Articles about Cybercrime

China will see you on the dark side of the moon

Behold: Huawei evokes always-wise God Cloud – with Terminator users

Huawei Connect Tech metaphors are getting ever more explicitly spiritual. Take Huawei, for example. Today Huawei waxed ontological as one of its time-sharing CEOs described a “digital brain… always wise, never aging ... evolving in real-time.” That sounds like a God-cloud. But will it, we mused, be a harsh God-cloud or a forgiving God-cloud …
Andrew Orlowski, 31 Aug 2016
Africa Studio http://www.shutterstock.com/gallery-137002p1.html

Intel douses Wildfire ransomware as-a-service Euro menace

An alliance of cops and anti-malware experts have doused the Wildfire ransomware that plagued users in Belgium and the Netherlands. Wildfire is carried in spam messages and demands up to 1.5 Bitcoins of ransom for files to be decrypted. Security researchers have uploaded 1,600 decryption keys with more to come to the No More …
Darren Pauli, 24 Aug 2016
Ben Mezrich, Once Upon a Time in Russia: The Rise of the Oligarchs and the Greatest Wealth in History

Profit-hungry Ghouls raid corporate networks worldwide

A new wave of targeted attacks against corporations in multiple countries around the world has been launched. The so-called "Operation Ghoul" attacks use the tactics of cyberspies but are more likely to be the work of profit-motivated cybercrooks, according to Kaspersky Lab. Using spear-phishing emails and malware based on …
John Leyden, 17 Aug 2016
Shark surfaces above water with prey in his teeth, Photo by Shutterstock

Shark bosses sink teeth into booming ransomware market

Cybercrooks are harnessing the “ransomware-as-a-Service” (RaaS) business model to mount a new scam. Coders distributing a ransomware builder to aspiring attackers that can be used on condition that a 20 per cent cut of any ransom payments it generates is returned to the original coders. The “Shark” ransomware is being …
John Leyden, 17 Aug 2016
man in suit clutches briefcase full of cash. Photo by Shutterstock

Hey crims: Stumped on where to invest? Try this global franchise. No experience needed!

Cerber, the world's biggest ransomware-as-a-service scheme, has evolved to become a multi-national franchise. In July 2016 alone, Cerber had over 160 active campaigns, targeting 150,000 users in 201 countries, according to security researchers at Check Point. The overall profit made by Cerber in July was $195,000. The malware …
John Leyden, 16 Aug 2016

Asia’s top cloud security conference lands in London

PROMO Working in cyber-security? Come and join the experts at CLOUDSEC 2016 in London on September 6 and explore the key security issues du jour. CLOUDSEC is one of the largest internet security conferences held across Asia Pacific and Europe. These events are vendor-neutral and features presentations by industry experts who will …
David Gordon, 16 Aug 2016
Image by Arak Rattanawijittakorn http://www.shutterstock.com/gallery-2364116p1.html

Demise of Angler, the world's worst exploit kit, still shrouded in mystery

The Angler exploit kit has all-but vanished and whoever knows why isn't talking. Angler was the most powerful and sought-after exploit kit on the market boasting rapid integration of new vulnerabilities that made it able to employ zero day attacks on Flash, Java, and Silverlight. It also employed a battery of complex …
Darren Pauli, 16 Aug 2016
Australian money at a crime scene

Brisbane council loses $500k to scammers

The local council of the Australian city of Brisbane has been fleeced of A$450,000 (£248,000, US$334,000) from email-whaling scammers who tricked staff into wiring money into their bank accounts. The scammers phoned and emailed the council posing as one of its suppliers. Lord mayor Graham Quirk has commissioned Deloitte to …
Darren Pauli, 16 Aug 2016

Cops to let the private sector chase after cybercrims' assets

The City of London Police is piloting a scheme to allow the private sector to chase after miscreants in civil courts in return for a share of the loot. The scheme, which is set to run for two years, has been launched explicitly because of the lower standard of proof necessary for the recovery of assets in civil courts. City …

IT snafu takes down Action Fraud's web crime reporting form

An unspecified IT problem has taken down the online reporting tool for cybercrime victims in the UK. Action Fraud is the public-facing body which supports victims of online crime in the UK. It is not an investigative body and refers fraud crimes to the National Fraud Intelligence Bureau, which is run by the City of London …
Trainspotting

