Chrome and Firefox remove MYWOT extensions for selling your identity and browsing habits

Chrome and Firefox remove MYWOT extensions for selling your identity and browsing habits

If you use the MyWOT (WOT, or Web Of Trust) extension for Google Chrome, Mozilla Firefox, and other internet browsers, there is a good chance that you your “very” personal information was sold off to third-parties. This includes your identification, the things you search for online, and the websites you visit. A recent investigation by German public broadcaster NDR revealed that MyWOT has been selling user information to third-parties without properly anonymizing it. In many cases, the user’s real identity and details about their browsing habits were exposed.

mywot

The German broadcaster’s reporters were able to get access to data samples that contained ten billion URLs WOT users had accessed. NDR reporters discovered information about police investigations, a judge’s sexual preferences, and user searches for drugs, prostitutes, and medical issues. This means that MYWOT has been selling your information to interested third-parties for quite some time and that the information sold to unknowns is cause for concern.

WOT claims to scramble user data in order to hide their identities; However, NDR reporters said it was very easy to identify clues in the URLs that connected the link with a username, email address, or name.

The NDR report that aired on November 1, 2016 provided evidence that WOT failed to properly anonymize the data and was also selling it to interested third-parties. The WOT Privacy Policy stated that WOT may “share” user data with its parent company and partners, but did not mention anything about “selling.”

Following the report, WOT posted the following statement in their forum on November 2:

Dear users,
We take our users’ privacy rights very seriously, and for that reason we go to great lengths to anonymize and aggregate the data we collect to run our service, and we of course never license or disclose user registration information.
If there have been instances where any information was not adequately anonymized and protected, we will of course look into it and, where necessary, take measures to ensure adequate protection for our users. We appreciate the users who have contacted us and brought this to our attention.
We will continue to proudly protect our users from countless online threats as we have for the past decade.
WOT statement

mywot extensions

After the NDR report started to gain attention in the international press, both Google and Mozilla removed the WOT Chrome and Firefox extensions from their repositories on Saturday, November 5th citing lack of transparency between the extension’s actions and its Privacy Policy.

This type of behavior from MYWOT comes as no surprise to the internet security and information community. In 2012 it was discovered that MYWOT had purchased fake Facebook likes and Twitter followers to boost their online reputation and we published an article about it (which has been removed). MYWOT employees, power-users, and co-founder Sami Tolvanen found the article and immediately started to retaliate. MYWOT employees, power-users, and Sami Tolvanen himself went as far as to publish my home address, the addresses of my neighbors, images of my house, and other personal information of mine in MYWOT comments and on third-party websites. In the industry this is known as “doxing.” Furthermore, within 30 minutes after we published the article our reputation on MYWOT went from 100% to below 50%.

This is just one example that proves how the MYWOT reputation and rating system is flawed and adds no value to anyone who uses it. Along with the current NDR report and the history of MYWOT it should be concluded that the MYWOT website and extensions are a malicious.

How to download the Ashley Madison list of released names

How to download the Ashley Madison list of released names

On August 18th, 2015 hackers known as the Impact Group released personal details about Ashley Madison customers in a 10-gigabyte torrent file. This guide will show you how to download and view the names of Ashley Madison customers that were leaked on the internet. To view the Ashley Madison list of released names you will need to download and install a P2P client like BitTorrent or Vuze by Azureus (Vuze or Vuze Lite), and you will need to eventually download a torrent and view the files inside.

ashley madison list

Before you visit a torrent website we suggest that you install an add-on or extension which can be used to block advertisements on the torrent website. The torrent itself is harmless; However, many torrenting websites often contain questionable advertisements and pop-up ads that can get in the way. Add-ons and extensions we recommend are AdBlock and AdBlock Plus.

The Ashley Madison database shows a lot of personal information. It can tell you if a person was listed as a married “male seeking male” with a “someone I can teach” sexual fantasy looking for a “boy next door.” Or an “attached female seeking male” with a “spanking” fantasy seeking “a Don Juan.” The listed sexual fantasies range from master and slave relationships to cross dressing and exhibitionism. You can also find contact information such as email addresses and home addresses, as well as credit card data. Keep in mind that the website allows customers to use a fake name and email address.

How to download the Ashley Madison list of names

1. Download and install a P2P client such as BitTorrent (bittorrent.com), uTorrent (utorrent.com), or one of the Vuze clients (vuze.com).

Ashley Madison list of released names

2. Open your internet browser and go to the URL below:

https://thepiratebay.vg/torrent/12237184/The_Complete_Ashley_Madison_Dump_from_the_Impact_Team

3. To download the Ashley Madison torrent titled “The Complete Ashley Madison Dump from the Impact Team” click the “GET THIS TORRENT NOW” link with the magnet image. The Ashley Madison torrent will automatically download but you may be presented with a notification from your client. Make sure to read any notifications carefully and ensure that the torrent has begun to download.

4. Open the torrent file when it has completed downloading in your P2P client. A suggestion to find the file on your computer is to right click the torrent in your client and select a “view file location” option.

Hackers release Ashley Madison user data on dark web

A month after Ashley Madison was hacked by a hacker ground known as “The Impact Team” user information has been posted on the web in the form of a large 10-gigabyte torrent file. The 10g file contains sensitive information about Ashley Madison users including e-mails, member profiles, and credit-card transactions and more.

