Feeds

Articles about Cybercrime

Russian cybercrooks shun real currencies, develop private altcoins

Fraudsters are using private currencies to conduct transactions with each other on Russian-language cybercrime forums. The advent of new private financial systems and currencies in the Russian-language cybercrime community is a trend indicating a stronger level of collaboration, cooperation and sophistication amongst individual …
John Leyden, 17 Feb 2014
NSW Police

Australia's first public swatting victim a nice bloke

An unknown online crim drew 16 armed police to raid a Sydney man's home, by way of a fake emergency call to Queensland police. The dangerous and expensive prank, known as swatting, was believed to be Australia's first on the public record, according to senior cybercrime state and federal police speaking to Vulture South. …
Darren Pauli, 05 Jun 2014
The Register breaking news

Senate bill seeks crack down on cybercrime havens

Foreign countries that turn a blind eye to cybercrime would lose US financial assistance and resources under a bill introduced Tuesday in the Senate. The International Cybercrime Reporting and Cooperation Act would require the President to identify "countries of cyber concern" and to plot a course to help each one get tougher …
Dan Goodin, 23 Mar 2010

World still standing? It's been two weeks since Cryptolocker, Gameover Zeus takedown by feds

Two weeks have passed since the feds knackered the systems doling out the GameOver ZeuS and CryptoLocker malware to PCs. G-men warned us the world had just a fortnight to clean up compromised Windows machines and defend them from the software nasties before their masters regrouped. That time has passed ... and not much has …
John Leyden, 19 Jun 2014
homeless man with sign

Met chief fears Brit cybercrime gangs

Britain's most senior police officer has raised fears that home-grown organised gangs are waking up to the low risks and high rewards of cybercrime. Sir Paul Stephenson, Commissioner of the Metropolitan Police, issued the warning in a Sunday newspaper article highlighting the importance of specialist officers. Debate around …
The Register breaking news

Cybercrime police's budget slashed by 30%

The national police unit responsible for fighting cybercrime faces a deep cut to its already stretched budget, counter to pre-election talk of an increased focus on the UK's digital security. According to senior Westminster sources, the coalition government has quietly and drastically trimmed the £3.5m that the Police Central …
The Register breaking news

Police confirm cybercrime budget cut

The Metropolitan Police have confirmed their budget for battling cybercrime nationally has been slashed by the Home Office. The Register revealed on Friday that central government funding for the Police Central eCrime Unit (PCeU) had been quietly cut by 30 per cent. A spokeswoman for the Met said the PCeU had been targeted as …
The Register breaking news

EU mulls new central cybercrime agency

The European Commission will investigate the establishment of a new EU agency to tackle cybercrime. The new agency could be part of Europol, EU ministers have said. The Council of Ministers has asked the Commission to look at its agreed set of cybercrime objectives and investigate whether a new, centralised agency is a better …
OUT-LAW.COM, 29 Apr 2010
The Register breaking news

Plug pulled Latvian cybercrime hub

Upstream providers have pulled the plug on Latvian ISP Real Host over allegations it maintained cybercrime servers linked to the Zeus botnet. Real Host was disconnected by its upstream provider, Junik, on Monday, after TeliaSonera told Junik to either cut the juice or face sanctions itself, according to reports by the FT and …
John Leyden, 05 Aug 2009
android malware mobile iphone

Chinese cops cuff teen over Heart App Android malware flap

Chinese authorities have arrested a 19-year-old suspected of unleashing a fast spreading strain of malware that infects Android smartphones. Police told Chinese newspapers including Sina.com that "Li", a 19-year-old software engineering student, was cuffed in Shenzhen on suspicion of creating the Heart App Android malware within …
John Leyden, 12 Aug 2014
The Register breaking news

Fugitive Shadowcrew suspect hauled into US court... 9 YEARS on

US prosecutors have finally got their hands on a fugitive cybercrime suspect, nine years after the Bulgarian national was indicted (PDF) over his alleged involvement in the infamous Shadowcrew carding forum. Aleksi Kolarov, 30, appeared in a Newark, New Jersey court on Monday following his extradition from Paraguay last Friday. …
John Leyden, 02 Jul 2013

