Apple iPhone 6 Battery Connector Repair Video

iMend.com are one of the most established phone and tablet repair specialists in the UK. In addition, we operate one of the most renowned repair centres in the UK where our talented technicians are able to repair any device, either phone of tablet. All repairs are completed in a fully data protected environment.

Take a look at what it is like for a technician to undergo an Apple iPhone 6 battery connector repair…looks tricky, eh! This extremely finicky repair has to be completed under microscope.

If you would like your iPhone 6 battery repaired look no further than iMend.com. Click here for your iPhone 6 battery repair.

At the moment, we are offering a 10% discount on all mail-in and call-out repairs. This offer includes all makes and models. Click here for a discount code.

The post Apple iPhone 6 Battery Connector Repair Video appeared first on iMend Blog.

Source: https://www.imend.com/blog/iphone-6-battery-connector-repair-video/

Advertisements

Correcting the Record on vDOS Prosecutions

KrebsOnSecurity recently featured a story about a New Mexico man who stands accused of using the now-defunct vDOS attack-for-hire service to hobble the Web sites of several former employers. That piece stated that I wasn’t aware of any other prosecutions related to vDOS customers, but as it happens there was a prosecution in the United Kingdom earlier this year of a man who’s admitted to both using and helping to administer vDOS. Here’s a look at some open-source clues that may have led to the U.K. man’s arrest.

Jack Chappell, outside of a court hearing in the U.K. earlier this year.

In early July 2017, the West Midlands Police in the U.K. arrested 19-year-old Stockport resident Jack Chappell and charged him with aiding the vDOS co-founders — two Israeli men who were arrested late year and charged with running the service.

Until its demise in September 2016, vDOS was by far the most popular and powerful attack-for-hire service, allowing even completely unskilled Internet users to launch crippling assaults capable of knocking most Web sites offline. vDOS made more than $600,000 in just two of the four years it was in operation, launching more than 150,000 attacks against thousands of victims (including this site).

For his part, Chappell was charged with assisting in attacks against Web sites for some of the world’s largest companies, including Amazon, BBC, BT, Netflix, T-Mobile, Virgin Media, and Vodafone, between May 1, 2015 and April 30, 2016.

At the end of July 2017, Chappell pleaded guilty to those allegations, as well as charges of helping vDOS launder money from customers wishing to pay for attacks with PayPal accounts.

A big factor in that plea was the leak of the vDOS attacks, customer support and payments databases to this author and to U.S. law enforcement officials in the fall of 2016. Those databases provided extremely detailed information about co-conspirators, paying customers and victims.

But as with many other cybercrime investigations, the perpetrator in this case appears to have been caught thanks to a combination of several all-too-common factors, including password re-use, an active presence on the sprawling English-language hacking community Hackforums, and domain names registered in his real name. In combination, these clues provide a crucial bridge between Chappell’s online and real-world identities.

A simple search at domaintools.com for the name Jack Chappell and “UK” returns a handful of results, including the domain fractal[dot]hf. That domain was registered in June 2015 to a Jack Chappell in Stockport, using the email address me@jackchappell.co[dot]uk [full disclosure: Domaintools is an advertiser on this site].

Neither domain is online anymore, but a Google search on fractal[dot]hf reveals several mentions of this site on Hackforums — a sprawling English-language forum that until very recently hosted the most bustling open-air market for competing attack-for-hire services.

According to a review of those Hackforums postings, fractal[dot]hf was a free service that allowed users to test the size and impact of any DDoS attack tool — displaying detailed graphs showing how much data a given attack tool could hurl at an intended target. Multiple forum members told interested users that fractal[dot]hf was owned and operated by a friendly and helpful Hackforums user named Fractal.

A screenshot of the user Fractal advertising his service for measuring the size of attacks. Fractal posted this graphic to illustrate the power of an IRC-based botnet that was being sold on Hackforums in mid-2015.

Perhaps unsurprisingly, there was a very active user on vDOS who went by the same Fractal nickname, using the password “HelloWorld1998” and email address smellyjelly01@gmail.com.

The above-mentioned domain Jackchappell.co[dot]uk appears in the leaked vDOS payments database, which states that a PayPal account tied to the email address “paypal@jackchappell.co[dot]uk” was one of several PayPal accounts used to launder customer payments for online attacks.

As noted in my June 2017 piece Following the Money Hobbled vDOS Attack-for-Hire Service, vDOS was forced to round-robin customer PayPal payments through a series of accounts after academic researchers began signing up for a variety of attack-for-hire services (including vDOS) and then reporting to PayPal the email addresses tied to accounts being used to receive payments.

