Businesses around the world have lost billions of dollars over the past few years to an increasingly popular internet scam in which criminals pose as company executives, and send faked emails to their staff ordering subordinates to transfer money into financial accounts controlled by the scammers. That's all according to an FBI alert issued this week.
Read the rest
Internet and cable TV provider Time Warner Cable Inc. today revealed that up to 320,000 customers may have had their email passwords stolen.
Read the rest
The so-called unlimited cash out operations used hacked debit cards with withdrawal limits removed to make ATMs spew money.
If you or someone you love has been hijacked by Coinvault ransomware -- malware that encrypts your data and won't decrypt it unless you transfer Bitcoin to criminals -- Kaspersky may be able to help you (via Hacker News)
Read the rest
In Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door
, Brian Krebs offers a fascinating look at the mass-scale cybercrime that underpins the spam in your inbox and provides an inside peek at a violent fight among its principle players. Cory Doctorow
In case there was any doubt in your mind, the alleged $1T cost to America from cyberwar and the $250B cost to America from "cyber-theft of Intellectual property" are both total bullshit. Pro Publica breaks it down.
Read the rest
One of the figures Alexander attributed to Symantec — the $250 billion in annual losses from intellectual property theft — was indeed mentioned in a Symantec report, but it is not a Symantec number and its source remains a mystery.
McAfee’s trillion-dollar estimate is questioned even by the three independent researchers from Purdue University whom McAfee credits with analyzing the raw data from which the estimate was derived. "I was really kind of appalled when the number came out in news reports, the trillion dollars, because that was just way, way large," said Eugene Spafford, a computer science professor at Purdue.
Spafford was a key contributor to McAfee’s 2009 report, "Unsecured Economies: Protecting Vital Information" (PDF). The trillion-dollar estimate was first published in a news release that McAfee issued to announce the report; the number does not appear in the report itself. A McAfee spokesman told ProPublica the estimate was an extrapolation by the company, based on data from the report. McAfee executives have mentioned the trillion-dollar figure on a number of occasions, and in 2011 McAfee published it once more in a new report, "Underground Economies: Intellectual Capital and Sensitive Corporate Data Now the Latest Cybercrime Currency" (PDF).
In addition to the three Purdue researchers who were the report’s key contributors, 17 other researchers and experts were listed as contributors to the original 2009 report, though at least some of them were only interviewed by the Purdue researchers.
Brian Krebs interviews Joe Stewart, a security researcher
"who’s spent 18 months cataloging and tracking malicious software that was developed and deployed specifically for spying on governments, activists and industry executives." Speaking at Defcon in Las Vegas, Stewart says the "complexity and scope of these cyberspy networks now rivals many large conventional cybercrime operations. Read the rest
Elinor Mills at CNET has posted a chronological chart that documents recently publicized hacking events:
By our count, there have been more than 40 computer attacks, network intrusions, or data breaches in the last few months. And they seem to be a daily occurrence.
The chart shows which hackers and groups are identified as being behind each attack, and the methods and motives believed to be involved. As you skim through, remember that the date on which a given hack is made public isn't necessarily the date that target was breached: sometimes, a breach occurs long before the target or the attacker tells the world about it.
Mills adds that CNET will to update the chart as time goes on, and they're soliciting updates.
Here's a link to the article, and here's a direct link to the spreadsheet.
Read the rest
The Wall Street Journal broke the news yesterday
that the Pentagon has concluded that hacking and other forms of digital sabotage that originate from other countries can be considered an act of war. This means that for the first time, the U.S. is in the position of possibly responding to an online attack with offline "traditional military force." Guns, troops, drones, bombs.
The Pentagon's first formal cyber strategy, unclassified portions of which are expected to become public next month, represents an early attempt to grapple with a changing world in which a hacker could pose as significant a threat to U.S. nuclear reactors, subways or pipelines as a hostile country's military.
In part, the Pentagon intends its plan as a warning to potential adversaries of the consequences of attacking the U.S. in this way. "If you shut down our power grid, maybe we will put a missile down one of your smokestacks," said a military official.
Read the whole article here. If the paywall locks you out, MSNBC has a related piece. Read the rest
On Friday, the FBI shut down three of the world's most popular online poker sites, replacing their home pages with the message: "This domain name has been seized by the F.B.I. pursuant to an Arrest Warrant."
Former Boing Boing guest-blogger Joe Menn at the Financial Times nails the story first and best, and describes it as "the largest crackdown since Congress banned electronic gambling transactions in 2006." More:
In an indictment unsealed on Friday, the government accused the creators of Full Tilt Poker, PokerStars and Absolute Poker of illegal gambling, money laundering and bank fraud.
Read the full FT story here
The government also filed a $3bn civil suit seeking to recover profit at the companies, which are based in other countries but have the three largest shares of the US market. They seized bank accounts and the website addresses used by all three, replacing the latter with warnings that managing or owning a gambling business is a crime.
None of companies could be reached for comment. The disruption of their sites and the seizure of funds could make it hard for them to do business and might dissuade some people from playing cards online.