FBI and pals grab banking Trojan zombielord's joystick

Law enforcement and the security business have teamed up to disrupt the operation of the Shylock banking Trojan. The UK's National Crime Agency joined forces with Europol and the FBI to take down and seize the command and control servers key to running the botnet. Law enforcement also took control of the domains Shylock uses for …
John Leyden, 11 Jul 2014
Microsoft Cybercrime Center

Cybercrook? Bent on mischief? WE'LL GET YOU, vow Facebook and pals

Internet heavyweights have teamed up to form a non-profit organisation designed to supply internet infrastructure operators with free tools and intelligence in the fight against cybercrime. Facebook, security intelligence firm Crowdstrike, Verisign, ESET Anti-Virus, Verizon and the Anti-Phishing Working Group, among others, are …
John Leyden, 25 Mar 2014

SynoLocker Trojan crime gang: We QUIT this gig

A ransomware Trojan gang appears to be moving on, and has offered to sell its remaining decryption keys in bulk for 200 BTC ($103,000, £61,500). Cybercrooks behind the recent SynoLocker Trojan – which targets the network attached storage devices manufactured by Synology – have apparently decided to cash out on their ill-gotten …
John Leyden, 14 Aug 2014
Ice cream

Ice cream headache as black hat hacks sack Dairy Queen

Ice cream mogul Dairy Queen appears to have been breached with hackers likely stealing credit cards from some of its many US stores. The chilling news comes from sources within the US banking sector who separately told cyber-crime prober Brian Krebs that fraudulent transactions on credit cards appeared to have stemmed from a …
Darren Pauli, 29 Aug 2014

Feds hunt 30-year-old alleged to be lord of Gameover botnet

The FBI has released a wanted notice for 30-year-old Russian national Evgeniy Mikhailovich Bogachev, whom they allege to be the mastermind behind both the Gameover ZeuS and the even more infamous CryptoLocker ransomware. A US indictment has been unsealed against the suspect following an FBI-led takedown operation that disrupted …
John Leyden, 03 Jun 2014

Romanian 'ransomware victim' hangs self and 4-year-old son – report

Reports have claimed that a Romanian man who committed suicide recently had been the victim of so-called "police" ransomware which falsely informed him he needed to pay a fine for downloading porn or risk going to jail. Marcel Datcu, 36, from the village of Movila Miresii, hanged himself while holding his four-year-old son in …
John Leyden, 18 Mar 2014
Brute force

Leak of '5 MEELLLION Gmail passwords' creates security flap

Plain-text passwords and account names linked to five million Gmail accounts have been leaked onto several Russian forums. Security experts had already confirmed the data seemed legit, albeit approximately three years old, before Google put up its blog post on the subject. The leak, to a variety of forums, not all of which are …
John Leyden, 11 Sep 2014
bug on keyboard

Cyber hostage-takers SCAMMED six times as many people last year

Malware-powered frauds that lock up victims' computers - or worse yet, encrypt files and force them to pay a fee to unlock their information - increased by 500 per cent during 2013, according to a study by Symantec. Symantec's latest global Internet Security Threat Report also revealed that targeted attack campaigns for the …
John Leyden, 09 Apr 2014
Breach

2,285,295 Aussie logins nabbed in Russian password haul

More than two million unique login credentials for Australian internet users were stolen as part of the massive haul of 1.2 billion passwords by a Russian hacker outfit. Earlier this month Hold Security reported that Russian hackers under the group dubbed CyberVors amassed the largest ever cache of stolen website passwords …
Darren Pauli, 11 Aug 2014

Show Mother Russia you love her: Click HERE and AHHH NYET!

