Articles about Cybercrime

Illegal drugs

Global drug-dealing cyber crime web was centred on ... Aberdovey

A 30-year old man from Aberdovey has been sentenced to two years in prison, thanks to his dark web drug dealing. Cei William Owens, 30, from Ceunant, Aberdovey, was nabbed by the coppers last year as part of an international investigation which targeted the bigger players in the dark net drug-dealing world. Owens, who used …

Aviva phone hacker jailed for 18 months over revenge attack

A senior techie has been jailed for 18 month after he was convicted of hacking into hundreds of phones at insurance firm Aviva, an act of sabotage designed to extract revenge against a firm that supplied security services to the insurance giant. Richard Neale, 40, pleaded guilty to a hack against Aviva designed to cause …
John Leyden, 26 Aug 2015
Laurel and Hardy on the phone

Scammers going after iOS as fake crash reports hit UK

Tech support scammers have begun targeting UK iPhone and iPad users, offering to fix problems that don't actually exist. Cold call scams that seek to hoodwink Windows users into paying for useless remote diagnostic and cleanup services have been an issue for years. More recently, scammers have broadened their sights to target …
John Leyden, 21 Jul 2015
School of Rock

DDoS attack downs University of London learning platform

The University of London Computer Centre fell victim to a cyber-attack on Thursday. The assault left Moodle – an open-source learning platform – out of action for several hours on Thursday morning before normal service was restored. Technicians initially estimated problems were down to firewall configuration issues, before …
John Leyden, 22 May 2015
The Register breaking news

Euro cops mull crowd-sourced cybercrime data

Crowd-sourcing cybercrime reports could help the fight against online crime, according to a senior European Union official. Rob Wainwright, director of Europol, told a House of Lords sub-committee that plans for a European centre to fight cybercrime would include a facility for members of the public to report security attacks …
John Leyden, 17 Dec 2010
Babar the Elephant. Pic: Brendan Adkins

Babar the Elephant: Another malware plague with a cute name

A strain of French-language cyber-espionage malware spotted by infosec researchers shows that the NSA aren't the only spook agency brewing custom nasties to steal sensitive data. Babar was first mentioned in documents from Canadian intel agency CSEC (Communications Security Establishment Canada) leaked by Edward Snowden. They …
John Leyden, 19 Feb 2015
Cash in brown paper envelope CC 2.0 attribution StockMonkeys.com

IRS: Tax-record snaffle scam actually 200% worse than first feared

The US Internal Revenue Service (IRS) admitted Monday that the May scam in which criminals tried to use stolen data on more than 114,000 people to collect tax information was far larger than it originally thought. Uncle Sam's taxman now claims that on top of the 100,000 or so people whose data had been used to collect tax …
Shaun Nichols, 17 Aug 2015

Carders fleece $4.2 million from Victoria's MyKi transport agency

Scammers have inflicted some AUD$4.2 million in damages of damage to Public Transport Victoria (PTV) by buying and selling MyKi travel cards loaded with cash stolen from credit cards. The agency in the southern Australian state coughed up the dough to international credit card holders whose cards were fleeced. MyKi cards are …
Darren Pauli, 25 Aug 2015
Fraud image

Researcher snaps a Zeus hacker's photo through his webcam

Security researcher Raashid Bhatt has detailed how to bust the security protections of the Zeus banking trojan allowing him to take a webcam photo of the scammer. Bhatt (@raashidbhatt) wrote in a technical blog how he reverse-engineered the malware after a scammer attempted to foist the malware on him through a phishing scam …
Darren Pauli, 07 Aug 2014
Photo From <a target="_blank" href="http://www.shutterstock.com/pic-232507384/stock-photo-christmas-holiday-happy-girl-friends-looking-at-something-on-digital-touch-screen-tablet-pc.html?src=9mJhlJ8bDz_0JV9eZNUpyQ-1-34">Shutterstock</a>

Chechen women swindle ISIS via social media: 'We need roubles to join you xx'

