Wednesday, July 30, 2014

Nigerian 419 scammers diversifying into Trojan malware, finds Palo Alto

A Nigerian cybercrime gang versed in 419 social engineering scams has diversified into using off-the-shelf RAT tools to attacks Taiwanese and South Korean businesses, according to researchers working for Palo Alto Networks.

Dubbed ‘Silver Spaniel’, the firm’s report on the gang offers an interesting insight into the software innovations that have turned malware attacks into a global cottage industry far beyond its assumed heartlands of Russia and China.

The group started targeting around 20 organisations in Asian countries in May using attachments and social engineering to trick people into loading popular Remote Access Trojans (RATs), including the multi-platform NetWire and DarkComet as well as the DataScrambler AV evasion tool. The object appears to be to steal logins for anything and everything.

This isn’t a sophisticated MO but it doesn’t have to be; according to Palo Alto only two of 51 anti-virus engines on VirusTotal detected the attachment’s executable as being suspicious thanks to automated polymorphism that cranks out numerous variants of the same malware.

It’s also slapdash in ways that would have practiced cybercriminals frowning, revealing command and control IP addressed leading to Nigerian mobile networks. The company hasn’t traced these to specific individuals but concludes that the perpetrators feel that there is little chance of detection and so don’t bother to hide their general origin.

This brazen attitude is demonstrated by the example of a named Nigerian (not necessarily connected to Silver Spaniel but who has allegedly used 419s) who feels confident enough to post queries about specific RATs using a real Facebook profile.

“These Silver Spaniel malware activities originate in Nigeria and employ tactics, techniques and procedures similar to one another. The actors don’t show a high level of technical acumen, but represent a growing threat to businesses that have not previously been their primary targets,” said Palo Alto’s Unit 42 intelligence director, Ryan Olson.

The gang either wasn’t particularly techie or simply didn’t care whether people knew who they were because their chances of being caught were slim, he said.

The larger point is that the tools on offer are powerful enough to evade AV, can be rented on one PC for as little as $40 for six months and can be used to pave the way for more complex payloads. Low-level criminals tiring of trying to make a living using well-rehearsed but increasingly ineffective 419 email scams have noticed the new opportunity.

Named after the section of the Nigerian penal code covering fraud crime, people wrote off 419 scams as ludicrous and yet they worked for years. Now the same Nigerian industry seems to be trying its hand at more complex malware.

View the original article here

HP invests in Hortonworks' Hadoop

Hewlett-Packard is betting $50 million that its customers will find value in the Hadoop data processing platform, by investing in Hadoop distributor Hortonworks.

The two companies will also partner on sales calls and formulate an architecture for incorporating the Hortonworks' Hadoop distribution into HP's data processing stack, called HAVEn.

"We've never really sold Hadoop, nor supported it directly. To date, we'd meet with a Hadoop vendor and take the deal to market. What's different about this strategic partnership is that we're now committing to resell the Hortonworks Data Platform as part of HAVEn, and support it as well," said Colin Mahony, HP general manager for the company's Vertica analytic database management software.

When implementing a large-scale data processing platform, enterprises would prefer to have a single vendor to deal with, rather than multiple vendors that each contribute a piece to the overall system, Mahony said.

In addition to the investment and joint engineering work, HP Chief Technology Officer Martin Fink will join Hortonworks board of directors , so the two companies can work closely when formulating Hadoop strategies.

First developed at Yahoo, Hadoop provides a way to store massive amounts of unstructured data that can be analyzed on the fly. It has found a home in many large Internet services, which collect so much data from users that it would be infeasible to store and analyze that data through the traditional technologies of SQL databases and commercial data warehouses.

One of the chief distributors of Hadoop, Hortonworks was founded by a number of engineers who worked on the original Yahoo implementation of Hadoop. Since its creation in 2011, Hortonworks has formed partnerships with Microsoft, SAP and Red Hat, among other enterprise software vendors.

The partnership will give Hortonworks a broader potential customer base, said Hortonworks CEO Rob Bearden.

The partnership will fill out the HP's HAVEn stack. HAVEn stands for Hadoop, Autonomy, Vertica and enterprise security. The "n" stands for any number of enterprise applications that can be built on top of the data processing platform.

HP will also start working on connectors to better pair Vertica with the Hadoop YARN (Yet Another Resource Negotiator) management console. HP already has software that allows users to run Vertica commands against data stored on Hadoop systems and this work will ensure that Vertica's view of Hadoop data will stay fully synchronized with what the Hadoop console sees.

Joab Jackson covers enterprise software and general technology breaking news for The IDG News Service. Follow Joab on Twitter at @Joab_Jackson. Joab's e-mail address is

View the original article here

EE aims for 6m 4G customers by end of 2014

EE announced today that it doubled its 4G customer base to 4.2 million in the first half of 2014, adding that it wants to get six million 4G subscribers on its books by the end of the year.

The UK mobile giant, which revealed the numbers in its half-year report out today, added that it acquired 1.3 million new 4G customers in the second quarter of 2014 - the most ever by a European operator, it claimed.

