Articles about Cybercrime

Archer cracks the ISIS mainframe's password

Webmail password reset scam lays groundwork for serious aggro

Symantec has warned about a new password recovery scam that tricks users into handing over webmail account access, possibly setting the stage for more serious security issues. Crooks behind the social engineering ruse need only knowledge of a prospective mark’s email address and associated mobile phone number before attempting …
John Leyden, 19 Jun 2015
The Register breaking news

Scotland Yard cuffs teens for role in cybercrime forum

Two teenagers have been arrested for their alleged involvement in the world's largest English-language cybercrime forum. The pair were detained by appointment in central London on Wednesday by the Police Central e-Crime Unit (PCeU), a national unit based at Scotland Yard. An eight-month investigation into the forum, which hasn' …
The Register breaking news

Symantec and Snoop Dogg launch cybercrime rap contest

Symantec has teamed up with rapper Snoop Dogg to launch a cybercrime rap contest. Participants are invited to bust some rhymes on the subject of malware, hacking and botnets for the chance to win an all expenses paid trip to LA to attend a Snoop gig and meet his people, if not the rapper himself. Winners get a Toshiba laptop …
John Leyden, 02 Sep 2010
The Register breaking news

Cybercrime talks end in failure

Plans to ratify an updated version of a global treaty against cybercrime have failed. Negotiations on modifying the Budapest Convention on Cybercrime to take into account third world objections and the move to cloud computing floundered after delegates attending an international conference in Brazil last week failed to reach an …
John Leyden, 22 Apr 2010
Flytrap

Use home networking kit? DDoS bot is BACK... and it has EVOLVED

A router-to-router bot first detected two years ago has evolved - and now has the capability to reconfigure the firewalls of its victims. The Lightaidra malware captured by security researcher TimelessP (@TimelessP) is an IRC-based mass router scanner/exploiter that's rare because it spreads through consumer network devices …
John Leyden, 09 Sep 2014

Carders offer malware with the human touch to defeat fraud detection

A new cybercrime tool promises to use credit card numbers in a more human way that is less likely to attract the attention of fraud-detection systems, and therefore be more lucrative for those who seek to profit from events like the Target breach. The "Voxis Platform" is billed as "advanced cash out software" that promises to …
Darren Pauli, 30 Oct 2014

Nice SECURITY, 'Lizard Squad'. Your DDoS-for-hire service LEAKS

A DDoS-for-hire service purportedly set up by the Lizard Squad hacking crew exposes registered users' login credentials. The LizardStresser DDoS-on-demand service – a booter service powered by hacked home routers – is hopelessly insecure. Details of more than 14,000 prospective users - whose passwords and usernames were …
John Leyden, 19 Jan 2015
Headshot of Trojan horse

Fareit trojan pwns punters with devious DNS devilry

DNS tricks used by the Fareit trojan mean users are tricked into downloading malware, seemingly from Google or Facebook The latest variants of Fareit are infecting systems via malicious DNS servers, Finnish security firm F-Secure warns. These servers push bogus Flash updates that actually come packed with malicious code, as a …
John Leyden, 06 Mar 2015

Not your father's spam: Trojan slingers attach badness to attachment WITHIN attachment

Cybercrooks are upping the ante by loading malware as an attachment inside another attachment in a bid to slip past security defences. A new variant of the Upatre Trojan comes bundled in spammed messages that imitate emails from known banks such as Lloyds Bank and Wells Fargo. The .MSG file of the malicious emails contains …
John Leyden, 08 Apr 2014
The Register breaking news

German cybercrime forum hacked

An underground cybercrime forum has been hacked, with once walled-off information uploaded onto file-sharing networks. The attack on German e-crime site Carders.cc has led to the wider disclosure of stolen credit card details and passwords from victims along with data on the forum's criminal denizens. A database file containing …
John Leyden, 19 May 2010
The Register breaking news