Chechen rozzers have reportedly arrested a trio of jihadi-baiting women who flirted with ISIS fighters online before conning them out of money they sent to pay for a non-existent rendezvous in Syria. Terrorists pledging allegiance to the self-declared caliphate – almost as contentious in name as deed – have made a concerted …
Team Register, 04 Aug 2015
The Register breaking news

Auction fraud complaints prop up declining US cybercrime reports

US complaints about internet fraud dropped 10 per cent last year. The Internet Crime Complaint Center (IC3) fielded 303,809 reports of cybercrime in 2010, down from 336,655. The agency – maintained by staff from by the FBI and the National White Collar Crime Center – said the reduced figures were still the second highest in its …
John Leyden, 25 Feb 2011
Cloud security image

Blackhat hack trick wallops popular routers

A cybercrime vigilante known as Kafeine says criminals are hitting thousands of victims with a hacking tool that targets more than 40 router models. The well-known hacker says the novel attacks use cross-site request forgery and exploits against new and old bugs to change router DNS settings. This bypasses the need to target …
Darren Pauli, 26 May 2015
The Register breaking news

ZeuS cybercrime cookbook on sale in underground forums

Cybercrooks are offering what purports to be source code for the infamous ZeuS cybercrime toolkit through underground forums. The would-be seller, nicknamed IOO, has lent credibility to the offer by including screenshots of what appears to be portions of the source code for ZeuS to his sales pitch. IOO offers to discuss the sale …
John Leyden, 23 Mar 2011
The Register breaking news

EU plans IP address snatch to battle cybercrime

An international cybercrime centre will be able to revoke domain names and IP addresses under new proposals by European governments. The EU Council of Ministers announced the plan yesterday. They want a new body, possibly based at Europol, the EU police agency, to take on an array of tasks to combat cybercrime. The most eye- …
Brute Force

Cisco and Level 3 team up to squash brute force server hijackers

Cisco and service provider Level 3 have teamed up take down netblocks linked to brute-force hack kingpins SSHPsychos, severely degrading (but not destroying) the group's potential to hack servers in the process. Hacker collective SSHPsychos (AKA Group 93) has been running SSH brute force attacks on an industrial scale since June …
John Leyden, 10 Apr 2015

Victims of US gov't mega-breach still haven't been notified

Nearly three months after the US Office of Personnel Management (OPM) discovered its databases had been compromised by Chinese hackers, the government still hasn't notified the employees and contractors affected by the breach. On Tuesday, the OPM said it planned to start the process of informing victims "later this month," and …
Neil McAllister, 02 Sep 2015
Blackmail

Bitcoin blackmail gang start hurling DDoSes at Scandinavia

Bitcoin extortionists DD4BC have begun targeting Scandinavian companies with complex DDoS attacks. DD4BC is blackmailing targets by asking them to pay 40 bitcoins or more to avoid their central services being subject to DDoS attacks. Extortionate demands typically appear in emails around an hour after targets are blitzed off the …
John Leyden, 09 Jun 2015

Listed US tech provider bribed Oz bank worker say cops

Updated A former banking industry IT executive has been arrested in Sydney for bribery over the handling of "lucrative" contracts. Police in the Australian state of New South Wales (NSW) made the arrest, but have provided scant detail about the matter. But the contract must have been big: as the boys in blue say “To date, more than US$1 …
The Register breaking news

Report: Hacking forum is a cybercrime academy

Certain underground hacking forums are acting as training academies and tech-support networks for cybercriminals as well as creating a marketplace for a vast array of cybercrime tools, say researchers. Database security firm Imperva has been keeping close tabs on an unnamed hacking message board with nearly 220,000 registered …
John Leyden, 19 Oct 2011
Headshot of Trojan horse