The surge in 4G customers was attributed as one of the key drivers for a 1.3 percent rise in the company’s operating revenue in the first half of the year, which climbed to £3 billion.

EE also claimed that 5,500 corporates are now using its 4G network, including a handful of new customers such as Deloitte and Essex Police. 

On new B2B customers, EE said 88 percent had opted for contracts on its faster 4G network in the first half of the year.

As the company published its results, it was keen to tout the beneifts that can be recognised by businesses that move to 4G. Drawing on evidence from a survey carried out by market researcher Taylor Nelson Sofres (TNS), EE said 77 percent of its 4G business customers believe they are more productive than they are on 3G, while 38 percent get at least a quarter more done and 16 percent said 4G doubled their productivity. 

“Today’s results demonstrate that consumers and businesses are responding to our strategy to provide the UK’s biggest, fastest and most reliable network,” said EE CEO Olaf Swantee. “We are delivering on our goals to rapidly transition our pay monthly customer base to 4G, generate significant merger cost savings and improve our EBITDA margin performance.”  

Earlier this year, EE was voted as the UK’s leading mobile operator by mobile performance analysts, Rootmetrics.

View the original article here

Apple losing its grip as top tablet company

Apple's grip on the tablet is loosening, with the iPad losing ground during the second quarter this year to Android and Windows tablets.

Meanwhile, total tablet shipments declined by 1.5 percent from the first quarter, though IDC said that it "believes the market will experience positive but slower growth in 2014 compared to the previous year."

Worldwide tablet shipments totaled 49.3 million units during the second quarter, increasing by 11 percent compared to the same quarter the previous year, according to research released by IDC on Thursday.

Apple held on to the top spot, but Samsung, Lenovo and Asus are slowly creeping up in market share. Apple tablet shipments totaled 13.3 million units, declining by 9.3 percent year over year. The company held a 26.9 percent market share.

The tablet market is entering a "new phase" in which smaller vendors are levelling the playing field and market share, said Jitesh Ubrani, a research analyst at IDC, in a statement.

Apple and analysts have attributed the iPad decline to economically weak markets and slow refreshes of tablets on the part of users, who are on to devices for longer-than-expected periods.

Last week Apple and IBM struck a deal to jointly sell the iPhone and iPad to big companies. Enterprise-specific tablet offerings could boost iPad sales in the second half, said Jean Philippe Bouchard, research director for tablets at IDC.

Apple's biggest threat is Samsung, which sold 8.5 million tablets during the second quarter, raising its market share by 1.6 percent year over year. Shipments from third place Lenovo rose year over year by 64 percent to 2.4 million units, overtaking fourth place Asustek, whose shipments totaled 2.3 million units, rising by 13.1 percent. In fifth place was the struggling Acer, whose shipments declined by 36.3 percent.

Outpacing the top five tablet companies combined, in terms of market share growth, was the group of "other" companies, which includes Google, Amazon and other no-name vendors selling unbranded tablets at low prices. The shipments of low-cost Android tablets has grown in developing countries, and has been instrumental in bringing tablet prices down.

IDC's quarterly tablet numbers also count hybrids with detachable screens that can function as tablets.

Agam Shah covers PCs, tablets, servers, chips and semiconductors for IDG News Service. Follow Agam on Twitter at @agamsh. Agam's e-mail address is

View the original article here

Baidu reports strong mobile ad sales, echoing Facebook

Chinese search giant Baidu reported a 34 percent jump in profit for the second quarter, with mobile ad sales accounting for almost a third of revenue for the first time.

Baidu's profit reached 3.5 billion yuan (US$571 million) for the quarter, while revenue soared 59 percent to 12 billion yuan, at the upper end of its forecast.

Mobile made up 30 percent of revenue, which was a first for the company, CEO Robin Li said in a statement. A day earlier, Facebook said it more than doubled its profit in the second quarter, with mobile a big factor.

The results show Baidu's profit engine moving back into high gear. Last year its earningsgrowthslowed as the company increased spending to develop and promote new products.

Most of Baidu's revenue comes from online ads, and it's trying to squeeze more from mobile as more Chinese turn to smartphones to get online.

Baidu says it's China's top provider for mobile search, mobile mapping and app distribution. But it faces increased competition from local rivals like Alibaba Group and Qihoo 360, whose search products are growing in popularity.

Since last year, Baidu has spent a lot more on research and development and on marketing. In the quarter just ended, R&D expenses increased 85 percent year over year, while general and administrative expenses doubled. Most of that G&A increase was for promoting mobile products, it said.

In the current quarter, Baidu expects revenue to reach as high as 13.8 billion yuan, an increase of 55 percent from last year.

View the original article here

Tuesday, July 29, 2014

US Social Security Administration spent nearly $300M on IT project 'boondoggle,' lawmakers say

The U.S. Social Security Administration has spent nearly US$300 million on a software system for processing disability claims that still isn't finished and has delivered limited useful functionality, according to an independent report on the project.

The U.S. House Oversight and Government Reform Committee this week released a copy of the study, which the SSA commissioned McKinsey to develop.