The paypal@jackchappell.co[dot]uk address was linked to a vDOS user account called “portalKiller” which used the password “HelloWorld8991.” Note that this password is very similar to the one used by the vDOS user Fractal — only the numbers at the end of the password have been reversed (1998/8991).

Portalkiller changed his password several times during his time on vDOS, and one of the passwords he used was “Smith8991.” An Internet search on this password turns up an account in the user database that was hacked and posted online from a similar attack-for-hire service previously run by a hacker group known as the Lizard Squad. The email address tied to that account? Smellyjelly01@gmail.com.

From reviewing Fractal’s posts and reputation on Hackforums it appears that on Dec. 28, 2015 his account received praise and positive reputation points (similar to eBay’s user “feedback” system) from M30w and AppleJ4ck, the nicknames used by the alleged co-founders of vDOS.

Positive reputation points awarded to Chappell by the co-owners of vDOS, who used the aliases “M30W” and “AppleJ4ck.”

Comments in the leaked vDOS databases also suggest Chappell was for a time one of several trusted administrators and/or support personnel of the service. vDOS routinely banned accounts for members who shared their logins, or who logged on via virtual private network (VPN) services to anonymize their connections, but many members ignored this advice.

For example, in one support ticket dated March 13, 2016, a vDOS subscriber named “Bears” who had his account banned pleaded with the administrators to reactivate (or “unban”) his account.

“Hi jeremy pls unban hi p1st i love you hi AJ i love you hi fractal i love you hi whoever else is support is swagdaddy still support?” Bears pleads.

Ironically, both of Chappell’s accounts on vDOS — Fractal and portalKiller — were ultimately banned, the latter supposedly for flouting vDOS’s no-VPN restrictions. In one customer support ticket, portalKiller explains the reason for his use of a VPN: He routinely used a VPN so that he could tunnel his connection to the United States and watch the U.S. catalog of Netflix videos.

“Account Banned’,85801,’portalKiller’,’Hi, My account was banned a couple of days ago for logging in from a VPN. Let me explain, the 82.132.234.244 IP is not a VPN it is my mobile provider (O2), which is not a proxy/VPN. The second IP was a mistake I made, I logged out and logged back in from my normal IP (81.103.71.50) after I noticed my VPN was on (I use it for Netflix). I really want you to re-consider my ban. Thanks, portalKiller.”

Fractal also was eventually banned from using vDOS, although it’s less clear why that account was banished. Perhaps Chappell no longer offered the ability to help the other vDOS administrators launder funds, or maybe he had a falling out with M30W/p1st and AppleJ4ck.

Chappell did not respond to requests for comment. His sentencing has been delayed several times since his guilty plea; it is currently slated for December 2017.

Chappell’s guilty plea reminds me that there are many others who helped launder funds for vDOS that are in all likelihood similarly exposed. Stay tuned for more updates on that front.

Source: https://krebsonsecurity.com/2017/11/correcting-the-record-on-vdos-prosecutions/

Fund Targets Victims Scammed Via Western Union

If you, a friend or loved one lost money in a scam involving Western Union, some or all of those funds may be recoverable thanks to a more than half-billion dollar program set up by the U.S. Federal Trade Commission.

In January 2017, Englewood, Colo.-based Western Union settled a case with the FTC and the Department of Justice wherein it admitted to multiple criminal violations, including willfully failing to maintain an effective anti-money laundering program and aiding and abetting wire fraud. As part of the settlement, the global money transfer business agreed to forfeit $586 million.

Last week, the FTC announced that individuals who lost money to scammers who told them to pay via Western Union’s money transfer system between January 1, 2004 and January 19, 2017 can now file a claim to get their money back by going to FTC.gov/WU before February 12, 2018.

Scammers tend to rely on money transfer businesses like Western Union and MoneyGram because once the money is sent and picked up by the recipient the transaction is generally irreversible. Such scams include transfers made for fraudulent lottery and prizesfamily emergenciesadvance-fee loans, and online dating, among others.

Affected consumers can visit FTC.gov/WU to file claims, learn more, or get updates on the claims process, which could take up to a year. The graphic below seeks to aid victims in filing claims.

The FTC says some people who have already reported their losses to Western Union, the FTC, or another government agency will receive a form in the mail from the claims administrator, Gilardi & Co., which has been hired by the DOJ to return victims’ money as part of the settlement. The form will have a Claim ID and a PIN number to use when filing a claim online via FTC.gov/WU.

The agency emphasized that filing a claim is free, so consumers should not pay anyone to file a claim on their behalf. “No one associated with the claims process will call to ask for consumers’ bank account or credit card number,” the FTC advised.