US extradition of Silk Road suspect OK'd by Irish judge

An Irish court has authorized the extradition to the US of a man accused of helping to administer the infamous Silk Road website. Gary Davis, 27, of Kilpedder, Co Wicklow, has moved one step closer to a US trial on charges of conspiracy to distribute narcotics, computer hacking and conspiracy to commit money laundering. Mr …
John Leyden, 12 Aug 2016

DIY bank account raiding trojan kit touted in dark web dive bars

Cybercrooks are touting a new DIY financial crime kit that lets you roll your own ZeuS-like software nasty. The Scylex malware kit can be used to build malicious code that, once running on a victim's Windows PC, snoops on online banking passwords, intercepts web traffic and opens a backdoor granting full control over the …
John Leyden, 12 Aug 2016

Hitler ‘ransomware’ offers to sell you back access to your files – but just deletes them

Cybercrooks have put together Hitler-themed ransomware that simply deletes files on encrypted PCs. The (apparently prototype) Windows malware displays a lock screen1 featuring the infamous Austrian dictator, together with a demand falsely stating that files have been encrypted. The ransomware says files can supposedly be …
John Leyden, 10 Aug 2016
Fish hook in a clear light blue tropical ocean. Photo by Shutterstock

Phisherfolk phlock to Rio for the Olympics

Criminals are ramping up their online presence in Rio de Janeiro, where the Olympic Games will open on Friday, August 5 – with IBM and Fortinet reporting new banking trojans and cyber crime activity in Brazil. Big Blue has reported a variant of the Zeus trojan has emerged on crime forums targeting local banks and exploiting …
Darren Pauli, 05 Aug 2016
A child selling newspapers

Bloke faces years in the clink for using hacker-leaked press releases in $30m trading scam

A US stock trader has admitted he profited from insider trading – by buying and selling shares using tip-offs from Ukrainian newswire hackers. Leonid Momotok, 48, of Suwanee, Georgia, pleaded guilty in a Brooklyn court on Monday to charges of conspiracy to commit wire fraud. He could get up to 20 years behind bars in addition …
Shaun Nichols, 03 Aug 2016

Going! going! pwned? 200! million! Yahoo! logins! leaked! allegedly!

Updated What's claimed to be the login credentials for 200 million Yahoo! accounts is now on sale through a dark web cybercrime shack. The purported user database dump is being touted by someone called Peace – as in peace_of_mind, the same miscreant who previously sold LinkedIn and Yahoo-owned Tumblr logins – at an asking price of 3 …
John Leyden, 02 Aug 2016

Nigerian cops cuff cybercrime suspect, reveal you don't need 419 to make $60m

Police in Nigeria have arrested the suspected mastermind of a web of cybercrime scams thought to have cost victims worldwide more than $60m. The 40-year-old Nigerian national, known so far only as "Mike", was arrested in a joint operation by INTERPOL and the Nigerian Economic and Financial Crime Commission. The main two types …
John Leyden, 01 Aug 2016

SentinelOne's $1m ransomware guarantee dismissed as PR stunt

A “ransomware guarantee” from security outfit SentinelOne has been dismissed by critics as a marketing stunt. Ransomware is currently the biggest scourge of internet security, affecting corporates and consumers alike. So self-styled next generation endpoint security firm SentinelOne unsurprisingly created waves with a pledge …
John Leyden, 29 Jul 2016
Woman in balaclava with shopping bags. Photo by Shutterstock

Oh deer.io: Cyber criminals* using one-stop DIY web biz shops

Updated Cybercrime miscreants seem to be flocking to a one-stop online web business shop. The use of sites like Deer.io prove the barriers to entry for cybercrime are continually being lowered, according to threat intel firm Digital Shadows. Darkside.global, a URL associated with cybercriminal Tessa88 who has distributed leaked …
John Leyden, 27 Jul 2016

Saved from ransomware thugs... by rival ransomware thug

Private keys of the Chimera ransomware have been leaked by a rival cybercriminal. Rather than "white hat" activity, the good deed appears to have be done by a criminal going by the handle of Janus - known for being the author of Petya - who tweeted their competitor's (Chimera) keys in an apparent bid to stifle ransomware …
John Leyden, 27 Jul 2016
Liam Neeson Taken

