Friday, 28 September 2007

Botnets downsize

Source: vnunet

The current trend in botnets is towards a larger number of smaller networks, so that fewer machines are lost when a command and control host is taken down. The article also mentions a phishing trend away from spoof websites and towards keystroke loggers. I noticed such a trend about two months ago -- almost no phishing email, but no corresponding drop in job scams.

Wednesday, 19 September 2007

TD Ameritrade compromised

Source: The Register

Online brokerage, TD Ameritrate, has suffered a security compromise resulting in the installation of a backdoor and major leakage of private client data. Sophos reports the unsurprising news that Ameritrade customers are being targeted in phishing attacks.

Friday, 14 September 2007

Four pump-and-dumpers plead guilty

Source: Sophos

Four men aged from 26 to 63 have pleaded guilty to charges relating to their pump and dump spamming operation, which allegedly netted them on the order of twenty million US dollars. They face five to ten years in prison: sentence has yet to be passed.

Gang of ten arrested in Germany

Source: Sophos

A cybercrime gang of eight men and two women operating out of Germany has been arrested. Their modus operandi has been to impersonate various well-known organisations via email, sending attachments containing malware. Their targets were also primarily German, so their arrest represents no new triumph in cross-jurisdictional cooperation.

Monday, 3 September 2007

Phishing is Old Hat

Source: SunbeltBLOG

Why phish when you can install malicious IFRAMEs directly on the bank's website? Bank of India is the first I've heard of to suffer this indignity.