Banking trojan scourge gallops on, despite more fences

RSA 2015 Banking botnets persist as a threat despite recent high-profile takedowns which only achieve a temporary calming effect, according to a new study from Dell SecureWorks. Between mid-2014 and early 2015, coordinated efforts involving law enforcement and private-sector industry disrupted three of the most active banking botnets ( …
John Leyden, 23 Apr 2015
The Register breaking news

Teen cybercrime forum boss jailed

A UK teenager who ran a prolific cybercrime forum from home has been jailed for five years. Nick Webber, 19, maintained the Ghostmarket.net market which boasted 8,000 memberships and facilitated a range of crimes including the sale of stolen credit card and personal details. Police recovered the details of thousands of credit …
John Leyden, 03 Mar 2011
The Register breaking news

Scotland Yard cuffs teens for role in cybercrime forum

Two teenagers have been arrested for their alleged involvement in the world's largest English-language cybercrime forum. The pair were detained by appointment in central London on Wednesday by the Police Central e-Crime Unit (PCeU), a national unit based at Scotland Yard. An eight-month investigation into the forum, which hasn' …

Pentagon 'network intruder', dozens more cuffed in British cops' cyber 'strike week'

A "strike week" against suspected hackers by the UK's National Crime Agency has resulted in 57 arrests. Those arrested are suspected of being involved in a wide variety of cybercrimes such as fraud and virus writing. The suspects – arrested in 25 operations across the UK – face charges including network intrusion and data theft …
John Leyden, 06 Mar 2015
The Register breaking news

Cybercrime talks end in failure

Plans to ratify an updated version of a global treaty against cybercrime have failed. Negotiations on modifying the Budapest Convention on Cybercrime to take into account third world objections and the move to cloud computing floundered after delegates attending an international conference in Brazil last week failed to reach an …
John Leyden, 22 Apr 2010
The Register breaking news

Symantec and Snoop Dogg launch cybercrime rap contest

Symantec has teamed up with rapper Snoop Dogg to launch a cybercrime rap contest. Participants are invited to bust some rhymes on the subject of malware, hacking and botnets for the chance to win an all expenses paid trip to LA to attend a Snoop gig and meet his people, if not the rapper himself. Winners get a Toshiba laptop …
John Leyden, 02 Sep 2010
teslacrypt

Hi! You've reached TeslaCrypt ransomware customer support. How may we fleece you?

The TeslaCrypt ransomware gang raked in $76,500 in around 10 weeks, according to new research into the scam. TeslaCrypt, which was distributed through the widely-used Angler browser exploit kit, was first spotted in February 2015 by security researchers at Dell SecureWorks. After encrypting popular file types on compromised …
John Leyden, 20 May 2015
Dispatchers are vital to co-ordinating on the ground activities

Greater Manchester plod site targeted by nuisance DDoS attack

The website for Greater Manchester Police was targeted by two Distributed Denial of Service (DDoS) attacks yesterday, which rendered the site unavailable for more than two hours. The operators of two Twitter accounts have claimed responsibility. Greater Manchester Police (GMP) released a statement confirming that the force's " …
The Register breaking news

German cybercrime forum hacked

An underground cybercrime forum has been hacked, with once walled-off information uploaded onto file-sharing networks. The attack on German e-crime site Carders.cc has led to the wider disclosure of stolen credit card details and passwords from victims along with data on the forum's criminal denizens. A database file containing …
John Leyden, 19 May 2010

Ashley Madison invites red-faced cheats to bolt stable door for free

Adulterous hook-up site Ashley Madison is allowing all members to fully delete their profiles without charge in the aftermath of a serious data breach that threatens the site' future. Previously, if users wanted to delete their records (profile, pictures and messages sent through the system) they were obliged to pay around $20 …
John Leyden, 21 Jul 2015
france

France enacts law to block terror and child sexual abuse sites

France has moved to implement the Internet-blocking regime that became law in October 2014 as part of a suite of anti-terrorism legislation. The 2014 law allowed administrative orders blocking sites hosting child pornography content, or advocating acts of terrorism. The law has now been gazetted, here, meaning it can now be …
The Register breaking news

