Source: Threat Level from Wired.com
"The first foreigner convicted of phishing in the United States was sentenced to 50 months in federal prison Monday."
Tuesday, 31 March 2009
Monday, 30 March 2009
Vast Spy System Loots Computers in 103 Countries
Source: NYTimes.com
Researchers have obtained an inside look into a vast, strategic network of computers which have been compromised in targeted attacks (rather than the usual opportunistic attacks). The network consists of "at least 1,295 computers in 103 countries, including many belonging to embassies, foreign ministries and other government offices, as well as the Dalai Lama’s Tibetan exile centers in India, Brussels, London and New York." The back doors in the computers are being controlled by computers based almost exclusively in China, leading to speculation that the Chinese government is behind the espionage.
Researchers have obtained an inside look into a vast, strategic network of computers which have been compromised in targeted attacks (rather than the usual opportunistic attacks). The network consists of "at least 1,295 computers in 103 countries, including many belonging to embassies, foreign ministries and other government offices, as well as the Dalai Lama’s Tibetan exile centers in India, Brussels, London and New York." The back doors in the computers are being controlled by computers based almost exclusively in China, leading to speculation that the Chinese government is behind the espionage.
Saturday, 28 March 2009
'Cybercrime exceeds drug trade' myth exploded
Source: The Register
Ed Amoroso, Senior Vice President and Chief Security Officer of AT&T, recently told a Congressional Committee that cybercrime was a trillion dollar a year business. This was supposed to be based on an FBI report, but the FBI has made no such claim. Instead, it seems to be more of an urban myth. This article attempts to put some perspective on the inflated claim, and find out how the myth got started.
Ed Amoroso, Senior Vice President and Chief Security Officer of AT&T, recently told a Congressional Committee that cybercrime was a trillion dollar a year business. This was supposed to be based on an FBI report, but the FBI has made no such claim. Instead, it seems to be more of an urban myth. This article attempts to put some perspective on the inflated claim, and find out how the myth got started.
Wednesday, 25 March 2009
'The Analyzer' Hack Probe Widens; $10 Million Allegedly Stolen From U.S. Banks
Source: Threat Level from Wired.com
Threat Level has an interesting article covering the cybercrime activities of Ehud Tenenbaum, also known as "The Analyzer", who was arrested in Canada last year for allegedly stealing about $1.5 million from Canadian banks. He also allegedly hacked two U.S. banks, a credit and debit card distribution company and a payment processor in what U.S. authorities are calling a global "cashout" conspiracy. The U.S. hacks have resulted in at least $10 million in losses, and are just part of a larger international conspiracy to hack financial institutions in the United States and abroad.
Threat Level has an interesting article covering the cybercrime activities of Ehud Tenenbaum, also known as "The Analyzer", who was arrested in Canada last year for allegedly stealing about $1.5 million from Canadian banks. He also allegedly hacked two U.S. banks, a credit and debit card distribution company and a payment processor in what U.S. authorities are calling a global "cashout" conspiracy. The U.S. hacks have resulted in at least $10 million in losses, and are just part of a larger international conspiracy to hack financial institutions in the United States and abroad.
Tuesday, 24 March 2009
Web Fraud 2.0: Data Search Tools for ID Thieves
Source: Security Fix
"Cyber crooks are providing cheap, instant access to detailed consumer databases, offering identity thieves the ability to find missing data as they compile dossiers on targeted individuals." "It's unclear how these sites are obtaining this kind of information. It may be that they're relying on insiders at companies with access to this data. Alternatively, perhaps the services are making use of using stolen credentials needed to access sensitive online databases. More likely, it is a mixture of both."
"Cyber crooks are providing cheap, instant access to detailed consumer databases, offering identity thieves the ability to find missing data as they compile dossiers on targeted individuals." "It's unclear how these sites are obtaining this kind of information. It may be that they're relying on insiders at companies with access to this data. Alternatively, perhaps the services are making use of using stolen credentials needed to access sensitive online databases. More likely, it is a mixture of both."
Monday, 23 March 2009
Hacked page hauls estimated at $10,000 a day
Source: vnunet.com
Fake antivirus products continue to prove themselves the Next Big Thing in cybercrime. Security firm Finjan estimates that search engine gaming techniques on popular search terms can earn the perpetrators more than ten thousand US dollars per day in referral fees.
Fake antivirus products continue to prove themselves the Next Big Thing in cybercrime. Security firm Finjan estimates that search engine gaming techniques on popular search terms can earn the perpetrators more than ten thousand US dollars per day in referral fees.
Saturday, 21 March 2009
Rogue Antivirus Distribution Network Dismantled
Source: Security Fix
Hot on the heels of a report on TrafficConverter2.biz by Security Fix earlier this week, the site has lost its ability to receive payments through Visa and MasterCard thanks to investigations being conducted by those companies. Traffic Converter is an affiliate program for the fake antivirus program AntiVirus2009 and others. These programs extort money out of those parties unfortunate enough to find them installed on their computer by throwing up increasingly alarming error messages, and requesting that the user pay for the "full version" of the software to fix the problem.
