tsu doh nimh - Slashdot User

Submission + - Justice Dept. Names ZeuS Trojan Author, Seizes Control Over P2P 'Gameover Botnet (krebsonsecurity.com)

Submitted by tsu doh nimh on Monday June 02, 2014 @11:22AM

tsu doh nimh writes: The U.S. Justice Department announced today an international law enforcement operation to seize control over the Gameover ZeuS botnet, a sprawling network of hacked Microsoft Windows computers that currently infects an estimated 500,000 to 1 million compromised systems globally. Experts say PCs infected with Gameover are being harvested for sensitive financial and personal data, and that the botnet is responsible for more than $100 million in losses from online banking account takeovers. The government alleges that Gameover also was rented out to an elite cadre of hackers for use in online extortion attacks, spam and other illicit moneymaking schemes. In a complaint unsealed today, the DOJ further alleges that ZeuS and Gameover are the brainchild of a Russian man named Evgeniy Mikhailovich Bogachev, a.k.a. "Slavik."

Submission + - Canadian Teen Arrested for Calling in 30+ Swattings, Bomb Threats (krebsonsecurity.com)

Submitted by tsu doh nimh on Monday May 12, 2014 @06:55PM

tsu doh nimh writes: A 16-year-old male from Ottawa, Canada has been arrested for allegedly making at least 30 fraudulent calls — including bomb threats and "swattings" — to emergency services across North America over the past few months. Canadian media isn't identifying the youth because of laws that prevent the disclosure, but the alleged perpetrator was outed in a dox on Pastebin that was picked up by journalist Brian Krebs, who was twice the recipient of attempted swat raids at the hand of this kid. From the story: "I told this user privately that targeting an investigative reporter maybe wasnâ(TM)t the brightest idea, and that he was likely to wind up in jail soon. But @ProbablyOnion was on a roll: That same day, he hung out his for-hire sign on Twitter, with the following message: âoewant someone swatted? Tweet me their name, address and Iâ(TM)ll make it happen.â

Submission + - Florida Arrests High-Dollar Bitcoin Exchangers for Money Laundering (krebsonsecurity.com)

Submitted by tsu doh nimh on Saturday February 08, 2014 @02:31PM

tsu doh nimh writes: State authorities in Florida on Thursday announced criminal charges targeting three men who allegedly ran illegal businesses moving large amounts of cash in and out of the Bitcoin virtual currency. Experts say this is likely the first case in which Bitcoin vendors have been prosecuted under state anti-money laundering laws, and that prosecutions like these could shut down one of the last remaining avenues for purchasing Bitcoins anonymously.

Submission + - Michaels Stores Investigating Possible Data Breach (krebsonsecurity.com)

Submitted by tsu doh nimh on Saturday January 25, 2014 @03:27PM

tsu doh nimh writes: Michaels Stores In., which runs more than 1,250 crafts stores across the United States, said Saturday that it is investigating a possible data breach involving customer cardholder information. According to Brian Krebs, the journalist who broke the story and news of the Target and Neiman Marcus breaches, the U.S. Secret Service has confirmed it is investigating. Krebs cited multiple sources in the banking industry saying they were tracking a pattern of fraud on cards that were all recently used at Michaels Stores Inc. In response to that story, Michaels issued a statement saying it "recently learned of possible fraudulent activity on some U.S. payment cards that had been used at Michaels, suggesting that the Company may have experienced a data security attack.” In 2011, Michaels disclosed that attackers had physically tampered with point-of-sale terminals in multiple stores, but so far there are no indications what might be the cause of the latest breach. Both Target and Neiman Marcus have said the culprit was malicious software designed to steal payment card data, and at least in Target's case that's been shown to be malware made to infect retail cash registers.

Submission + - The Case for a Global, Compulsory Bug Bounty (krebsonsecurity.com)

Submitted by tsu doh nimh on Tuesday December 17, 2013 @09:27AM

tsu doh nimh writes: Security experts have long opined that one way to make software more secure is to hold software makers liable for vulnerabilities in their products. This idea is often dismissed as unrealistic and one that would stifle innovation in an industry that has been a major driver of commercial growth and productivity over the years. But a new study released this week presents perhaps the clearest economic case yet for compelling companies to pay for information about security vulnerabilities in their products. Stefan Frei, director of research at NSS Labs, suggests compelling companies to purchase all available vulnerabilities at above black-market prices, arguing that even if vendors were required to pay $150,000 per bug, it would still come to less than two-tenths of one percent of these companies' annual revenue. To ensure that submitted bugs get addressed and not hijacked by regional interests, Frei also proposes building multi-tiered, multi-region vulnerability submission centers that would validate bugs and work with the vendor and researchers. The questions is, would this result in a reduction in cybercrime overall, or would it simply hamper innovation? As one person quoted in the article points out, a majority of data breaches that cost companies tens of millions of dollars have far more to do with other factors unrelated to software flaws, such as social engineering, weak and stolen credentials, and sloppy server configurations.

