Feeds

ID theft scam hunt goes global

Follow the money

High performance access to file storage

UK police are working with Interpol in a bid to track down the perpetrators of a malware-powered ID theft scam that has claimed thousands of victims worldwide.

As previously reported, a computer seized in the US contained personal data - including names, addresses, credit card information, and transaction records - from around 2,300 UK punters. Closer examination has revealed the details of at least 8,500 people in 60 countries were obtained through the scam.

The data was swiped using key-logging Trojan software, now identified as a variant of Haxdoor, according to the Metropolitan Police's Computer Crime Unit, which is investigating the case. Police are not explaining how the US computer came to be seized in the interests of protecting what's described as an ongoing investigation.

Haxdoor sends login details and other sensitive personal information to systems controlled by hackers. Variants of the Trojan used in the attack use a screen capture function in order to capture sensitive information. It's thought that many of the affected PCs became infected after victims of the attack (who'd failed to take adequate security precautions) were duped into following links in instant messenger conversations or spam emails that led to hacker-controlled websites hosting malware.

Login credentials associated with 600 financial companies and banks have been found on the US machine that's at the centre of the investigation, IDG reports. Analysis work is continuing on the data, contained in 130,000 files, forwarded by authorities to UK investigators. The data contains information including login details for ecommerce sites such as eBay, Amazon, and ISPs including BT and Pipex.

It's unclear how much, if indeed any, money has been stolen from online accounts as a result of the scam. UK police began by contacting suspected victims directly by email. They have gone on to get in touch with banks to alert them that particular account numbers have been compromised, so financial institutions have the information they need to contact customers directly.

Meanwhile, the Metropolitan Police's Computer Crime Unit is working with Interpol to trace the hackers behind the scam. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.