Euro cops, Intel and Kaspersky slay Shade ransomware

A joint operation by Europol, the Dutch National High Tech Crime Unit, Intel, and Kaspersky has seized the command and control servers for the Shade ransomware strain and published code that allows anyone hit by the malware to decrypt their files. Shade has been in circulation since 2014, and has predominantly targeted …
Iain Thomson, 25 Jul 2016
phishing_648

Is digital fraud big in UK? British abacus-botherers finally have some answers

Reports of fraud have doubled, according to official statistics – because the Office for National Statistics (ONS) is now including cyber crimes in its figures. The UK's ONS reckons, in crime statistics released last week, that more than two million computer misuse offences and 3.8 million online fraud offences took place in …
John Leyden, 25 Jul 2016

Ransomware gang: How can I extort you today?

Three out of four ransomware criminal gangs are willing to negotiate the shakedown price. And all the operators of file encrypting ransomware scams will give victims more time to pay up. So say security researchers at F-Secure, who investigated the "customer experience" of five active crypto-ransomware variants, beginning with …
John Leyden, 21 Jul 2016
Image by KYTan http://www.shutterstock.com/gallery-1088876p1.html

Asian nations mull regional 'Europol' in fight against cybercrime

RSA APAC A closed-door meeting of cabinet ministers from more than a dozen countries met yesterday to mull the creation of a Europol-style organisation to crack down on cyber crime in the region and abroad, The Register has learned. The Asian organisation is conceptual only, but has support from countries including China, Malaysia, …
Darren Pauli, 21 Jul 2016
virus_1_648

Your antivirus doesn't like Ammyy. And fraudsters will use that to RAT you out (again)

Crooks have once again targeted users downloading Ammyy's remote access software as a conduit for spreading malware. The tactic – which has been witnessed before, specifically in the infamous Lurk banking trojan – has been in play since early February, 2016. Ammyy Admin is a legitimate software package (used by top …
John Leyden, 19 Jul 2016

Hackers steal millions from ATMs using 'just their smartphones'

Authorities in Taiwan are trying to work out how hackers managed to trick a network of bank ATMs into spitting out millions. Police suspect that two Russian nationals wearing masks cashed out dozens of ATMs operated by Taiwan's First Bank on Sunday and left the country the following day. The crooks stole an estimated T$70m ($2 …
John Leyden, 15 Jul 2016
Pokemon Go game

Silently clicking on porn ads you can't even see – this could be you...

Security firms have repeated warnings that unofficial versions of Pokemon Go are likely tainted with spyware or trojans. RiskIQ has found more than 215 unofficial versions of the app in more than 21 app stores. Separately security researchers at security software firm ESET warn that the first ever fake lockscreen app on the …
John Leyden, 15 Jul 2016
Bank vault

BAE Systems partners with SWIFT to bolster hacker intel

BAE Systems has been recruited to help SWIFT's newly formed Customer Service Intelligence team in a bid to get ahead of cyber-criminals targeting banks connected to the global financial messaging service. The announcement follows the analysis and identification of malware that BAE Systems’ threat intelligence team was able to …
John Leyden, 15 Jul 2016
Ben Mezrich, Once Upon a Time in Russia: The Rise of the Oligarchs and the Greatest Wealth in History

Russian gang who exploited hacked bank accounts jailed

Five members of an international money-laundering gang based in London have been jailed after cops unravelled their malware-enabled conspiracy. The gang, composed exclusively of Russian nationals, was led by a pair of men who were both named Aslan. Aslan Abazov, 30, of Cromwell Road, London SW7,was sentenced to seven years …

Kids’ shoes seller Start-rite suspends sales following breach

Children’s shoes retailer Start-rite Shoes has suspended sales following the discovery of an attack by hackers last weekend. UK-based Start-rite reckons hackers may have obtained customer names, postal address, telephone number and email address of its clients. Payment details are not stored on the site and therefore should …
John Leyden, 13 Jul 2016

Exploit kit miscreants rush to plug gap in cyber-crime marketplace

Cybercrooks behind the Sundown Exploit Kit are rapidly updating the hacking tool in a bid to exploit a gap in the market created by the demise of the Angler and Nuclear exploit kits. While RIG and Neutrino have been the primary protagonists in the void left by Angler and Nuclear, Sundown is also vying for an increased share in …
John Leyden, 13 Jul 2016
Image by gyn9037 http://www.shutterstock.com/gallery-691846p1.html