Submission + - Meet Paunch: The Accused Author of the BlackHole Exploit Kit (krebsonsecurity.com)

Submitted by tsu doh nimh on Friday December 06, 2013 @11:35AM

tsu doh nimh writes: In early October, news leaked out of Russia that authorities there had arrested and charged the malware kingpin known as "Paunch," the alleged creator and distributor of the Blackhole exploit kit. Today, Russian police and computer security experts released additional details about this individual, revealing a much more vivid picture of the cybercrime underworld today. According to pictures of the guy published by Brian Krebs, if the Russian authorities are correct then his nickname is quite appropriate. Paunch allegedly made $50,000 a month selling his exploit kit, and worked with another guy to buy zero-day browser exploits. As of October 2013, the pair had budgeted $450,000 to purchase zero-days. From the story: "The MVD estimates that Paunch and his gang earned more than 70 million rubles, or roughly USD $2.3 million. But this estimate is misleading because Blackhole was used as a means to perpetrate a vast array of cybercrimes. I would argue that Blackhole was perhaps the most important driving force behind an explosion of cyber fraud over the past three years. A majority of Paunchâ(TM)s customers were using the kit to grow botnets powered by Zeus and Citadel, banking Trojans that are typically used in cyberheists targeting consumers and small businesses."

Submission + - Europol, Microsoft Target 2-million Strong ZeroAccess Click Fraud Botnet

Submitted by tsu doh nimh on Friday December 06, 2013 @08:49AM

tsu doh nimh writes: Authorities in Europe joined Microsoft Corp. this week in disrupting "ZeroAccess," a vast botnet that has enslaved more than two million PCs with malicious software in an elaborate and lucrative scheme to defraud online advertisers. KrebsOnSecurity.com writes that it remains unclear how much this coordinated action will impact the operations of ZeroAccess over the long term, but for now the PCs infected with the malware remain infected and awaiting new instructions. ZeroAccess employs a peer-to-peer (P2P) architecture in which new instructions and payloads are distributed from one infected host to another. The actions this week appear to have targeted the servers that deliver a specific component of ZeroAccess that gives infected systems new instructions on how to defraud various online advertisers, including Microsoft. While this effort will not disable the ZeroAccess botnet (the infected systems will likely remain infected), it should allow Microsoft to determine which online affiliates and publishers are associated with the miscreants behind ZeroAccess, since those publishers will have stopped sending traffic directly after the takedown occurred. Europol has a released a statement on this action, and Microsoft has published a large number of documents related to its John Doe lawsuits intended to unmask the botnet the ZeroAccess operators and shut down the botnet.

Submission + - Limo Company Hack Exposes Juicy Targets, 850k Credit Card Numbers (krebsonsecurity.com)

Submitted by tsu doh nimh on Tuesday November 05, 2013 @11:46AM

tsu doh nimh writes: A compromise at a U.S. company that brokers reservations for limousine and Town Car services nationwide has exposed the personal and financial information on more than 850,000 well-heeled customers, including Fortune 500 CEOs, lawmakers, and A-list celebrities. Krebsonsecurity.com writes about the break-in, which involved the theft of information on celebrities like Tom Hanks and LeBron James, as well as lawmakers such as the chairman of the U.S. House Judiciary Committee. The story also examines the potential value of this database for spies, drawing a connection between recent personalized malware attacks against Kevin Mandia, the CEO of incident response firm Mandiant. In an interview last month with Foreign Policy magazine, Mandia described receiving spear phishing attacks that spoofed receipts for recent limo rides; according to Krebs, the info for Mandia and two other Mandiant employees was in the stolen limo company database.

Submission + - A Closer Look at the Syrian Electronic Army

Submitted by tsu doh nimh on Thursday August 29, 2013 @02:00PM

tsu doh nimh writes: Yesterday saw the publication of two stories focusing on two different Syrian men thought to be core members of the Syrian Electronic Army, the hacking group that took credit for recent break-ins that compromised the Web sites of The New York Times, The Washington Post and other media outlets. Working with a source who says he hacked into the SEA's servers this year, Vice.com profiles a fairly high-profile SEA member who uses the nickname "ThePro" and outs him as a young man named Hatem Deeb. Separately, Brian Krebs managed to get hold of the SQL database for the SEA's Web site after it was allegedly hacked this year, and follows a trail of clues back to one of two administrators of the SEA, which leads to another Syrian guy — a Web developer named Mohammed Osman, a.k.a. Mohamed Abd AlKarem.