Bank insiders charged in ZeuS cybercrime smackdown

Six corrupt bank insiders turned ZeuS money mule suspects have been arrested in Moldova. All half dozen of the suspects worked in local banks in the east European country. Investigators reckon the suspects specialised in laundering Western Union and MoneyGram payments received from co-conspirators in the West that can ultimately …
John Leyden, 08 Nov 2010
The Register breaking news

Cybercrime figures 'as true as sexual-conquest scores'

Microsoft researchers have rubbished figures from cyber-crime surveys, deeming them subject to the types of distortions that have long bedevilled sex surveys. It's well enough established that men claim to have more female sexual partners in sex surveys than women claim male partners, a discrepancy that can't be explained by …
John Leyden, 09 Jun 2011
Disney's Beagle Boys

ID-stealing scammers had a bumper start to the year, reveals report

Incidences of identity fraud in the UK rose by more than 25 per cent in the first quarter of 2015, a new report has revealed. In total, 34,151 confirmed instances of identity fraud were recorded in the first quarter of 2015, a 27 per cent increase from Q1 2014. Identity fraud is when criminals abuse personal data to impersonate …
John Leyden, 27 May 2015

Possible Lizard Squad members claim hack of Oz travel insurer

Nearly 900,000 client records including names, addresses, and phone numbers have been stolen from travel insurer Aussie Travel Cover by a suspected member of the Lizard Squad hacking crew. The hacker released databases including those detailing customer policies and travel dates along with a list of partial credit card …
Darren Pauli, 20 Jan 2015
The Register breaking news

Alleged Muscovite cybercrime daddy hauled in to face US court

A suspected Russian cyber-crook has arrived in the US to face charges of security fraud, computer hacking and ID theft following his deportation from Switzerland. Vladimir Zdorovenin, 54, of Moscow, Russia, is alleged to have masterminded a series of credit card theft and stock manipulation scams in conjunction with his son, …
John Leyden, 18 Jan 2012
michael_oleary_ryanair_650

Ryanair stung after $5m Shanghai'd from online fuel account

Budget airline Ryanair has fallen victim to a $5m hacking scam. Crooks siphoned off money from an account earmarked for the payment of fuel bills via an electronic transfer to a bank in China last week. The transfer was subsequently blocked, but the funds – earmarked to pay for aviation fuel for Ryanair's 400-plus Boeing 737-800 …
John Leyden, 30 Apr 2015
The Queen Mother by Phil Houghton

Sony-blasting Lizard Squad suspects quizzed by UK and Finnish cops

UK police have arrested a suspected member of the infamous Lizard Squad crew. The 22-year-old from Twickenham, south-west London, was arrested by police on Tuesday, and questioned about alleged fraud against PayPal as well as claims he is reportedly linked to Lizard Squad – a group of cyber-miscreants who made headlines …
John Leyden, 02 Jan 2015
Files

UK banks hook themselves up to real-time cop data feed

UK banks will receive real-time warnings about threats to their customers' accounts as well as the overall integrity of their banking systems from a new financial crime alert system. Financial Crime Alerts Service (FCAS), which is being rolled out by banking industry association BBA, is designed to allow financial crime …
John Leyden, 23 Sep 2014
The Register breaking news

UK.gov revamps cybercrime strategy

The government has announced a modest revamp of its strategy for fighting cybercrime. In a low-key statement to the House of Commons on Tuesday, junior Home Office minister Alan Campbell said the strategy aimed to build confidence in the provision of (government and private sector) services via the internet, tackle financial …
John Leyden, 31 Mar 2010
grand_theft_auto_v_gta_5_648

Screech! Grand Theft Auto V malware mods warning

Cybercrooks are cooking up malware disguised as mods for the Grand Theft Auto V video game. GTA V allows players to modify their gaming environment with "mods" (modifications). It's all been good fun, but recently two of the mods – "Angry Planes" and "No Clip" – have generated warnings on forums frequented by fans of the game. …
John Leyden, 18 May 2015
Shaun of the dead zombies cricket bat movie still. Copyright Universal Pictures