This isn’t the first time a major money transfer business admitted to criminally facilitating wire fraud. In November 2012, MoneyGram International agreed to pay a $100 million fine and admit to criminally aiding and abetting wire fraud and failing to maintain an effective anti-money laundering program.

Source: https://krebsonsecurity.com/2017/11/fund-targets-victims-scammed-via-western-union/

Fancy Joining Our iMend Training Programme?

 

iMend.com are one of the most trusted and recognised brands in Mobile Phone & Tablet Repair Training. Interested in becoming an iMend technician? Here’s a glimpse into what it’s like to join one of our #training programmes:

 

 

Our courses are designed to help new and experienced technicians master all levels of Mobile Phone & Tablet Repairs and walk away with the knowledge and practical skills to immediately use in their business.

iMend.com offer a number of different courses, whether you are interested in learning how to repair a particular phone or looking to join our fast track service, there will be a training course tailored to your needs.

You will be trained by mobile and tablet experts with over 12 years experience. Our experts are able to train technicians of all skill levels. Whether you are interested in learning how to repair the latest Samsung mobile or wanting to start a new career in phone repairs, our experts provide you with the skills you desire.

Don’t forget you can then join the iMend.com Network and instantly start receiving jobs post the course!

 

The post Fancy Joining Our iMend Training Programme? appeared first on iMend Blog.

Source: https://www.imend.com/blog/fancy-joining-our-imend-training-programme/

Black Friday Discount on Phone Repairs

Are you ready for the biggest shopping event of the year? The Black Friday sales has become a huge deal here in the UK. An estimated £3 billion is expected to be spent during this year’s weekend bonanza, almost double the amount spent the previous year.

Here at iMend.com, we take pride in giving back to our customers, that’s why we are offering a 10% Black Friday discount on both mail-in and call-out repairs across all devices. This offer will be running for a whole week, from Monday 20th November to midnight on Monday 27th November.

How the discount works!

1. Head over to our mail-in or book a repair section of the site where you can select the phone you want repairing along with the type of issue that your phone has.

2. You will then need to add the repair to your cart.

3. When you come to checking out your repair, you will be given an option on the Order Summary page to enter your discount code.

4.The Voucher Code you will need at checkout is BF10

You can also call our customer service team on 0333 014 4262 and give them the code and they will place for you.

Terms and conditions:

  • All terms and conditions of sale remain the same.
  • The offer only runs from Monday 20th November until midnight on Monday 27th November 2017.
  • The offer is open to our mail-in and call-out service.
  • 10% will only be valid on the price of the repair and not the postage and packaging.
  • One 10% discount will only be valid on each individual repair
  • Offers only available in UK.
  • The iMend team reserve the right to cancel or change the discount at any stage of the promotion.

If you would like to book your repair please do not hesitate to get in contact with a member of our customer service team on 0333 014 4262.

Let’s hope you have a Smashing Black Friday!

The post Black Friday Discount on Phone Repairs appeared first on iMend Blog.

Source: https://www.imend.com/blog/black-friday-discount-on-phone-repairs/

R.I.P. root9B, We Hardly Knew Ya!

root9B, a company that many in the security industry consider little more than a big-name startup aimed at cashing in on the stock market’s insatiable appetite for cybersecurity firms, surprised no one this week when it announced it was ceasing operations at the end of the year.

Founded in 2011, Colorado Springs, Colo. based root9B Technologies touted itself as an IT security training firm staffed by an impressive list of ex-military leaders with many years of cybersecurity experience at the Department of Defense and National Security Agency (NSA). As it began to attract more attention from investors, root9B’s focus shifted to helping organizations hunt for cyber intruders within their networks.

By 2015, root9B was announcing lucrative cybersecurity contracts with government agencies and the infusion of millions from investors. The company’s stock was ballooning in price, reaching an all-time high in mid-May 2015.

That was just days after root9B issued a headline-grabbing report about how its cyber intelligence had single-handedly derailed a planned Russian cyber attack on several U.S. financial institutions.

The report, released May 12, 2015, claimed root9B had uncovered plans by an infamous Russian hacking group to target several banks. The company said the thwarted operation was orchestrated by Fancy Bear/Sofacy, a so-called “advanced persistent threat” (APT) hacking group known for launching sophisticated phishing attacks aimed at infiltrating some of the world’s biggest corporations.  root9B released its Q1 2015 earnings two days later, reporting record revenues.

On May 20, 2015, KrebsOnSecurity published a rather visceral dissection of that root9B report: Security Firm Redefines APT; African Phishing Threat. The story highlighted the thinness of the report’s claims, pointing to multiple contradictory findings by other security firms which suggested the company had merely detected several new phishing domains being erected by a comparatively low-skilled African phishing gang that was well-known to investigators and U.S. banks.

