If you can keep it…

“If you can keep it…”

[Editor’s Note: As we’re coming up on the end of the year, we thought it would be appropriate to republish some of our most popular articles from 2017. Today’s was originally published on May 18]

On September 17, 1787 on the final day of the Constitutional Convention in Philadelphia, Benjamin Franklin was approached by a woman as he walked out of Independence Hall.

“Well Doctor, what have we got– a republic, or a monarchy?” she asked.

It was a burning question on everyone’s mind: what form of government would the Constitutional delegates establish for the new country?

Franklin didn’t hesitate. “A republic– if you can keep it.”

(The exchange was noted by Maryland delegate James McHenry and included in the Records of the Federal Convention of 1787.)

Franklin’s answer spoke volumes.

The Constitutional Convention had just ended, and it had been a bitter four months as the delegates fought and argued over every single word in the draft.

Factions had developed. Some delegates wanted a federal government with absolute power. Others wanted fewer guaranteed liberties for individuals.

Franklin knew that the representative government he had worked so hard to establish was incredibly fragile, and that it could easily slip away.

It was the same fight two years later when the 1st United States Congress fought over whether or not to establish a Bill of Rights.

As one delegate wrote, “Bill of Rights– useful, but not essential.”

Once again, after months of bitter arguments, Congress finally reached a compromise in September 1789, approving ten Constitutional amendments that guaranteed certain freedoms for the people.

More than two centuries later it’s clear that most of what they worked to achieve has completely changed.

The First Amendment, which ensures that Congress can make no law restricting freedom of speech, press, religion, and peaceable assembly, has become almost a punch line.

Ironically the greatest assault on Free Speech today doesn’t even come from government, but from university students who protest against any ideas they find offensive.

Violence on university campuses is now common as students come out of their Safe Spaces to physically obstruct and violently impede controversial speakers.

Any statement that doesn’t conform to their very narrow agenda is now considered hate speech.

And it’s the students themselves who want any sign of dissent banned, and more mandatory indoctrination of their newspeak ideology.

Then there’s the Second Amendment, which guarantees “the right of the people to keep and bear arms, shall not be infringed.”

This one seems to be under fire on a regular basis, with mainstream media from Rolling Stone to Vanity Fair calling for its outright repeal.

The Third Amendment guarantees that no soldier shall be quartered in any home without the consent of the owner.

This seems almost a quaint, obsolete historical reference at this point given that the US military hasn’t had to be housed among the civilian population… ever.

So, OK, great. The Third Amendment is still in-tact.

Then there’s the Fourth Amendment, which ensures “the Right of the People to be secure in their houses, papers, and effects, against unreasonable searches and seizures, shall not be violated.”

Forget it. The federal government spends tens of billions of dollars each year to illegally spy on EVERYONE, including Americans and American allies. This one is a total joke.

The Fifth Amendment is a big one.

It ensures that no one can be held to answer for a crime, including a felony, without grand jury indictment.

This protection died a few years ago when Barack Obama signed the National Defense Authorization Act for Fiscal Year 2012, which authorized the military detention of US citizens on US soil, no due process required.

The Fifth Amendment also famously protects against self-incrimination, ensuring that an individual cannot be called as a witness against himself.

This provision is also gone, considering that legal precedent now exists for police to force you to give up your mobile phone or computer password.

The Sixth Amendment guarantees due process, that in a criminal trial, “the accused shall enjoy the right to a speedy and public trial, by an impartial jury. . .”

This is now a complete farce given the widespread use of top-secret FISA courts, military detention facilities, and drone-strike assassinations.

The Seventh Amendment guarantees the right to a jury trial if there’s a dispute over property that exceeds $20.

Now, the $20 threshold might be a little bit outdated (not that there’s any inflation!)

But considering that the government has stolen billions of dollars worth property from Americans through Civil Asset Forfeiture in recent years, all without a trial, it seems the Seventh Amendment isn’t worth the paper it’s printed on.

Then there’s the Eight Amendment, which protects against “cruel and unusual punishment.”

I thought about this one the other day when I was walking through the terminal at DFW International Airport.

A sign caught my eye that as prominent displayed on an emergency exit door, warning passers-by that opening the door was a violation of the law and subject to up to one year in prison.

I was dumbfounded. A year in prison for opening a door?