Software being offered to patriotic Russians as a way to attack Western governments, especially the US, is actually loaded with malware that attacks supporters' computers, security researchers warn. Hackers have crafted ingenious spam messages that help them deliver the Trojan to those who support the Russian cause and are …
John Leyden, 26 Aug 2014

Phishing miscreants THWART securo-sleuths with AES-256 crypto

Phishing fraudsters have begun using industry-standard AES-256 encryption to disguise the content of fraudulent sites. Obfuscated phishing sites are nothing new. Various techniques such as JavaScript encryption tools are commonly used but Symantec recently caught what it reckons is the first use of AES-256 encryption in dodgy …
John Leyden, 09 Sep 2014

Watch a bank-raiding ZeuS bot command post get owned in 60 seconds

Web thieves may get more than they bargained for if tech pros follow the lead of one researcher – who demonstrated how to hack the systems remote-controlling the infamous ZeuS crime bot in 60 seconds. The dangerous Trojan ZeuS infects Windows PCs to, among other things, silently siphon cash from victims' online bank accounts. …
Darren Pauli, 06 May 2014
The Register breaking news

European conference sets agenda for cybercrime fight

The Council of Europe has called for a worldwide implementation of its Convention on Cybercrime to fight the growing problem of economic crime on the web. During the fifth annual CoE conference on cybrecrime in Strasburg this week, participants spoke in favour of greater international cooperation in sharing existing tools, …
John Leyden, 26 Mar 2010

Hidden 'Windigo' UNIX ZOMBIES are EVERYWHERE

Hackers using a Trojan seized control of over 25,000 Unix servers worldwide to create a potent spam and malware distribution platform. The attack, dubbed Operation Windigo1, was uncovered by security experts at anti-virus firm ESET, in collaboration with CERT-Bund, the Swedish National Infrastructure for Computing, as well as …
John Leyden, 18 Mar 2014
Vrublevsky's Facebook image

Spammer sprung to run Russian national payment system

Russia has reportedly hired a man to develop its national payments system, days after the alleged mastermind of one of the country's biggest pharmacy spam networks was granted early parole. The criminal allegations following Pavel Vrublevsky were prodigious but were largely denied or unconfirmed by the 35 year-old Moscow native …
Darren Pauli, 04 Jun 2014
The Register breaking news

Former White House advisor wants cybercrime haven crackdown

A former White House security advisor has urged a crackdown on rogue states that serve as a "safe haven" for cybercrime, along with a fundamental rethink of internet architectures. Richard Clarke, who served as special advisor to the President George W Bush on cybersecurity, told delegates to the RSA Conference in London that …
John Leyden, 14 Oct 2010
android malware mobile iphone

New software nasty encrypts Android PHONE files and demands a ransom

Miscreants have brewed the first file-encrypting strain of ransomware that infects Android smartphones. The malware, dubbed Android/Simplocker by ESET, scans the SD card in a handset for certain types of file, encrypts them, and demands a ransom to decrypt the data. The ransom message is written in Russian, with payment …
John Leyden, 04 Jun 2014
The Register breaking news

UK biz bled dry by cybercrime

The average UK business is losing £10,000 a year thanks to cyber espionage, extortion and other forms of online fraud. In total the UK economy is losing £27bn a year and British businesses soak up £21bn of this loss. Given there are 2.1 million UK firms registered for VAT this gives a loss per firm of £10,000. The numbers, …
John Oates, 17 Feb 2011
An alternative Yahoo! logo, courtesy of a Flickr user

CryptoWall! crooks! 'turn! to! Yahoo! ads! to! spread! ransomware!'

