Source: The Register
Symantec is reporting an increase in phishing activity related to online casinos. Cashing out of a casino is relatively easy, not requiring the use of mules, since the stolen money can be gambled through an arbitrary array of intermediate accounts on the casino.
Friday, 29 February 2008
Pandex Trojan uproots rival rootkits
Source: Channel Register
Various strains of malware have, from time to time, removed other strains of malware from hosts that they infect. The "Pandex Trojan" takes this to new heights by removing rival rootkits and installing its own.
Various strains of malware have, from time to time, removed other strains of malware from hosts that they infect. The "Pandex Trojan" takes this to new heights by removing rival rootkits and installing its own.
Device flaws make Chip and PIN vulnerable
Source: vnunet.com
Researchers at the University of Cambridge have found vulnerabilities in two widely deployed PIN entry devices for chip and PIN cards which could enable the production of counterfeit cards. The attack involves tapping data from key vulnerable points in the devices, but the physical modifications necessary to compromise a device are neither sophisticated or conspicuous. The researchers say the vulnerability is introduced by manufacturing design errors.
Researchers at the University of Cambridge have found vulnerabilities in two widely deployed PIN entry devices for chip and PIN cards which could enable the production of counterfeit cards. The attack involves tapping data from key vulnerable points in the devices, but the physical modifications necessary to compromise a device are neither sophisticated or conspicuous. The researchers say the vulnerability is introduced by manufacturing design errors.
Monday, 25 February 2008
FDIC Technology Incident Report shows phishing growth
Source: The Washington Post
US banks are required to file Suspicious Activity Reports (SAR) with the Federal Deposit Insurance Corporation (FDIC) for fraudulent activity of or exceeding $5,000 per incident.
US banks are required to file Suspicious Activity Reports (SAR) with the Federal Deposit Insurance Corporation (FDIC) for fraudulent activity of or exceeding $5,000 per incident.
"While the number of reported computer intrusion-related SARs (536) paled in comparison to the leading SARs categories - mortgage loan fraud (12,554) and check fraud (17,558) - the FDIC said financial crime aided by computer intrusions is growing at a rapid pace. Further, it noted that the mean (average) loss per SAR from computer intrusions was roughly $29,630 -- almost triple the estimated loss per SAR during the same time period in 2006 ($10,536)."
Friday, 22 February 2008
Seventeen alleged botherders arrested in Canada
Source: various, including vnunet.com and The Register
Sixteen males and one female ranging from seventeen to twenty-six years old have been arrested in Canada on various charges relating to cybercrime and the operation of a botnet. The gang, which has been under investigation since 2006, allegedly operates a botnet on the order of a million hosts, and has netted tens of millions of dollars in cybercrime activities.
Sixteen males and one female ranging from seventeen to twenty-six years old have been arrested in Canada on various charges relating to cybercrime and the operation of a botnet. The gang, which has been under investigation since 2006, allegedly operates a botnet on the order of a million hosts, and has netted tens of millions of dollars in cybercrime activities.
Thursday, 14 February 2008
Botnet evolution
Source: The Register
The Register has a summary of new trends in botnet technology as reported by various researchers. One particularly stealthy botnet dubbed "MayDay" allegedly uses the HTTP proxy settings of the host as one communications channel, and coded ICMP messages as another. A different botnet called "Mega-D" employs spamming techniques designed to thwart greylisting, which the researchers say is the first time such a capability has been observed in the wild.
The Register has a summary of new trends in botnet technology as reported by various researchers. One particularly stealthy botnet dubbed "MayDay" allegedly uses the HTTP proxy settings of the host as one communications channel, and coded ICMP messages as another. A different botnet called "Mega-D" employs spamming techniques designed to thwart greylisting, which the researchers say is the first time such a capability has been observed in the wild.
Tuesday, 12 February 2008
Money Mule pleads guilty in Brisbane, Australia
Source: Sydney Morning Herald
Neena Maree McNair-Swirski, 27, of Brisbane, has pleaded guilty to charges relating to her activity as a money mule. According to the prosecutor, she and her former de facto husband (already tried and sentenced to fifteen months jail last year) actively sought the employment, and received almost $100,000 in fraudulent transactions between them. McNair-Swirski received a two-year jail term.
Neena Maree McNair-Swirski, 27, of Brisbane, has pleaded guilty to charges relating to her activity as a money mule. According to the prosecutor, she and her former de facto husband (already tried and sentenced to fifteen months jail last year) actively sought the employment, and received almost $100,000 in fraudulent transactions between them. McNair-Swirski received a two-year jail term.
SoBe pleads guilty
Source: The Register
A black-hat known by the handle "SoBe" has pleaded guilty to criminal charges in relation to a botnet used to infect computers with affiliate-fee-paying adware. SoBe worked in concert with Jeanson James Ancheta, who was, in May 2006, sentenced to 57 months in federal prison on related charges. SoBe was a minor at the time the crimes were committed; "his plea agreement contemplates a sentence of one year to 18 months in prison."
A black-hat known by the handle "SoBe" has pleaded guilty to criminal charges in relation to a botnet used to infect computers with affiliate-fee-paying adware. SoBe worked in concert with Jeanson James Ancheta, who was, in May 2006, sentenced to 57 months in federal prison on related charges. SoBe was a minor at the time the crimes were committed; "his plea agreement contemplates a sentence of one year to 18 months in prison."
Subscribe to:
Posts (Atom)