. The LA Times
also has coverage here
, and here is a response by the owners of Full Tilt Poker
. Read the rest
The office of NASA's Inspector General released a report this week titled "Inadequate Security Practices Expose Key NASA Network to Cyberattack," which details pretty much what it says on the tin: the International Space Station, the Hubble telescope, the space shuttle, and other key assets were made vulnerable back in 2009 when hackers penetrated the NASA computer network that controls them.
The vulnerabilities have since been addressed, but NASA still lacks a recommended cybersecurity oversight progam to reduce future risks.
From a related story in the Huntsville Times:
Also in 2009, hackers stole 22 gigabytes of export-controlled data from the Jet Propulsion Laboratory and opened links between the NASA network and 3,000 foreign IP addresses.
NASA has closed the worst holes in its system, according to the audit released Monday, but other risks will remain until NASA establishes IT safeguards for the entire agency. NASA says it will do that by the end of the fiscal year Sept. 30. NASA said in a statement Tuesday that its chief information officer will work with NASA centers, including Huntsville's Marshall Space Flight Center, to make sure computers are secure.
And more about the past intrusions, directly from the NASA Inspector General's report:
Read the rest
The Guardian reports that three UK teenagers who created and ran "one of the world's largest English-language internet crime forums," described in court as "Crimebook", have been sentenced to up to 5 years in jail. Authorities estimated that losses from credit card data traded over Gh0stMarket.net totaled more than $26 million dollars. Threatening to blow up the head of the police unit in charge of internet crimes after an earlier arrest was probably an unwise move:
Read the rest
The web forum, which had 8,000 members worldwide, has been linked to hundreds of thousands of pounds of registered losses on 65,000 bank accounts. Nicholas Webber, the site's owner and founder, was arrested in October 2009 with the site's administrator, Ryan Thomas, after trying to pay a £1,000 hotel bill using stolen card details. They were then 18 and 17. Webber was jailed for five years on Wednesday and Thomas for four years.
After seizing Webber's laptop, police discovered details of 100,000 stolen credit cards and a trail back to the Gh0stMarket website. Webber and Thomas jumped bail that December, fleeing to Majorca, but were rearrested when they flew back to Gatwick airport on 31 January 2010.
Southwark crown court was told how public-school-educated Webber, the son of a former Guernsey politician, was using an offshore bank account in Costa Rica to process funds from the frauds. After his initial arrest, Webber threatened on a forum to blow up the head of the police e-crimes unit in retaliation, and used his hacking skills to trace officers' addresses.
Security reporter Brian Krebs has a fascinating piece up on Pavel Vrublevsky, founder of Russia's biggest online payment processor, ChronoPay. Krebs reports that this man also co-owns Rx-Promotion, an online pharmacy that sells tens of millions of US dollars worth of controlled pills to Americans each year: Valium, Percocet, Tramadol, Oxycodone, and other substances with high street resale value. Just before Krebs arrived in Russia to meet with Vrublevsky, "several truckloads of masked officers from Russian drug enforcement bureaus" raided a private party thrown for the top moneymakers of Rx-Promotion (that's their promotional banner, above). Snip:
Read the rest
I hadn't told Vrublevsky that I was coming to Russia before I arrived on Feb. 8. But I wasted no time in phoning him via Skype, using the line he normally calls me on several times a week.
"Duuuuuuuudddde!," he answers. "It's 7 a.m. where you are, who died?"
I reply that I am in fact in his time zone and that we should meet. After another long "Duuuuuuuuddde!" Vrublevsky promises to send a car if I will wait in the hotel lobby. He tells me he'll be sending along with the driver his receptionist, named Vera. He proceeds to describe Vera as this grossly overweight, unattractive older lady but, hey, she speaks English and knows how to deal with Westerners, so she's coming, he says.
Fifteen minutes later, I am seated in the lobby waiting for Vera, watching incoming guests as they stomp off snow and trudge through the hotel's revolving door. I find it difficult to avoid staring at this unusually attractive, slender, dark-haired young woman standing nervously just beside the door.
This. Note the dot-mil and dot-govs, and good heavens, the affordable pricing. Fascinating story behind the screengrab over at Krebs on Security. Read the rest
Two suspects are charged with federal crimes for hacking AT&Ts website in 2010 to obtain personal data of more than 100,000 iPad users. From Kim Zetter's Wired News piece:
Daniel Spitler, 26, of San Francisco, Calif., was charged in New Jersey on Tuesday with one count of identity fraud and one count of conspiracy to access a computer without authorization. Andrew Auernheimer, 25, of Fayetteville, Ark., was charged in Arkansas for the same crimes.
The chat transcripts really do say it all:
Spitler: I hit fucking oil
Two Charged in AT&T Hack of IPad Customer Data
Auernheimer: loooool nice
Spitler: If I can get a couple thousand out of this set where can we drop this for max lols?
Auernheimer: dunno i would collect as much data as possible the minute its dropped, itll be fixed BUT valleywag i have all the gawker media people on my facecrook friends after goin to a gawker party
Read the rest
Information designer Jess Bachman's latest creation explores the "financial motivations and transaction that take place in the underground malware and trojan markets." The flow chart "follows the point of infection to monetary gain of the botmasters, scammers and fraudsters who operate these nefarious lines of code." View the full image.
Read the rest