Hot on the heels of a report on TrafficConverter2.biz by Security Fix earlier this week, the site has lost its ability to receive payments through Visa and MasterCard thanks to investigations being conducted by those companies. Traffic Converter is an affiliate program for the fake antivirus program AntiVirus2009 and others. These programs extort money out of those parties unfortunate enough to find them installed on their computer by throwing up increasingly alarming error messages, and requesting that the user pay for the "full version" of the software to fix the problem.
Costly Online Organ-Transplant Scam Results in Death, Arrest
Source: Threat Level from Wired.com
Advance fee fraud is nothing new, but this could well be a new low. The site liver4you.org sells organ transplants, or so it claims. A Canadian man paid $70,000 and was told he'd receive a liver transplant at a hospital in the Philippines. There was no liver, and no transplant, and the man died in the hospital where he thought his life would be saved. Jerome Feldman, age 67, has been arrested on charges of operating the scam.
Advance fee fraud is nothing new, but this could well be a new low. The site liver4you.org sells organ transplants, or so it claims. A Canadian man paid $70,000 and was told he'd receive a liver transplant at a hospital in the Philippines. There was no liver, and no transplant, and the man died in the hospital where he thought his life would be saved. Jerome Feldman, age 67, has been arrested on charges of operating the scam.
Friday, 20 March 2009
Antivirus2009 Holds Victim's Documents for Ransom
Source: Security Fix
The fake anti-virus program Antivirus2009 is now using its deceptive error messages to frighten users into downloading a program called FileFixerPro, under the pretext that certain files in the "My Documents" folder are corrupt. Antivirus2009 actually encrypts the files in question, and FileFixerPro will decrypt them only after a $50 fee is paid. File encryption has been used in the past, attracting the name "ransomware", but this is perhaps the first time that the technique has been used stealthily in conjunction with "scareware" like Antivirus2009, as opposed to blatant blackmail.
The fake anti-virus program Antivirus2009 is now using its deceptive error messages to frighten users into downloading a program called FileFixerPro, under the pretext that certain files in the "My Documents" folder are corrupt. Antivirus2009 actually encrypts the files in question, and FileFixerPro will decrypt them only after a $50 fee is paid. File encryption has been used in the past, attracting the name "ransomware", but this is perhaps the first time that the technique has been used stealthily in conjunction with "scareware" like Antivirus2009, as opposed to blatant blackmail.
2008 fraud figures announced by APACS
Source: APACS
The UK payments association, APACS, has announced UK fraud figures for 2008. "The two main areas of fraud were on transactions not protected by chip and PIN: specifically internet, phone and mail order fraud; and fraud abroad - committed by criminals using stolen UK card details in countries yet to upgrade to chip and PIN - which has nearly doubled in two years." "Online banking fraud losses totalled £52.5m in 2008 – a 132 per cent increase from 2007 losses. Although phishing incidents continue to increase, online banking customers are increasingly being targeted by malware..."
The UK payments association, APACS, has announced UK fraud figures for 2008. "The two main areas of fraud were on transactions not protected by chip and PIN: specifically internet, phone and mail order fraud; and fraud abroad - committed by criminals using stolen UK card details in countries yet to upgrade to chip and PIN - which has nearly doubled in two years." "Online banking fraud losses totalled £52.5m in 2008 – a 132 per cent increase from 2007 losses. Although phishing incidents continue to increase, online banking customers are increasingly being targeted by malware..."
Friday, 13 March 2009
Hacking iTunes Gift Cards, and an iTunes Update
Source: Security Fix
There is some question as to whether the iTunes voucher code system has actually been broken (as reported recently). The basis for doubt is that the vouchers must be activated at the point of sale before they can be redeemed. Even so, the iTunes codes offered for sale are definitely working. One theory is that the codes are simply being purchased online using stolen credit card data, then on-sold.
There is some question as to whether the iTunes voucher code system has actually been broken (as reported recently). The basis for doubt is that the vouchers must be activated at the point of sale before they can be redeemed. Even so, the iTunes codes offered for sale are definitely working. One theory is that the codes are simply being purchased online using stolen credit card data, then on-sold.
Police in Romania detain 20 alleged hackers
Source: International Herald Tribune
Police in Romania on Wednesday detained 20 people on suspicion of phishing. The phishing incidents in question targeted victims in Italy and Spain.
Police in Romania on Wednesday detained 20 people on suspicion of phishing. The phishing incidents in question targeted victims in Italy and Spain.
Wednesday, 11 March 2009
The Chinese iTunes Gift Voucher Trick
Source: Outdustry
Hackers have cracked the iTunes gift voucher code and are selling the codes so generated to Chinese counterfeiters who then on-sell to the public. Current market rates result in $200 gift card codes being obtainable for around $2.60.
Hackers have cracked the iTunes gift voucher code and are selling the codes so generated to Chinese counterfeiters who then on-sell to the public. Current market rates result in $200 gift card codes being obtainable for around $2.60.
Thursday, 5 March 2009
German cops bust cybercrime forum
Source: The Register
"German police have arrested several members of a hacking forum linked to the distribution of Trojan horse software that infected 80,000 computers."
"German police have arrested several members of a hacking forum linked to the distribution of Trojan horse software that infected 80,000 computers."
Subscribe to:
Posts (Atom)