While the report was finished in June, SSA officials placed "a very close hold on the report with the goal of ensuring details about its findings remain secret until after Senate confirmation of Acting Commissioner Carolyn W. Colvin as Commissioner," three Republican members of the committee alleged in a letter, citing unnamed "whistleblowers." The letter was signed by committee Chairman Darrell Issa of California, James Lankford of Oklahoma, and Jim Jordan of Ohio.

The committee member's sources also said Colvin's chief of staff warned SSA employees "not to inquire about the report or even discuss its existence until later this year," the letter adds. "We find these allegations deeply disturbing."

"It is concerning that while you and other agency officials routinely testify that the agency needs more funding from Congress, the agency wasted nearly $300 million on an IT boondoggle," the letter adds.

The SSA didn't respond to a request for comment Thursday. But Terrie Gruber, whom Colvin appointed leader of the project last month, told the Associated Press that the SSA "asked for this, this independent look, and we weren't afraid to hear what the results are."

"We are absolutely committed to deliver this initiative and by implementing the recommendations we obtained independently, we think we have a very good prospect on doing just that," Gruber told the AP.

The SSA has spent $288 million during a six-year period on the project, which is called DCPS (Disability Case Processing System), according to the McKinsey report.

It cites a number of reasons for the project's woes, including "suboptimal system design" and little engagement with users after the initial design phase, resulting in "substantial quality and usability problems."

As of its beta release 4, the system will still have more than 380 outstanding problems, according to the study.

The project has seen years of delays, with the current projected date for a 1.0 product now sometime in 2016, according to a chart in the report.

However, without a "significant reset" of the project, even that time frame is likely underestimated, the report states.

On the other hand, DCPS "has the potential to drive tremendous value" by cutting costs and improving disability case processing, it adds. There's also "palpable" excitement for the project among the individuals involved in it, according to the report.

McKinsey suggested a number of changes and fixes to the project, including the appointment of a "single accountable executive" and the adoption agile software development methodologies. The firm also suggested the SSA determine a "next best alternative" to the current system, including commercial off-the-shelf software.

Lockheed Martin was selected as the prime contractor on DCPS in 2011. At the time, the contract was valued at $200 million. A Lockheed Martin spokesman didn't immediately respond to a request for comment Thursday.

The House Oversight Committee's letter is "sensationalized" and tinged with political overtones that obscure a broader truth about wasteful government spending on IT, said analyst Michael Krigsman, CEO of consulting firm Asuret and an expert on why software projects struggle and sometimes fail altogether.

"I agree that it needs to be investigated," Krigsman said. "But it's a witch hunt, looking for an individual witch in a city of witches. Why this one? There are a lot of bigger fish to fry."

Krigsman pointed to the Air Force's now-defunct ERP project, which rang up some $1 billion in costs before being tossed on the scrap heap. A Senate panel announced last year that it would launch a probe into that project.

"I think it's wonderful the committee is taking a close, hard look at [DCPS]," he said. "But I wonder why. If you want to make an example of something, this may not be the best choice."

In any case, "the real question is, when will overseers adopt a systematic and consistent approach to reducing IT-related waste, rather than the ad hoc examinations that seem to be the case today," Krigsman added.

Chris Kanaracus covers enterprise software and general technology breaking news for The IDG News Service. Chris' email address is

View the original article here

Wolfram fortifies SystemModeler with more libraries

Hydraulic actuators, battery stacks, biochemical systems and disease propagation are but a few things that now can be modeled more easily, thanks to a number of libraries and a library store that Wolfram Research has created for a new edition of its SystemModeler software package.

Wolfram SystemModeler 4.0, also comes with improved interfaces for building models, as well as better documentation and integration with Wolfram's flagship Mathematica mathematical computing software.

SystemModeler provides a way for engineers and designers to create models of complex systems, as well as to simulate how such systems could run, using time-lapse visualizations. Wolfram obtained the SystemModeler code from MathCore Engineering, a company it purchased in 2011.

The company has since been building up the libraries to cover the many potential engineering and scientific uses for the software. A library provides the functionality for describing specific physical or mathematical properties, so they can be rendered correctly in a visual model.

In the field of electronics for instance, the updated software now has libraries for modeling digital electronics in the VHDL standard, for modeling multiphase electrical machines, and for the approximate modeling of large analog circuits.

Wolfram has also opened an app store of sorts, an online repository of paid and free third-party libraries for SystemModeler. Each library has been tested by Wolfram.

At the SystemModeler Library Store, you will find a US$995 library for modeling hydraulics in pumps, motors, actuators, cylinders, valves and other components. Another library, priced at $7,185, can aid in the design of automotive cooling systems.

SystemModeler is one of a number of software programs designed to help engineers visually model complex systems. Others include Maplesoft's MapleSim and Simulink, from MathWorks.

Joab Jackson covers enterprise software and general technology breaking news for The IDG News Service. Follow Joab on Twitter at @Joab_Jackson. Joab's e-mail address is

View the original article here