• United States



Hacker claims to have breached & backdoored antivirus software firm Trend Micro

Jul 01, 20124 mins
CybercrimeData and Information SecurityData Breach

A hacker claims to have breached and backdoored security and antivirus software firm Trend Micro due to 'pseudo-security' as well as SYKES which runs support services for Trend Micro. According to Pastebin and a dump for 'proof' of the breach, the hacker claims to still be in control of a backdoor into the security firm.

Antivirus and security firm Trend Micro was the latest victim in what seems like never-ending hacks, dumps and hacker wars. Also named was SYKES, a company that allegedly runs support services for Trend Micro. The SYKES site states that it is “a global leader in providing customer contact management solutions and services in the business process outsourcing (BPO) arena.”

@OfficialComrade tweeted a Pastebin link that claims Trend Micro now has a backdoor that the hacker controls and the companies were targeted due to their “pseudo-security.” It also linked to a 156MB dump that when unzipped is about 492MB and contains 28 DBX files.

The Pastebin states:

Trendmicro & Sykes is a Global Business and Antivirus suite, we’ve targeted them due to their constant lash of pseudo-security. We’ve even got a homebox backdoored. It wasn’t necessarily a matter of priorities, Trendmicro & Sykes are both successful companies and depending on how you look at it, the service does benefit the head of the Internet. Owning Trendmicro & Sykes wasn’t a priority of ours. However, if it was, they would have dug their burial site sometime ago. Sliding towards more recent events, today is June 30th, 2012 and absurdly, I’m monotonous. Why? Because Nowadays, it seems as if everybody is widely concerned with notoriety. New ‘groups’ are emerging, more ‘pigments’ are being infiltrated by demented teenagers so they could feel better about themselves, etc. My demands are written on the palm of my hands; stop. You’re a nuisance. Sliding back to the whole Trendmicro & Sykes testament, we don’t want to be compete pr*cks, so for the companies’ sake, we’ll take baby steps on this one. We’ll release every inch of their Email Database; Inbox, Drafts, Sent Items, Deleted Items, Attachments, and all content in all folders. You’ll need a .dbx file viewer to see the content.

While sending winks to the feds via Twitter and Pastebin, @OfficialComrade also released what he calls “proof” of exploiting Bangkok cell towers. The dump references the hacking group and individuals in UGNazi, the hacktivist group who admitted attacking 4chan, CloudFlare, even tossed in the Wounded Warrior Project simply because they disliked The Jester. That, as well as other high profile hacks for profit, snapped a trap around alleged hacker/cybercrook, “Mir Islam, known online as ‘JoshTheGod,’ who law enforcement said admitted to helping UGNazi. In turn, Softpedia reported The Jester took credit for UGNazi’s leader being arrested for suspected credit card fraud.

Last week, the FBI arrested “24 suspected hackers in a sting operation spanning four continents that targeted online financial fraud of stolen credit card and bank information.” Reuters reported that Islam “was charged with trafficking in 50,000 stolen credit card numbers. Authorities said Islam had admitted to helping emerging hacker outfit UgNazi, which said it had launched a cyberattack against the microblogging platform Twitter.”

Like this? Here’s more posts:
  • The more you encrypt, the more the government breaks into your cloud
  • Study Finds 1 in 2 Americans are ‘Clueless’ about Webcam Hacking
  • Track the trackers with Collusion: Interview with Mozilla’s Ryan Merkley
  • Microsoft ‘sorry’ for raunchy Windows Azure video with dancing girls, bad sexual lyrics
  • Sanitize Microsoft Office: How to remove personal metadata
  • The Future of Drone Surveillance: Swarms of Cyborg Insect Drones
  • Male or female, who’s the better social engineer? Battle of the SExes!
  • Newest Creepy Way to Frame Your Boss on Facebook?
  • Is Microsoft right and W3C wrong about Do Not Track being turned on by default?
  • NSA claims it would violate Americans’ privacy to say how many of us it spied on
  • Bill proposes to protect Americans’ privacy from warrantless drone surveillance
  • Feds investigate who leaked classified Stuxnet cyberattack details to NYT
  • LinkedIn lawsuit, stealing your password via LinkedIn phishing, password reuse
  • Going Dark in the Golden Age of Cyber-Surveillance?
  • FBI Creates Surveillance Unit to Build Backdoors into the Web

Follow me on Twitter @PrivacyFanatic

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.