In mid-June 2015, an anonymous researcher who’d apparently done a rather detailed investigation into root9B’s finances said the company was “a worthless reverse-merger created by insiders with [a] long history of penny-stock wipeouts, fraud allegations, and disaster.”

That report, published by the crowd-sourced financial market research site SeekingAlpha.com, sought to debunk claims by root9B that it possessed “proprietary” cybersecurity hardware and software, noting that the company mainly acts as a reseller of a training module produced by a third party.

root9B’s stock price never recovered from those reports, and began a slow but steady decline after mid-2015. In Dec. 2016, root9B Technologies announced a reverse split of its issued and outstanding common stock, saying it would be moving to the NASDAQ market with the trading symbol RTNB and a new name — root9B Holdings. On January 18, 2017, a reshuffled root9B rang the market opening bell at NASDAQ, and got a bounce when it said it’d been awarded a five-year training contract to support the U.S. Defense Department.

The company’s founders remained upbeat even into mid-2017. On June 6, 2017 it announced that Michael Hayden, the four-star general who until recently served as director of the U.S. National Security Agency, had joined the company’s board.

On June 23, 2017, root9B issued a press release reminding everyone that the company had remained #1 on the Cybersecurity 500 for the 6th consecutive quarter. The Cybersecurity 500, by the way, rates cybersecurity firms based on their “branding and marketing.”

Nobody ever accused root9B of bad marketing. But all the press releases in the world couldn’t hide the fact that the company had never turned a profit. It lost more than $18.3 million in 2016, more than doubling a $8.03 million loss in 2015.

Since August 2017, shares of the company’s stock have fallen more than 90 percent. On Sept. 28, 2017, all of root9B’s assets were acquired by venture investment firm Tracker Capital Management LLC, and then sold at auction.

On Nov. 13, root9B Holdings issued a press release saying NASDAQ was de-listing the firm on Nov. 15 and that it was ceasing operations at the end of this year. The statement seemed to emphasize there was nothing left for the firm’s creditors to pick over.

“With the absence of any operating assets remaining after the Foreclosure, the Company will cease any and all operations effective, December 31, 2017,” the (final?) root9B press release concludes.

The demise of root9B resonates loudly with that of Norse Corp., another flashy, imploded cybersecurity startup that banked heavily on attracting and touting top talent, while managing to produce very little that was useful to or actionable by anybody.

Companies like these are a reminder that your success or failure in business as in life is directly tied to what you produce — not what you promise or represent. There is no shortcut to knowledge, success or mastery, and this goes for infosec students as well as active practitioners of the craft. Focus on consistently producing quality, unique content and/or services that are of real value to others, and the rest will take care of itself.

Source: https://krebsonsecurity.com/2017/11/r-i-p-root9b-we-hardly-knew-ya/

21 New Phones And Tablets Added To Our Website

 

When it comes to repairing mobile phones and tablets, you can always trust iMend.com.  iMend are always offering their customers more choice and ways of continuously improving the number of repairs we offer.  

With that in mind, we have just added a number of new devices to our website.  Here are some of the most popular repairs on our recently added phones and tablets:

 

The Sony Xperia XZ  screen repair is always a popular one!

Here are other popular Sony Xperia XZ repairs

 

 

The Sony Xperia XZ Premium liquid damage repair is extremely popular.

Here are other popular Sony Xperia XZ Premium repairs.

 

 

Another popular repair is the Google Pixel software fix.

Here are all other popular Google Pixel repairs.

 

 

The Microsoft Surface Pro 4 full diagnostic service can help you discover that bugging issue with your tablet.

Here are other popular Microsoft Surface Pro 4 repairs.

 

 

 

A very popular repair for many tablets – Samsung Galaxy Tab 2 7.0 power button repair.

Here are other popular Samsung Galaxy Tab 2 7.0 repairs.

 

Our technicians are also able to repair these other devices:

 

HTC One A9

HTC 10

HTC M8s

Hauwei Mate 8

Hauwei Mate 9 

Hauwei P9

Hauwei P9 Lite

Hauwei P10

Hauwei P10 Plus

Google Pixel XL

OnePlus 3

OnePlus 3T

LG G6

Samsung Tab Active

Xperia X Performance

 

Book or Mail in your broken mobile today. To find our full list of repairs, visit our website.

 

The post 21 New Phones And Tablets Added To Our Website appeared first on iMend Blog.

Source: https://www.imend.com/blog/20-new-phones-and-tablets-have-been-added-to-our-website/