People go to jail and do hard time for smoking certain plants (but not others), failing to file tax forms, and a number of completely obscure and innocuous crimes.

There were four federal crimes when the Constitution was ratified. Today there are thousands. On any given day you and I probably commit several of them without even knowing. And each comes with absolutely insane penalties.

The reality is that you cannot even apply for a passport anymore in the Land of the Free without being threatened with fines and imprisonment.

Last were the Ninth and Tenth Amendments, which were supposed to limit the power of the federal government in favor of the states and the people.

Those went out the window a LONG time ago, especially after 9/11.

Look, don’t get me wrong: I’m not suggesting that America is some vicious, brutal dictatorship. It’s not.

But anyone who has the courage to be honest and objective can see the obvious decay.

Benjamin Franklin’s warning is coming true. And the trend is accelerating.

Hacker News: Greedy North Korean Hackers Targeting Cryptocurrencies and Point-of-Sale Terminals

korea-hacker-lazarus-ratankba-cryptocurrency

The North Korean hacking group has turned greedy.

Security researchers have uncovered a new widespread malware campaign targeting cryptocurrency users, believed to be originated from Lazarus Group, a state-sponsored hacking group linked to the North Korean government.

Active since 2009, Lazarus Group has been attributed to many high profile attacks, including Sony Pictures Hack, $81 million heists from the Bangladesh Bank, and the latest — WannaCry.

The United States has officially blamed North Korea for global WannaCry ransomware attack that infected hundreds of thousands of computers across more than 150 countries earlier this year.

In separate news, security experts have blamed Lazarus group for stealing bitcoins worth millions from the South Korean exchange Youbit, forcing it to shut down and file for bankruptcy after losing 17% of its assets.

Researchers from security firm Proofpoint have published a new report, revealing a connection between Lazarus Group and a number of multistage cyber attacks against cryptocurrency users and point-of-sale systems.

“The group has increasingly focused on financially motivated attacks and appears to be capitalizing on both the increasing interest and skyrocketing prices for cryptocurrencies,” the researchers said. “The Lazarus Group’s arsenal of tools, implants, and exploits is extensive and under constant development.”

After analyzing a large number of spear phishing emails with different attack vectors from multiple spear phishing campaigns, researchers discovered a new PowerShell-based reconnaissance implant from Lazarus Group arsenal, dubbed PowerRatankba.

Encryption, obfuscation, functionality, decoys, and command-and-control servers used by PowerRatankba closely resembles the original Ratankba implant developed by Lazarus Group.

The PowerRatankba implant is being spread using a massive email campaign through the following attack vectors:

  • Windows executable downloader dubbed PowerSpritz
  • Malicious Windows Shortcut (LNK) files
  • Several malicious Microsoft Compiled HTML Help (CHM) files
  • Multiple JavaScript (JS) downloaders
  • Macro-based Microsoft Office documents
  • Backdoored popular cryptocurrency applications hosted on fake websites
PowerRatankba, with at least two variants in the wild, acts as a first-stage malware that delivers a fully-featured backdoor (in this case, Gh0st RAT) only to those targeted companies, organizations, and individuals that have interest in cryptocurrency.

“During our research, we discovered that long-term sandboxing detonations of PowerRatankba not running cryptocurrency related applications were never infected with a Stage2 implant. This may indicate that the PowerRatankba operator(s) were only interested in infecting device owners with an obvious interest in various cryptocurrencies,” reads the 38-page-long report [PDF] published by Proofpoint.

Once installed, Gh0st RAT allows cybercriminals to steal credentials for cryptocurrency wallets and exchanges.

It’s notable that PowerRatankba and Gh0st RAT don’t exploit any zero-day vulnerability; instead, Lazarus Group relies on mixed programming practices, like C&C communication over HTTP, use of Spritz encryption algorithm and the Base64-encoded custom encryptor.

“It is already well-known that Lazarus Group has targeted and successfully breached several prominent cryptocurrency companies and exchanges,” the researchers say. “From these breaches, law enforcement agencies suspect that the group has amassed nearly $100 million worth of cryptocurrencies based on their value today.”

Besides stealing cryptocurrencies, the group was also found infecting SoftCamp point-of-sale (POS) terminals, largely deployed in South Korea, using RatankbaPOS malware for stealing credit card data.