Finnish bank takes cricket bat to wave after wave of DDoS varmints

Finnish bank OP is continuing to fight off a cascading series of distributed denial of service (DDoS) attacks that began on New Year's Eve. OP was forced to restrict access to its services from outside the Nordic country as a result of the attack. The motive for the attack, much less the perpetrators' identity, remain unclear. …
John Leyden, 05 Jan 2015
Abbott and Costello dressed as policemen

NYPD cop in court for allegedly hacking into the FBI

A New York City Police Department auxiliary deputy inspector faces charges of hacking into a restricted NYPD computer and other law enforcement databases, including a system maintained by the FBI. Yehuda Katz, 45, of Brooklyn, New York, allegedly used the databases to obtain information about local traffic accident victims …
John Leyden, 20 Mar 2015
Meme of a dog "typing" at a computer, with the large font phrase "I have no idea what I'm doing' above him.

It's official: David Brents are the weakest link in phishing attacks

Middle management are increasingly becoming the focus of phishing attacks, according to a new study. Managers received more malicious emails and doubled their click rates year-on-year, according to a study by security company ProofPoint. Senior staff seemed more clued up about dodgy emails, meaning managers and staff clicked on …
John Leyden, 22 Apr 2015
Man in an orange jumpsuit clutches prison bars. Image by Shutterstock

Cuffing darknet-dwelling cyberscum is tricky. We'll 'disrupt' crims instead, warns top cop

Europe's top cyber-cop has called for a shift in focus from the prosecution of online crims to the disruption of their activities. This comes as crooks increasingly make use of the darknet – private peer-to-peer networks such as Tor – to stay hidden and anonymous; cops find it difficult to work out suspects' true identities and …
John Leyden, 29 Apr 2014

Home routers co-opted into self-sustaining DDoS botnet

Hackers have established "self-sustaining" botnets of poorly secured routers, according to DDoS mitigation firm Incapsula. The hijacked routers – located mostly in Thailand and Brazil – were easy pickings for hackers because of the use of factory-default usernames and passwords. Knowledge of these login credentials allowed …
John Leyden, 13 May 2015
The Register breaking news

Senate bill seeks crack down on cybercrime havens

Foreign countries that turn a blind eye to cybercrime would lose US financial assistance and resources under a bill introduced Tuesday in the Senate. The International Cybercrime Reporting and Cooperation Act would require the President to identify "countries of cyber concern" and to plot a course to help each one get tougher …
Dan Goodin, 23 Mar 2010
The Register breaking news

Plug pulled Latvian cybercrime hub

Upstream providers have pulled the plug on Latvian ISP Real Host over allegations it maintained cybercrime servers linked to the Zeus botnet. Real Host was disconnected by its upstream provider, Junik, on Monday, after TeliaSonera told Junik to either cut the juice or face sanctions itself, according to reports by the FT and …
John Leyden, 05 Aug 2009

Carders punch holes through Staples

US office giant Staples is investigating a possible credit and debit card breach of its Northeastern stores. Evidence for the hack, reported by cybercrime and prolific breach blower Brian Krebs, is apparently based on a dozen fraud monitor sources within different US banks. Staples has contacted police and said it was …
Darren Pauli, 21 Oct 2014
Headshot of Trojan horse

Vawtrak challenges almighty ZeuS as king of the botnets

Crooks behind Vawtrak, a dangerous banking Trojan, are ramping up its reach and sophistication, security firms have warned. Vawtrak currently ranks as the single most dangerous threat, according to PhishLabs. Only Zeus and its many variants (GameOver, KINS, ZeusVM, Zberp, etc.) taken as a single malware "family" would outrank …
John Leyden, 27 Dec 2014

Two in five Brits cough up for CryptoLocker ransomware's demands

Around two in five people who fall victim to CryptoLocker have agreed to pay a ransom of around £300 to recover their files, according to a survey of victims. Researchers from the University of Kent quizzed a total of 48 people who had been affected by CryptoLocker. Of the sample, 17 said they paid the ransom and 31 said they …
John Leyden, 28 Feb 2014