Crooks are using Yahoo!'s advertising network to infect PCs with the CryptoWall ransomware, it's claimed. Windows software nasty CryptoWall encrypts a victim's files using an OpenSSL-generated key pair before demanding a ransom to decrypt the data. It communicates with its masters using RC4-encrypted messages to command servers …
John Leyden, 11 Aug 2014

Scam emails tell people they have cancer to trick them into installing a money-stealing Trojan

Sick fraudsters have put out a batch of malware-riddled hoax emails warning recipients that they may have cancer. The scam emails purport to come from the UK National Institute for Health and Care Excellence (Nice). The emails - which arrive with the header "important blood analysis result" - ask prospective victims to download …
John Leyden, 14 Mar 2014
Zombie cloud

Microsoft teams up with Feds, Europol in ZeroAccess botnet zombie hunt

Microsoft has teamed up with the FBI to launch a renewed attempt to disrupt the operations of the infamous ZeroAccess botnet. ZeroAccess is responsible for infecting over two million computers, specifically targeting search results as part of a click-fraud scam that Redmond estimates is costing online advertisers $2.7m a month. …
John Leyden, 06 Dec 2013
balaclava_thief_burglar

Feds charge Vietnamese suspect with slurp'n'flog of half-a-million Americans' ID data

A Vietnamese man has been charged in connection with a long-running scam involving the theft and resale of what the DoJ rather hiply refers to as the "fullz”* (personal information) of hundreds of thousands of Americans. Hieu Minh Ngo, 24, a Vietnamese national, was hit with a total of 15 charges, including conspiracy to commit …
John Leyden, 22 Oct 2013
Nuclear bomb image

Intruder alert: Cyber thugs are using steganography to slip in malware badness

Common or garden cybercrooks have taken to using steganography – the art of hiding secret information within another image or message file – to run a click-fraud scam. Steganography has long been the stuff of spy trade-craft and cypherpunk novels, but now cybercrooks have made the practice downmarket by applying it to the Lurk …
John Leyden, 08 Aug 2014

Darknet: It's not just for DRUGS. Ninja Banking Trojan uses it too

Russian-speaking virus writers have brewed up a stealthy strain of banking Trojan that communicates over peer-to-peer networks using an encrypted darknet protocol that's arguably even stealthier than TOR: I2P. The i2Ninja malware offers a similar set of capabilities to other major financial malware such as ZeuS and SpyEye – …
John Leyden, 21 Nov 2013
Eugene Kaspersky in Sydney

Eugene Kaspersky: Ukraine conflict hurts enterprise security

As governments around the world continue to wrangle for a peaceful solution to the political tensions in the Ukraine, cybercriminals could catch governments off guard with online attacks, warns Kaspersky Lab CEO Eugene Kaspersky. Speaking at a summit in San Francisco, the Kaspersky Lab cofounder and namesake expressed concern …
Shaun Nichols, 16 Apr 2014
android malware mobile iphone

Gameover ZeuS botnet pulls dripping stake from heart, staggers back from the UNDEAD

The Gameover ZeuS malware is back from the dead just six weeks after a takedown operations that aimed to put a stake through the heart of the botnet, which is linked to the even more infamous CryptoLocker ransomware. International law enforcement acted against the crooks behind the Gameover ZeuS in early June. For the past month …
John Leyden, 14 Jul 2014
The Register breaking news

UN split on cybercrime conventions

A United Nations committee on international crime prevention is split on how to deal with cybercrime. Some countries want the existing European convention to be adopted worldwide, while others want a completely new agreement to be created. At the UN Congress on Crime Prevention and Criminal Justice in Brazil last week nations …
OUT-LAW.COM, 19 Apr 2010
The Register breaking news

Police charge 11 over Zeus cybercrime scam

UK police investigating a suspected Zeus Trojan e-banking fraud ring have charged 11 people with a variety of fraud and money laundering offences. The accused, all east European nationals resident in Essex, allegedly participated in a series of frauds targeting customers of UK banks over the last three months that resulted in …
John Leyden, 30 Sep 2010
PCS with a red X in front of them

Swiping your card at local greengrocers? Miscreants will swipe YOU in a minute

More than a thousand point-of-sale, grocery management and accounting systems worldwide have been compromised by a new strain of malware, results of a March 2014 probe have revealed. During a survey of compromised POS terminals, accounting systems and grocery management platforms, the Nemanja botnet was fingered as one of the …
John Leyden, 27 May 2014
Scotland