Since RatankbaPOS was sharing same C&C server as the PowerRatankba implant, it is believed that both the implants are linked to Lazarus Group.

The explosive growth in cryptocurrency values has motivated not only traders but also hackers to invest all their time and resources in making digital wealth.

More details about the new malware campaigns run by Lazarus Group can be found in the in-depth report [PDF], titled “North Korea Bitten by Bitcoin Bug—Financially motivated campaigns reveal a new dimension of the Lazarus Group,” published by PowerPoint on Wednesday.

Mohit Kumar - Hacking News
      
Entrepreneur, Hacker, Speaker, Founder and CEO — The Hacker News and The Hackers Conference.

Hacker News: Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites

popular-wordpress-plugin

Buying popular plugins with a large user-base and using it for effortless malicious campaigns have become a new trend for bad actors.

One such incident happened recently when the renowned developer BestWebSoft sold a popular Captcha WordPress plugin to an undisclosed buyer, who then modified the plugin to download and install a hidden backdoor.

In a blog post published on Tuesday, WordFence security firm revealed why WordPress recently kicked a popular Captcha plugin with more than 300,000 active installations out of its official plugin store.

While reviewing the source code of the Captcha plugin, WordFence folks found a severe backdoor that could allow the plugin author or attackers to remotely gain administrative access to WordPress websites without requiring any authentication.

The plugin was configured to automatically pull an updated “backdoored” version from a remote URL — https[://]simplywordpress[dot]net/captcha/captcha_pro_update.php — after installation from the official WordPress repository without site admin consent.

wordpress-plugin

This backdoor code was designed to create a login session for the attacker, who is the plugin author in this case, with administrative privileges, allowing them to gain access to any of the 300,000 websites (using this plugin) remotely without requiring any authentication.

“This backdoor creates a session with user ID 1 (the default admin user that WordPress creates when you first install it), sets authentication cookies, and then deletes itself’” reads the WordFence blog post. “The backdoor installation code is unauthenticated, meaning anyone can trigger it.”

Also, the modified code pulled from the remote server is almost identical to the code in legitimate plugin repository, therefore “triggering the same automatic update process removes all file system traces of the backdoor,” making it look as if it was never there and helping the attacker avoid detection.

wordpress-plugin-hack

The reason behind the adding a backdoor is unclear at this moment, but if someone pays a handsome amount to buy a popular plugin with a large user base, there must be a strong motive behind.

In similar cases, we have seen how organized cyber gangs acquire popular plugins and applications to stealthy infect their large user base with malware, adware, and spyware.

While figuring out the actual identity of the Captcha plugin buyer, WordFence researchers found that the simplywordpress[dot]net domain serving the backdoor file was registered to someone named “Stacy Wellington” using the email address “scwellington[at]hotmail.co.uk.”

Using reverse whois lookup, the researchers found a large number of other domains registered to the same user, including Convert me Popup, Death To Comments, Human Captcha, Smart Recaptcha, and Social Exchange.

What’s interesting? All of the above-mentioned domains booked under the user contained the same backdoor code that the WordFence researchers found in Captcha.

WordFence has teamed up with WordPress to patch the affected version of Captcha plug-in and blocked the author from publishing updates, so websites administrators are highly recommended to replace their plugin with the latest official Captcha version 4.4.5.

WordFence has promised to release in-depth technical details on how the backdoor installation and execution works, along with a proof-of-concept exploit after 30 days so that admins get enough time to patch their websites.

Swati - Hacking News
Technical Writer, Security Blogger and IT Analyst. She is a Technology Enthusiast with a keen eye on the Cyberspace and other tech related developments.

Former Asst. FBI Director: Clinton Crimes 20 Times Bigger than Watergate

Former Assistant FBI Director James Kallstrom unloaded on James Comey, Robert Mueller, Hillary Clinton, and Barack Obama Thursday, charging that major crimes “20 times bigger than Watergate” are being swept under the rug while Attorney General Jeff Sessions “is in a coma.”

Appearing on Fox News’ Varney & Co., Kallstrom told the host that it “was obvious to anybody that knows anything” that former President Barack Obama was not going to let James Comey indict Clinton.