Bank insiders charged in ZeuS cybercrime smackdown

Six corrupt bank insiders turned ZeuS money mule suspects have been arrested in Moldova. All half dozen of the suspects worked in local banks in the east European country. Investigators reckon the suspects specialised in laundering Western Union and MoneyGram payments received from co-conspirators in the West that can ultimately …
John Leyden, 08 Nov 2010

Mashed together malware threatens Japanese online banking users

Customers of Japanese banks are on the front line of attacks based on a new and sophisticated banking trojan, mashed together from leaked bits of malware code. Shifu (named after the Japanese word for thief) is targeting 14 Japanese banks as well as electronic banking platforms used across Europe, according to security …
John Leyden, 01 Sep 2015
The Register breaking news

Cybercrime figures 'as true as sexual-conquest scores'

Microsoft researchers have rubbished figures from cyber-crime surveys, deeming them subject to the types of distortions that have long bedevilled sex surveys. It's well enough established that men claim to have more female sexual partners in sex surveys than women claim male partners, a discrepancy that can't be explained by …
John Leyden, 09 Jun 2011

Dyre times ahead: Zeus-style trojan slurps your banking login creds

UK users of Barclays, Royal Bank of Scotland, HSBC, Lloyds Bank and Santander are being targeted by cybercrooks slinging the Dyre banking trojan. Around 19,000 malicious emails have been sent in three days from spam servers worldwide, inviting users to download an archive containing a malicious .exe file posing as personal …
John Leyden, 08 Jul 2015
Flytrap

Use home networking kit? DDoS bot is BACK... and it has EVOLVED

A router-to-router bot first detected two years ago has evolved - and now has the capability to reconfigure the firewalls of its victims. The Lightaidra malware captured by security researcher TimelessP (@TimelessP) is an IRC-based mass router scanner/exploiter that's rare because it spreads through consumer network devices …
John Leyden, 09 Sep 2014
steam_dota_character_648

Unable to log on to online games? Blame cheap-rate DDoSers

Running botnets-for-hire to mount DDoS attacks has become cheaper and easier than ever, according to a new research. Imperva Incapsula reckons botnet-for-hire services might be acquired for for as little $19.99 per month, via underground forums and payable in Bitcoins. Short, single-vector attacks associated with botnet-for-hire …
John Leyden, 10 Jun 2015
Archer cracks the ISIS mainframe's password

Webmail password reset scam lays groundwork for serious aggro

Symantec has warned about a new password recovery scam that tricks users into handing over webmail account access, possibly setting the stage for more serious security issues. Crooks behind the social engineering ruse need only knowledge of a prospective mark’s email address and associated mobile phone number before attempting …
John Leyden, 19 Jun 2015
The Register breaking news

Alleged Muscovite cybercrime daddy hauled in to face US court

A suspected Russian cyber-crook has arrived in the US to face charges of security fraud, computer hacking and ID theft following his deportation from Switzerland. Vladimir Zdorovenin, 54, of Moscow, Russia, is alleged to have masterminded a series of credit card theft and stock manipulation scams in conjunction with his son, …
John Leyden, 18 Jan 2012

Not your father's spam: Trojan slingers attach badness to attachment WITHIN attachment

Cybercrooks are upping the ante by loading malware as an attachment inside another attachment in a bid to slip past security defences. A new variant of the Upatre Trojan comes bundled in spammed messages that imitate emails from known banks such as Lloyds Bank and Wells Fargo. The .MSG file of the malicious emails contains …
John Leyden, 08 Apr 2014

Carders offer malware with the human touch to defeat fraud detection

A new cybercrime tool promises to use credit card numbers in a more human way that is less likely to attract the attention of fraud-detection systems, and therefore be more lucrative for those who seek to profit from events like the Target breach. The "Voxis Platform" is billed as "advanced cash out software" that promises to …
Darren Pauli, 30 Oct 2014

