Friday, 29 February 2008

Online casino phishing on the rise

Source: The Register

Symantec is reporting an increase in phishing activity related to online casinos. Cashing out of a casino is relatively easy, not requiring the use of mules, since the stolen money can be gambled through an arbitrary array of intermediate accounts on the casino.

Pandex Trojan uproots rival rootkits

Source: Channel Register

Various strains of malware have, from time to time, removed other strains of malware from hosts that they infect. The "Pandex Trojan" takes this to new heights by removing rival rootkits and installing its own.

Device flaws make Chip and PIN vulnerable


Researchers at the University of Cambridge have found vulnerabilities in two widely deployed PIN entry devices for chip and PIN cards which could enable the production of counterfeit cards. The attack involves tapping data from key vulnerable points in the devices, but the physical modifications necessary to compromise a device are neither sophisticated or conspicuous. The researchers say the vulnerability is introduced by manufacturing design errors.

Monday, 25 February 2008

FDIC Technology Incident Report shows phishing growth

Source: The Washington Post

US banks are required to file Suspicious Activity Reports (SAR) with the Federal Deposit Insurance Corporation (FDIC) for fraudulent activity of or exceeding $5,000 per incident.
"While the number of reported computer intrusion-related SARs (536) paled in comparison to the leading SARs categories - mortgage loan fraud (12,554) and check fraud (17,558) - the FDIC said financial crime aided by computer intrusions is growing at a rapid pace. Further, it noted that the mean (average) loss per SAR from computer intrusions was roughly $29,630 -- almost triple the estimated loss per SAR during the same time period in 2006 ($10,536)."

Friday, 22 February 2008

Seventeen alleged botherders arrested in Canada

Source: various, including and The Register

Sixteen males and one female ranging from seventeen to twenty-six years old have been arrested in Canada on various charges relating to cybercrime and the operation of a botnet. The gang, which has been under investigation since 2006, allegedly operates a botnet on the order of a million hosts, and has netted tens of millions of dollars in cybercrime activities.

Thursday, 14 February 2008

Botnet evolution

Source: The Register

The Register has a summary of new trends in botnet technology as reported by various researchers. One particularly stealthy botnet dubbed "MayDay" allegedly uses the HTTP proxy settings of the host as one communications channel, and coded ICMP messages as another. A different botnet called "Mega-D" employs spamming techniques designed to thwart greylisting, which the researchers say is the first time such a capability has been observed in the wild.

Tuesday, 12 February 2008

Money Mule pleads guilty in Brisbane, Australia

Source: Sydney Morning Herald

Neena Maree McNair-Swirski, 27, of Brisbane, has pleaded guilty to charges relating to her activity as a money mule. According to the prosecutor, she and her former de facto husband (already tried and sentenced to fifteen months jail last year) actively sought the employment, and received almost $100,000 in fraudulent transactions between them. McNair-Swirski received a two-year jail term.

SoBe pleads guilty

Source: The Register

A black-hat known by the handle "SoBe" has pleaded guilty to criminal charges in relation to a botnet used to infect computers with affiliate-fee-paying adware. SoBe worked in concert with Jeanson James Ancheta, who was, in May 2006, sentenced to 57 months in federal prison on related charges. SoBe was a minor at the time the crimes were committed; "his plea agreement contemplates a sentence of one year to 18 months in prison."