Feeds

Man pleads guilty to spreading Trojan via IRC

Up to five years in prison

Combat fraud and increase customer satisfaction

A Washington-state man pleaded guilty to one felony count of computer fraud relating to charges he spread malware to users of an internet relay chat (IRC) channel. He faces up five years in prison and a $250,000 fine when he is sentenced in early May.

Using the user ID Fyle, Richard C. Honour infected IRC users with a program known as WindowsMedia.exe, according to a plea agreement on file with the federal court in St Louis, Missouri, where servers for one of the IRC networks are located. The program installed a back door that gave the hacker, now 31-years-old, access to victims' computers.

Honour admitted he caused users of the DarkMyst IRC group to receive private messages inviting them to view a video on a website. Users who followed the link (we presume those running unpatched versions of Windows) were infected. Among other things, the malware caused victims to spam other IRC users in an attempt to virally spread itself. An FBI raid on Honour's home led to the discovery of documents showing he had siphoned information off victims' computers.

A public defender didn't return calls seeking comment.

US prosecutors have been trying to publicly turn up the heat on cyber miscreants as the online crime wave reaches epidemic levels and they have to compete for limited resources with colleagues combating terrorism and white collar crime.

"Computer viruses have the potential to cause an incredible amount of damage to the nation's economy," United States Attorney Catherine L. Hanaway said in a statement. "This office will pursue these cases aggressively. Tracking a computer crime can be tedious and difficult. This case is an example of excellent investigative work by agents of the Federal Bureau of Investigation, who responded to complaints from the Internet community and followed every lead until the case was resolve."

Last year, federal prosecutors celebrated the convictions of at least two high-profile cases. One involved a 21-year-old man from Southern California who received almost five years for renting out his botnet by the hour. Another involved a guilty plea by a 21-year-old who pleaded guilty to botnet crimes that disrupted thousands of computers, including some at a Seattle hospital. ®

SANS - Survey on application security programs

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.