Nice SECURITY, 'Lizard Squad'. Your DDoS-for-hire service LEAKS

A DDoS-for-hire service purportedly set up by the Lizard Squad hacking crew exposes registered users' login credentials. The LizardStresser DDoS-on-demand service – a booter service powered by hacked home routers – is hopelessly insecure. Details of more than 14,000 prospective users - whose passwords and usernames were …
John Leyden, 19 Jan 2015
Headshot of Trojan horse

Fareit trojan pwns punters with devious DNS devilry

DNS tricks used by the Fareit trojan mean users are tricked into downloading malware, seemingly from Google or Facebook The latest variants of Fareit are infecting systems via malicious DNS servers, Finnish security firm F-Secure warns. These servers push bogus Flash updates that actually come packed with malicious code, as a …
John Leyden, 06 Mar 2015
The Register breaking news

UK.gov revamps cybercrime strategy

The government has announced a modest revamp of its strategy for fighting cybercrime. In a low-key statement to the House of Commons on Tuesday, junior Home Office minister Alan Campbell said the strategy aimed to build confidence in the provision of (government and private sector) services via the internet, tackle financial …
John Leyden, 31 Mar 2010
botnet

Bunitu botnet crooks sell your unencrypted VPN traffic for £££

Cyber-crooks behind the Bunitu botnet are selling access to infected proxy bots as a way to cash in from their network. Users (some of whom may themselves be shady types, as explained below) who use certain VPN service providers to protect their privacy are blissfully unaware that back-end systems channel traffic through a …
John Leyden, 11 Aug 2015
VR

Hidden password-stealing malware lurking in your GPU card? Intel Security thinks not

Fears that malware is hiding in people's graphics chipsets may be overclocked, according to Intel Security. Earlier this year, researchers from the self-styled “Team JellyFish” released a proof-of-concept software nasty capable of exploiting GPUs to swipe passwords and other information typed in by a PC's user. The same …
John Leyden, 01 Sep 2015

Possible Lizard Squad members claim hack of Oz travel insurer

Nearly 900,000 client records including names, addresses, and phone numbers have been stolen from travel insurer Aussie Travel Cover by a suspected member of the Lizard Squad hacking crew. The hacker released databases including those detailing customer policies and travel dates along with a list of partial credit card …
Darren Pauli, 20 Jan 2015
Disney's Beagle Boys

ID-stealing scammers had a bumper start to the year, reveals report

Incidences of identity fraud in the UK rose by more than 25 per cent in the first quarter of 2015, a new report has revealed. In total, 34,151 confirmed instances of identity fraud were recorded in the first quarter of 2015, a 27 per cent increase from Q1 2014. Identity fraud is when criminals abuse personal data to impersonate …
John Leyden, 27 May 2015
Silhouette of spy discerning password from code uses a command on graphic user interface

Australian Cyber Security Centre uses discredited data to quantify infosec threats

The cost of “cyber attacks” in Australia appears to be stabilising and the country has never been subject to an attack at the national scale, but the government's Cyber ForceTM (not its real name) is still pitching the growth of the threat. Along the way, an old and somewhat exaggerated estimate of the cost of cyber incidents …
The Register breaking news

Plug pulled Latvian cybercrime hub

Upstream providers have pulled the plug on Latvian ISP Real Host over allegations it maintained cybercrime servers linked to the Zeus botnet. Real Host was disconnected by its upstream provider, Junik, on Monday, after TeliaSonera told Junik to either cut the juice or face sanctions itself, according to reports by the FT and …
John Leyden, 05 Aug 2009
The Register breaking news

Senate bill seeks crack down on cybercrime havens

Foreign countries that turn a blind eye to cybercrime would lose US financial assistance and resources under a bill introduced Tuesday in the Senate. The International Cybercrime Reporting and Cooperation Act would require the President to identify "countries of cyber concern" and to plot a course to help each one get tougher …
Dan Goodin, 23 Mar 2010