“It turns out — unfortunately — he was a political hack,” Kallstrom said flatly. “I think he maybe started out in an honorable way. His opinion of himself is sky high —  just an unbelievable guy with just an arrogance about him…. It got him in trouble because I think he thought he was Superman and he found out that he wasn’t.”

Kallstrom blamed the Clintons for Comey’s descent into hackery.

“The dogs are always going to bite your heels when you’re dealing with the Clintons,” he explained. “Look how long the public, the American people have been dealing with the crime syndicate known as the Clinton Foundation… just look at what’s in the public domain. The Clintons have been taking advantage of their stations in life for so long.”

“Back in ’95, ’96 — somewhere around there — Bill Clinton let our guidance technology for our ICBM missiles go to China. Things like this that are very devastating,” he pointed out.

And then a few years down the road, “we sell 20 percent of our uranium,” Kalstrom added, referencing the corrupt Uranium One deal that routed millions of Russian dollars to the Clinton Foundation during the time Secretary of State Hillary Clinton served on the federal government’s Committee on Foreign Investment.

Kallstrom also questioned why Deputy Attorney General Rod Rosenstein was appointed to his position.

“What does he do as soon as he gets in there? He appoints a special counsel. Who is it? It’s Bob Mueller. Roll the tape backwards. Bob Mueller is the FBI director, Rosenstein is the U.S. attorney in Baltimore prosecuting people involved in this case.”

Kallstrom charged that Rosenstein was basically put in place at the DOJ by the Democrats, complaining that Sessions was forced to recuse himself while “this huge forest fire is burning up his real estate.”

“You don’t have to put your brother in there like Kennedy did,” he noted. “But put somebody in there that agrees with the policies you’re trying to put together. Then Rosenstein throws this hand grenade at you by naming this counsel — which is B.S. — and putting Mueller, who has a conflict of interest 20 miles wide, in on the job.”

He added, “I don’t know if it’s a conspiracy, but it sure smells like one.”

Kallstrom pointed out that just “the unmaskings of names alone is a major scandal.” Requests to identify Americans whose names surfaced in foreign intelligence reporting — known as unmasking — was done at a freakishly rapid rate in the final months of the Obama administration.

“We got all these major crime things bubbling – all of which were 20 times bigger than Watergate! And nothing seems to be happening… the attorney general is in a coma!” he said.

“Clinton cabal is GOING DOWN!” says Frm. FBI Asst. Director

Former FBI assistant director James Kallstrom has come forward and revealed that the Clinton Foundation’s crimes will soon be exposed by “patriots” fighting back against the FBI’s anti-Trump “cabal.”

Kallstrom, a 27-year veteran of the FBI, said that investigators are sick of the nonsense.

“99 percent of the people in the FBI are doing a fantastic job,” Kallstrom said during an interview with New York radio host John Catsimatidis last Sunday. “It’s a small cabal of people running the FBI, the James Comey sycophants” that are sabotaging the organization’s Clinton investigations.

But that’s going to end soon, Kallstrom revealed.

Talking to Fox Business Network’s Stuart Varney on Monday, Kallstrom claims there’s an organized movement of “patriots” within the FBI that are going to strike back — and their plan is already in motion.

Discussing the political bias at the top of the FBI, Varney summarized Kallstrom’s warnings about special counsel Robert Mueller’s investigation.

“I have said in my opinion there is a cabal active within the FBI and the Justice Department … which hates Trump, which protected Hillary Clinton and tried to bring down Donald Trump,” Varney said to Kallstrom. “That is an extraordinary story of interference in an American presidential election.”

“Without question that’s what it was. Just like the whole ‘so-called’ Clinton investigation, it was phony from the beginning,” Kallstrom said. “No grand jury, giving witnesses immunity, putting all the subjects in one room at the same time. I mean it’s crazy. It’s nuts what they did!”

Kallstrom said morale among the honest FBI agents is dangerously low, and that patriots within the organization are fed up.

“Well I think there’s a lot of patriots that have had it up to here with what’s going on, and they’re going to step forward and tell people what the shenanigans have been,” Kallstrom said, specifically mentioning how this FBI cabal “shut down the Clinton Foundation investigation” and turned the FBI investigations into politically-motivated witch hunts.

Would you support a change in FBI leadership… and Hillary Clinton’s immediate arrest?

Watch Kallstrom’s stunning reveal below, then share your opinon  —

 

The Horn News