Hackers release Ashley Madison user data on dark web

A hacker group called The Impact Team claimed credit for last month’s hack on AshleyMadison and its companion site Established Men, as well as gaining access to the databases of Avid Life Media (ALM), the company that owns the two websites. The Impact Team said they had gained access to a large amount of data from their hack. This includes user profiles and financial records to ALM salary information. The Impact Team also claimed responsibility for today’s information leak on the dark web.

The Impact Team initially demanded that ALM take AshleyMadison and Established Men permanently offline, or else they would release customer records and profiles, including real names and customers’ “secret sexual fantasies” and they were true to their promise.

Ashley Madison user data

https://thepiratebay.vg/torrent/12237184/The_Complete_Ashley_Madison_Dump_from_the_Impact_Team

In a statement attributed to The Impact Team on Tuesday, the hacker group said, “Find yourself in here? It was ALM that failed you and lied to you. Prosecute them and claim damages. Then move on with your life. Learn your lesson and make amends.” The group went on to further say that Avid Life Media has failed to take down Ashley Madison and Established Men and that they have explained the fraud, deceit, and stupidity of ALM and their members. Now everyone gets to see there data.

ALM media has told various sources that they are actively monitoring and investigating this situation to determine the validity of any information posted online and will continue to devote significant resources to this effort. Furthermore, they claim that they will continue to put forth substantial efforts into removing any information unlawfully released to the public, as well as continuing to operate our business. However, one thing that I personally know is that if this information was released to various torrent websites there is not much anyone can do about getting the leaked information removed from the web. The information is already in the hands of people you do not want to have it and most torrent websites can handle these types of threats without getting shut down.

Lists of email addresses of AshleyMadison users are currently being circulated on social media websites and other locations on the web. Several email addresses appear to be connected to members of different governments, including the UK government, but are likely to be fake. It should be noted that the site doesn’t require email verification, which could mean that many of the emails used are fake or previously compromised. A Twitter user has said “Did you know 15,000 email addresses found in the Ashley Madison hacker data dump contained .mil or .gov addresses?”

John McAfee arrested on DUI, gun charges in Tennessee

John McAfee arrested on DUI, gun charges in Tennessee

Legendary developer of the first commercial Antivirus program and Tennessee resident John McAfee was arrested over the weekend in Henderson Country on DUI and gun charges.

John McAfee arrested

John McAfee was taken into custody around 8:45 p.m. Sunday on Highway 22 and is charged with DUI and possession of a firearm while intoxicated, according to the Tennessee Highway Patrol.

McAfee has admitted to driving under the influence of Xanax but said his doctor failed to warn him of its side effects.

“Yes, I was arrested while under the influence of Xanax,” he said. “It was a brand new prescription received the same day of the arrest, and the physician neglected to warn me about driving while taking it.

“As to the weapons,” McAfee continued, “I always carry them and, unless one is impaired, they are legal to possess and carry.”

McAfee’s Facebook account initially said that he had ended up in a short shootout with the police before running out of ammunition, surrendering, and joking with his arresting officers about how terrible his aim had been. However, McAfee later denied a shootout actually took place and said he was just joking.

Avira partners with Yet Another Cleaner, can no longer be trusted

Avira partners with Yet Another Cleaner, can no longer be trusted

Avira partners with Yet Another CleanerAvira has recently partnered with scam artists and developers of rogue programs, Yet Another Cleaner, and can no longer be trusted. Yet Another Cleaner is known for being a fraud tool and rogue program. In 2015 YAC was caught stealing Malwarebyte’s database, which caused YAC to lose their OPSWAT certification. Furthermore, YAC stole their interface from Qihu 360 Software Co. Limited 360 total security software.

YAC is a rogue program that most people find on their computer by accident and without their consent. Additionally,the same users have complained that YAC is very difficult to remove and will not uninstall through Windows Control Panel. This is just one very common problem with YAC.

To make matters worse, YAC’s website contains a dishonest, misleading, slanderous, and utterly ridiculous content designed to slander their competitors and trick unsuspecting victims into thinking their content is legitimate and their product is safe to use.

YAC brings nothing to the table for Avira. YAC obtains their database via theft. As previously mentioned, YAC had stolen the Malwarebytes database and tried to pass it off as their own. YAC also steals content from bloggers. For example, we could write an article titled “How to remove the Mickey Mouse virus” (which doesn’t exist) and YAC will copy our article and claim that they include the “Mickey Mouse virus” in their database – even though the virus does not exist.

The Avira and YAC partnership was a bad move by Avira who now teams up with scam artists and developers of malware, which makes their Avira Antivirus product untrustworthy.

Reports raise the possibility of ‘medical zero day’ attacks

Reports raise the possibility of ‘medical zero day’ attacks

According to a new study by the Atlantic Council, the Brent Scowcroft Center on International Security, and Intel Security medical zero day might just be a possibility in the future. The study claims that malicious actors could soon have the same in the health care industry as they do elsewhere. The medical zero day report also says that “we could soon see a booming market in medical zero-day exploits, a security hole known to the attackers and for which there is no defense.”

New Router Malware Injects Google Analytics With Porn Ads

New Router Malware Injects Google Analytics With Porn Ads

A new variant of malware that affects internet routers and Google Analytics has been discovered. The new router malware is designed to inject questionable ads and pornography into the websites you visit. The new malware modifies the affected router’s DNS settings in order to target and intercept Google Analytics codes and replace them with new malicious code.