a stack-based buffer overflow exists within the parsing of another command.

Solution:
Use another product.

http://secunia.com/advisories/19795/
I know what you're thinking, punk. You're thinking, 'Did he use six superfluous adjectives or only five?' To tell the truth I forgot myself in all this excitement - but as I deal in English, the most powerful language in the world with subtle nuances that may blow your head clean off, you've got to ask yourself one question: 'Do I feel loquacious?' Well do you punk?
User avatar
SlyckScratch
 
Posts: 8412
Joined: Sun Jan 30, 2005 7:31 am
Location: D>E>X

Postby MrFredPFL » Sun Apr 30, 2006 2:00 pm

AussieMatt wrote:Isamu Kaneko the developer of Winny, has stated numourous times that he is able to develop a patch for antiiny the Winny virus but he is not permitted to write any Winny code because of his still pending trail that is still continuing after he was arrested two years ago ,Kaneko currently is out on bond and lives at home .


is winny closed or opensource?
MrFredPFL
 
Posts: 15753
Joined: Wed Aug 17, 2005 4:48 pm

Postby SlyckScratch » Sun Apr 30, 2006 2:07 pm

I think the police took the code away. 'Share' is closed source
I know what you're thinking, punk. You're thinking, 'Did he use six superfluous adjectives or only five?' To tell the truth I forgot myself in all this excitement - but as I deal in English, the most powerful language in the world with subtle nuances that may blow your head clean off, you've got to ask yourself one question: 'Do I feel loquacious?' Well do you punk?
User avatar
SlyckScratch
 
Posts: 8412
Joined: Sun Jan 30, 2005 7:31 am
Location: D>E>X

Postby MrFredPFL » Sun Apr 30, 2006 2:11 pm

too bad - it had never been released before?
MrFredPFL
 
Posts: 15753
Joined: Wed Aug 17, 2005 4:48 pm

Postby AussieMatt » Sun Apr 30, 2006 2:44 pm

Winny was closed source also but some portions of the code has been released in the past .

Winny Source Code Link
http://www.b-geeks.com/index.shtml

The Winny Bulletin boards gives away the IP of the thread creators And is one reason all the Japanese have now moved over to Share ,mainly because Share does not have a bulletin board and the file chunks are more widely distributed with Share.

The Japanese police just harvested the IPs of copyright infringers who posted Hashes to copyrighted material on the Winny boards. Then the police configured their firewalls on their snooping computers ,so they only accepted connections from the "infringing' Ips .They set Winsys auto search feature to look for the infriging hashes to prove copyright infringement - under unauthorised distribution ,which is a felony in Japan.Two Japanese men where charged with copyright infringement and given suspended sentences by the Japanese courts.

The Japanese police then went after Isamu Kaneko for contributory copyright infringement because he created Winny .They took all his computers and code .

This was after several embarrassing leaks from the Police department in connection with Winny . some say that Kaneko is being used as a scapegoat for some senior police being stupid having Winny installed on their work Laptops and some Japanese politicians have questioned why senior police had Winny installed in the first place .
Last edited by AussieMatt on Sun Apr 30, 2006 2:55 pm, edited 1 time in total.
AussieMatt
 
Posts: 1044
Joined: Wed Mar 03, 2004 10:03 am

Postby MrFredPFL » Sun Apr 30, 2006 2:50 pm

ah ok - but that wasn't where i was going ;)

i'm just trying to think of other solutions to the virus problem. if the source had been open, he could easily have written the patch and had someone else release it.
MrFredPFL
 
Posts: 15753
Joined: Wed Aug 17, 2005 4:48 pm

Postby AussieMatt » Sun Apr 30, 2006 2:58 pm

Kaneko stated a few months ago that he could create a patch for Winny but that would violate the court order that has been slapped against him preventing him from developing Winny any further .

The Japanese police also have access to the code because that is one of the pieces of evidence they confiscated from Kaneko when he was arrested .
Last edited by AussieMatt on Sun Apr 30, 2006 3:04 pm, edited 2 times in total.
AussieMatt
 
Posts: 1044
Joined: Wed Mar 03, 2004 10:03 am

Postby MrFredPFL » Sun Apr 30, 2006 3:04 pm

i understand. but in an opensource environment, it would be difficult to claim that the patch had come from him. i wonder - what language is the program written in? can it be decompiled?
MrFredPFL
 
Posts: 15753
Joined: Wed Aug 17, 2005 4:48 pm

Postby AussieMatt » Sun Apr 30, 2006 3:04 pm

Winny is coded in C++

Share is coded with Delphi
Last edited by AussieMatt on Sun Apr 30, 2006 3:10 pm, edited 1 time in total.
AussieMatt
 
Posts: 1044
Joined: Wed Mar 03, 2004 10:03 am

Postby MrFredPFL » Sun Apr 30, 2006 3:06 pm

ok, thanks. from what i hear, delphi is hard, if not impossible, to decompile.
MrFredPFL
 
Posts: 15753
Joined: Wed Aug 17, 2005 4:48 pm

Postby put4558350 » Sun Apr 30, 2006 9:28 pm

IneptVagrant wrote:
put4558350 wrote:strange!

This company let employee copy "user data information" to "his" personal used pc.


Its really not that uncommon of a pratice. Lots of companies use VPNs to let employees work remotely. And of course this leads to people coping files so they can work offline.


... Still really strange ...

I mean. Thay let employees copy user address , user phone number ...

I know using VPNs to work remotely. But this kind of information ... strange.
put4558350
 
Posts: 15
Joined: Sun Jun 26, 2005 8:05 pm

Postby Alex H » Sun Apr 30, 2006 10:57 pm

So with the RIAA and MPAA pushing p2p nets further and further underground, is this something we can look forward to more of in the future?
Alex H
 
Posts: 329
Joined: Thu Jun 10, 2004 4:02 am

Postby OmegaGreg » Mon May 01, 2006 1:28 am

Just glad that I don't live in Japan...or in Asia period. It's too crazy there.
User avatar
OmegaGreg
 
Posts: 1487
Joined: Tue Dec 21, 2004 2:55 am
Location: USA

Postby LiveTS » Mon May 01, 2006 2:52 am

OmegaGreg wrote:Just glad that I don't live in Japan...or in Asia period. It's too crazy there.


:shock: Wow... really!?....I'm not gonna jump on ya for that, but I as a proud inhabitant of Japan would like to ask you to elaborate on that point.
Ain't no motor like a martyr made motor 'cause a martyr made motor don't quit.
User avatar
LiveTS
 
Posts: 687
Joined: Sun Mar 05, 2006 7:00 am
Location: in a shotgun shack, and I ask myself.

Postby LaX » Mon May 01, 2006 3:15 am

You call this crazy? At least where I live people dont kill for iPods.
User avatar
LaX
 
Posts: 6551
Joined: Sun Oct 23, 2005 7:02 am
Location: One of the multiverses you're not in

Next

Return to Slyck News

Who is online

Users browsing this forum: No registered users and 1 guest

© 2001-2008 Slyck.com