GCHQ's cyberspooks had Nudge Unit envy – leak

As 10 Downing Street was establishing a Behavioural Insights Team, or "Nudge" unit, based on pop psychology, so too were the spooks at GCHQ. Clearly not wishing to be left out of the behavioural craze sweeping the chattering classes and the thinkfluencers in the ad world, spooks thought they should be brought up to speed on the …
Andrew Orlowski, 26 Jun 2015
Cartoon of  green skeletal figure reaching out of phone

Fraudsters target Nazi Android malware at Russian bank customers

Alleged members of a gang of "cyber-fascist" Android malware-slingers have been arrested in Russia. The alleged perps behind the scam targeted customers of Russian bank Sberbank with software they called "Fifth Reich", which used Nazi symbols in the management system. Fraudsters targeted malware attacks at Android-operated …
John Leyden, 13 Apr 2015
Sad Anonymous

Anonymous loose cannon admits DDoSing social services and housing websites

A middle-aged Briton has admitted running a series of debilitating denial of service attacks against social services, social housing and crime prevention websites. Ian Sullivan, 51, of Bootle, Merseyside, also admitted responsibility for a series of Distributed Denial of Service (DDoS) attacks against private sector firms, …
John Leyden, 10 Feb 2015
The Register breaking news

Cybercrime police's budget slashed by 30%

Exclusive The national police unit responsible for fighting cybercrime faces a deep cut to its already stretched budget, counter to pre-election talk of an increased focus on the UK's digital security. According to senior Westminster sources, the coalition government has quietly and drastically trimmed the £3.5m that the Police Central …
ISO7816 Tattoo

Online identity woes can only be solved through the medium of GIF

The Global Identity Foundation aims to recruit vendors in its ambitious quest to develop a global digital identity ecosystem. GIF is seeking to develop a new, global solution for digital identities, with the not-for-profit organisation building on work from the Jericho Forum, including the Jericho Forum’s Identity, Entitlement …
John Leyden, 10 Jun 2015
The Register breaking news

Police confirm cybercrime budget cut

The Metropolitan Police have confirmed their budget for battling cybercrime nationally has been slashed by the Home Office. The Register revealed on Friday that central government funding for the Police Central eCrime Unit (PCeU) had been quietly cut by 30 per cent. A spokeswoman for the Met said the PCeU had been targeted as …
The Register breaking news

EU mulls new central cybercrime agency

The European Commission will investigate the establishment of a new EU agency to tackle cybercrime. The new agency could be part of Europol, EU ministers have said. The Council of Ministers has asked the Commission to look at its agreed set of cybercrime objectives and investigate whether a new, centralised agency is a better …
OUT-LAW.COM, 29 Apr 2010
homeless man with sign

Met chief fears Brit cybercrime gangs

Britain's most senior police officer has raised fears that home-grown organised gangs are waking up to the low risks and high rewards of cybercrime. Sir Paul Stephenson, Commissioner of the Metropolitan Police, issued the warning in a Sunday newspaper article highlighting the importance of specialist officers. Debate around …
Internet of Things

The Internet of Stuff is a gigantic ultra-perv robbery network – study

IoT devices facilitate robbery, stalking and cybercrime. That's the downbeat conclusion of a new study by app security firm Veracode into the insecurity of connected devices. Veracode reached its conclusion after looking into a variety of IoT kit, finding they are often designed without data security or privacy in mind. The …
John Leyden, 08 Apr 2015
JPMorgan

JP Morgan bank bod accused of flogging customer account info

The FBI has charged a former JP Morgan employee with selling customer information to thieves who wanted to empty accounts without triggering any alarms. Unsealed court records [PDF] recount that Peter Persaud, who worked at JP Morgan's Brooklyn branch, contacted an undercover FBI informant, and allegedly offered to sell him the …
Iain Thomson, 29 Apr 2015
Manneken pis wears football kit. Source: James Cridland, Flickr