Pentagon hacker McKinnon can't visit sick dad for fear of extradition

Pentagon hacker Gary McKinnon is afraid tor visit his sick father in Glasgow after advice from his lawyers about the possibility of extradition. McKinnon's father, Charlie, is in hospital after suffering a stroke. But lawyers for the London-based hacker have advised him against visiting his dad in hospital in Scotland because …
John Leyden, 01 Aug 2014
balaclava_thief_burglar

Cardslurping kingpin caged for 18 years over Carderplanet forum

A Ukrainian national who co-founded the infamous cybercrime marketplace CarderPlanet has been jailed for 18 years following a lengthy US legal process that ran for more than a decade. Roman Vega, 49, eventually pleaded guilty in 2009 to conspiracy to commit money laundering and access device fraud offences – but he was only …
John Leyden, 13 Dec 2013
Hacker image

GCHQ recruits spotty teens – for upcoming Hack Idol

The GCHQ-backed Cyber Security Challenge UK is bringing cybersecurity education to UK schoolkids aged from 12 to 18 with the importation of the US-created Cyber Patriot programme. The US Air Force Association ​CyberPatriot youth programme involves as battle of wits in cyberspace involving 1,500 international teams of under-18s …
John Leyden, 11 Aug 2014
The Blue Mosque in Istanbul

LulzSec supergrass Sabu led attacks against Turkey – report

Just months after reports emerged that LulzSec "kingpin" turned FBI snitch Hector Xavier Monsegur had allegedly led cyber-attacks against foreign governments while under FBI control, a "cache of sealed court documents" has provided some more startling reading. Monsegur – who prosecutors insist is "Sabu", a leading figure in …
John Leyden, 13 Aug 2014

Sync'n'steal: Hackers brew Android-targeting Windows malware

Internet Igors have stitched together the first strain of Windows malware that can hop over and infect Android smartphones and tablets. The Droidpak mobile banking trojan exploits syncing between smartphones and Windows PCs to jump from a compromised PC onto an Android device. The Windows Trojan downloads a malicious .APK file …
John Leyden, 27 Jan 2014
Resident Evil zombie takeover

Pushdo Trojan outbreak: 11 THOUSAND systems infected in just 24 hours

A wave of attacks by cybercrooks pushing a new variant of the resilient Pushdo Trojan has compromised more than 11,000 systems in just 24 hours. Indian PCs have been most affected by the outbreak, but systems in the UK, France and the US have also been hit, according to security software firm Bitdefender. The Romanian firm …
John Leyden, 17 Jul 2014

Feds cuff five more suspects in $45m bank mega-cyber-heist

US Federal authorities have arrested five people accused of aiding a massive electronic bank heist in New York earlier this year. The US District Attorney's office for Eastern New York said that the five were detained following the discovery of photographic evidence that allegedly links the men to a $45m cash-swindling operation …
Shaun Nichols, 19 Nov 2013
The Register breaking news

EU crackdown will see tougher sentences for stupid cyber-badhats

The European Parliament has agreed to toughen criminal penalties across the EU for cyber attacks, especially any that threaten national infrastructure or are deemed to be aimed at stealing sensitive data. The new directive forces the 28 member states to impose national maximum sentences of at least two years in prison for trying …
australian credit cards fraud contactless

Teensy card skimmers found in gullets of ATMs

A series of tiny and sometimes transparent card-skimming devices have been detected in ATMs across Europe, researchers say. Boffins with the European ATM Security Team (EAST) have plucked out and displayed some clever thumb-sized skimmers that hide from victims' view by fitting in cash terminals' gullets. The devices paraded in …
Darren Pauli, 09 Jul 2014
PayPal inStore app in action

Credit card of PayPal PRESIDENT cloned by UK crooks

PayPal president's credit card got hacked on a UK visit, the victim revealed on Twitter. David Marcus said that an unidentified criminal used a skimming device and his credit card was cloned before "tons" of fraudulent transaction were made. The senior executive of the eBay-owned payment processing firm made sure to score a …
John Leyden, 12 Feb 2014