Submission + - Guy DDoS's his old boss and gets caught (krebsonsecurity.com)

Submitted by Anonymous Coward on Wednesday August 21, 2013 @05:19PM

An anonymous reader writes: Brian Krebs writes about a story abouy a hacker who gets caught doing DDoS attacks against his former employer. He ends up learning the hard way what NOT to do when launching DDoS attacks using Booter services.

Submission + - Researchers Buy Twitter Bots to Fight Twitter Spam (krebsonsecurity.com)

Submitted by tsu doh nimh on Wednesday August 14, 2013 @12:45PM

tsu doh nimh writes: The success of social networking community Twitter has given rise to an entire shadow economy that peddles dummy Twitter accounts by the thousands, primarily to spammers, scammers and malware purveyors. But new research on identifying bogus accounts has helped Twitter to drastically deplete the stockpile of existing accounts for sale, and holds the promise of driving up costs for both vendors of these shady services and their customers. Krebsonsecurity.com writes about a paper (PDF) being released today at the USENIX conference that details how researchers spent almost a year and $5,000 buying up accounts from 27 twitter account merchants, and then built templates to help Twitter detect accounts sold by these merchants — all with the aim of getting more of these bot accounts shut down before they can be used to spam legitimate Twitter users. The story goes into great detail on the lengths to which these account merchants will go to evade Twitter's anti-bot security measures.

Submission + - DEF CON Advises Feds Not to Attend Conference (krebsonsecurity.com)

Submitted by tsu doh nimh on Wednesday July 10, 2013 @10:00PM

tsu doh nimh writes: One of the more time-honored traditions at DEF CON — the massive hacker convention held each year in Las Vegas — is "Spot-the-Fed," a playful and mostly harmless contest to out undercover government agents that attend the show each year. But that game might be a bit tougher when the conference rolls around again next month: In an apparent reaction to recent revelations about far-reaching U.S. government surveillance programs, DEF CON organizers are asking feds to just stay away: "I think it would be best for everyone involved if the feds call a âtime-outâ(TM) and not attend DEF CON this year," conference organizer Jeff Moss wrote in a short post at Defcon.org. Krebsonsecurity writes that after many years of mutual distrust, the hacker community and the feds buried a lot of their differences in the wake of 911, with the director of NSA even delivering the keynote at last year's conference. But this year? Spot the fed may just turn into hack-the-fed.

Submission + - Buy the Wargames IMSAI-8080 And Possibly Impress Ally Sheedy (itworld.com)

Submitted by ilikenwf on Wednesday June 26, 2013 @12:45PM

ilikenwf writes: Todd Fischer, the man behind this iconic prop from the movie that spawned countless hackers has come forward recently to announce it's sale in the near future. Interestingly enough, it still works, although the disk drive was damaged in shipping after the movie's conclusion, and was trashed.

Submission + - How Much is Your Gmail Account Worth to Crooks? (krebsonsecurity.com) 1

Submitted by tsu doh nimh on Wednesday June 26, 2013 @10:50AM

tsu doh nimh writes: If you use Gmail and have ever wondered how much your account might be worth to cyber thieves, have a look at Cloudsweeper, a new OAuth service launching this week that tries to price the value of your Gmail address based on the number of retail accounts you have tied to it and the current resale value of those accounts in the underground. From KrebsOnSecurity: "The brainchild of researchers at the University of Illinois at Chicago, Cloudsweeperâ(TM)s account theft audit tool scans your inbox and presents a breakdown of how many accounts connected to that address an attacker could seize if he gained access to your Gmail. Cloudsweeper then tries to put an aggregate price tag on your inbox, a figure thatâ(TM)s computed by totaling the resale value of other account credentials that crooks can steal if they hijack your email."

Submission + - Eye-surgery by magnetically-guided microrobots moves toward clinical trials (robohub.org)

Submitted by Sabine Hauert on Wednesday June 26, 2013 @10:38AM

Sabine Hauert writes: According to robotics researcher Simone Schürle from ETH Zurich’s Multi-Scale Robotics Lab (MSRL), the OctoMag is a magnetic manipulation system that uses electromagnetic coils to wirelessly guide microrobots for ophthalmic surgery. With this system, mobility experiments were conducted in which a microrobot with a diameter of 285 um (about four times the width of a hair) was navigated reliably through the eye of a rabbit, demonstrating the feasibility of using this technology in surgical applications.

Slashdot Top Deals