Sergei "Fly" Vovnenko, a Russo-Ukrainian cybercrook who stalked and harassed security journalist Brian Krebs -- at one point conspiring to get him arrested by sending him heroin via the Silk Road -- has been arrested. According to Krebs, Vovnenko was a prolific credit-card crook, specializing in dumps of stolen Italian credit-card numbers, and faces charges in Italy and the USA. Krebs documents how Vovnenko's identity came to light because he installed a keylogger on his own wife's computer, which subsequently leaked her real name, which led to him.
According to a trusted source in the security community, that email account was somehow compromised last year. The source said the account was full of emailed reports from a keylogging device that was tied to another email address — email@example.com (according to Google, firstname.lastname@example.org is the recovery email address for email@example.com).
Those keylog reports contained some valuable information, and indicated that Fly had planted a keylogger on his wife Irina’s computer. On several occasions, those emails show Fly’s wife typed in her Gmail address, which included her real first and last name — Irina Gumenyuk.
Later, Gumenyuk would change the surname on her various social networking profiles online to Vovnenko. She even mentioned her husband by name several times in emails to friends, identifying him as 28-year-old “Sergei Vovnenko”. Payment information contained in those emails — including shipping and other account information — put the happy couple and their young son in Naples, Italy.
The ‘Fly’ Has Been Swatted
The CBC asked me to write an editorial for their package about Canadian identity and politics, timed with the 150th anniversary of the founding of the settler state on indigenous lands. They’ve assigned several writers to expand on themes in the Canadian national anthem, and my line was “We stand on guard for thee.”
In a paper for IEEE Security, researchers from Cyberpion and Israel’s College of Management Academic Studies describe a “Password Reset Man-in-the-Middle Attack” that leverages a bunch of clever insights into how password resets work to steal your email account (and other kinds of accounts), even when it’s protected by two-factor authentication.
U.S. Girl Scouts as young as 5 years old will soon be able to earn their first-ever cybersecurity badges. 18 of these merit patches will be launched by the Girl Scouts of the USA starting in September, 2018.
Although flagship smartphones are unlikely to adopt heavy-duty outer casing anytime soon, you can always prepare your device for the outdoors with a beefy case and and an external battery like this Nomad Tile Trackable PowerPack, available in the Boing Boing Store for $119.95.The Nomad Tile can fully recharge an iPhone 7 over three times […]
Even though credit cards now feature an EMV chip for securing transactions, they still have to include the magnetic strip for compatibility with older point of sale systems. Because of this, there’s no way for the chip’s new security capabilities to protect against card skimmers in the wild.How do you protect yourself from legacy-technology-induced fraud? […]
As the old saying goes, “You should sit in meditation for 30 minutes every day. Unless you are too busy, in which case you should meditate for an hour.” Since most of us have an endless list of things to do and people to see, carving out quiet time can feel impossible, especially when most […]