Tesla Twitter account and website hijacked, Elon Musk pwned

The website and Twitter account of carmaker Tesla were hacked over the weekend, as part of what looks like a prank between rival hackers. Elon Musk’s personal Twitter account was also hijacked on Saturday night (US time) by miscreants who at one point claimed to be from the infamous Lizard Squad hacking crew. The name …
John Leyden, 27 Apr 2015

It's 2015 and ATMs don't know when a daughterboard is breaking them

Carders have jackpotted an ATM by inserting a circuit board into the USB ports of an ATM, tricking it into spitting out cash. The technique was thought to have emulated the cash dispenser of the ATM so the brains of the machine thought everything was normal, buying additional time for the brazen crooks to make off with the cash …
Darren Pauli, 07 Jan 2015
apple mac malware vxer

Three WireLurker suspects arrested in China – reports

Three people suspected of involvement in the WireLurker malware campaign have been arrested in China, according to reports. The suspects – whom the Beijing Public Security "internet" unit named only as Chen, Lee and Wang – were apparently arrested in the Beijing area following an investigation assisted by local security firm …
John Leyden, 17 Nov 2014
Kronos

'Father of Zeus' banking trojan appears at very reasonable price

A banking trojan dubbed the father of the infamous Zeus malware is being flogged on cybercrime marketplaces for a pricey $7000, says fraud specialist Etay Maor. The Kronos malware was sold on a cybercrime forum, pitched particularly to Zeus trojan customers given its capabilities to re-use that trojan's form grabbing templates …
Darren Pauli, 15 Jul 2014
Blackmail image

Cyber scum pump ransomware at victims from spambot-stuffed websites

Miscreants have brewed up a strain of ransomware which functions like the recently dead CryptoLocker - and this one communicates using the Tor browsing anonymization network. Critroni appears geared towards exploiting a gap in the market created by a takedown operation against the CryptoLocker and Gameover ZeuS botnets back in …
John Leyden, 22 Jul 2014

Cybercrim told to cough up £1m or spend years in chokey

A cybercriminal from Thamesmead has been given six months to turn up £1m, or he'll be spending another four years behind bars. Rilwan Adesegun Oshodi – a 31-year-old Nigerian national, formerly of Greenhaven Drive, Thamesmead, SE28 – is currently enjoying Her Majesty's hospitality for conspiracy to defraud and conspiracy to …
blackmail

Hackers seize Detroit's database, demand $800k. Motor City shrugs: OK, take it

Hackers seized a database from the City of Detroit earlier this year before unsuccessfully demanding $800,000 in Bitcoin. The failed extortion attempt back in April was disclosed by Detroit mayor Mike Duggan at the North American International Cyber Summit conference on Monday. The stolen database wasn’t needed by the cash- …
John Leyden, 20 Nov 2014

Elderly zombie Asprox botnet STILL mauling biz bods, says survey

The Asprox botnet was responsible for about 80 per cent of all attack sessions recorded during October 2014, impacting nearly 2,000 different organisations. These figures, from a new report by Palo Alto Networks, provide evidence that the Asprox (AKA Kuluoz) malware family is continuing to plague businesses, despite multiple …
John Leyden, 11 Dec 2014
chalk outline of  human body at crime scene

Botnet masters using Tor to hide control tools for ZOMBIE SLAVES

The Tor anonymisation network is being used to hide 900 botnet and cybercrime-related hidden services, according to Kaspersky Lab. Kaspersky security researchers report that the Tor network is playing host to the ChewBacca point-of-sale keylogger and the ZeuS banking malware control infrastructure, as well as the first Tor …
John Leyden, 06 Mar 2014

Russian botnet suspects cuffed over romantic MMS spyware allegs

Russian cops have arrested two mobile botnet cybercrime suspects as part of an ongoing investigation that's reckoned to be the first of its kind in Russia. The unnamed duo, aged 25 and 24 and both resident in Arkhangelsk (a city in the north of European Russia) were arrested as part of an investigation into attempts to defraud …
John Leyden, 19 Sep 2014