Nukeware: New malware deletes files and zaps system settings

Lazy but sneaky cybercrooks are slinging a new ransomware variant that falsely claims to have encrypted files when in reality it has deleted them. Ranscam tricks victims by falsely claiming that files have been moved onto an hidden, encrypted partition. In reality the malware has deleted files and comprehensively messed with …
John Leyden, 12 Jul 2016

Lurk trojan takedown also took out Angler exploit kit

Security researchers have discovered a possible link between the demise of the Angler Kit and a crackdown against the Lurk banking trojan crew. In June, a group of individuals was arrested in Russia for using Lurk to target Russian banks. Cisco Talos researchers noticed that within a week of the arrests, Angler had disappeared …
John Leyden, 11 Jul 2016

Malaysia-based credit card fraud ring broken, 105 arrested

A total of 105 credit card fraud suspects have been arrested in Asia and Europe following a complex months-long investigation across two continents. The investigation targeted a gang led from Malaysia whose tentacles spread into 14 European countries (including the UK and Germany) and specialised in using counterfeit credit …
John Leyden, 08 Jul 2016

Infosec bods NCC walk away from the domain services biz

UK-based infosec consultancy NCC Group is withdrawing from the domain services biz while retaining domain security capability. The tactical switch was announced as NCC reported revenues up 56 per cent to £209.1m in the 12 months to 31 May 2016, compared to £133.7m in its previous financial year. NCC’s adjusted pre-tax profits …
John Leyden, 07 Jul 2016
Illustration of a "bitcoin" dissolving into numbers. Photo by SHutterstock

Bitcoin child abuse image pervs will be hunted down by the IWF

Blockchain forensics are being harnessed in an effort to clamp down on the trade in images of child sex abuse on the dark web. The Internet Watch Foundation (IWF) is teaming up with Elliptic, a UK blockchain intelligence start-up, in a bid to track individuals who use Bitcoin to pay for images of child sex abuse. The IWF is …
John Leyden, 06 Jul 2016
Users with laptop, mobile, tablet have tea in a coffee house. Pic via shutterstock

Theft of twenty-somethings' IDs surges

Last year saw a surge in identity fraud against young UK adults, according to official figures published today. Cifas' data reveals identity fraud victims aged 30 and under rose 52 per cent in 2015. Just under 24,000 (23,959) people aged 30 and under were victims of identity fraud, according to figures from the UK’s leading …
John Leyden, 05 Jul 2016

Second celebgate hacker pleads guilty to phishing

A second US man has pleaded guilty to stealing intimate pictures of celebrities using a phishing scam. Edward Majerczyk, 28, who resides in Chicago and Orland Park, Illinois, was charged with hacking into the Apple iCloud and Gmail accounts of more than 300 people, including Hollywood celbrities. In a plea bargaining deal, …
John Leyden, 05 Jul 2016
Plymouth Hoe, Devon. Pic: Shutterstock

Plymouth 'animal rights' teen admits Florida SeaWorld cyber attack

A British teenager has admitted taking part in cyber-attacks against Florida's SeaWorld theme park and Devon and Cornwall Police. However, the 16 year-old from Plymouth, Devon – who can’t be named for legal reasons – denied sending threatening messages to airlines. During a hearing at Plymouth’s youth court the youngster …
John Leyden, 29 Jun 2016

SWIFT hackers nick $10m from Ukraine bank

Hackers stole $10m from a Ukrainian bank by – yup, you guessed it – invading its computers and using the inter-bank transfer system SWIFT to shift their loot. The theft from an unnamed Ukrainian bank follows news of cyber-heists at other banks worldwide, most notoriously the lifting of $81m from an account held in New York …
John Leyden, 28 Jun 2016

Eat my reports! Bart ransomware slips into PCs via .zip'd JavaScript

The cybercrooks behind ransomware Dridex and Locky have started distributing a new file-scrambling software nasty dubbed Bart. Bart has a payment screen just like Locky's, and encrypts documents without first connecting to a remote command-and-control server to receive its orders. Bart may therefore be able to encipher Windows …
John Leyden, 28 Jun 2016

Crooks abusing Facebook to offer credit card samples

Crooks are using social networks like Facebook to offer free samples of stolen credit cards. Facebook is “not proactive enough” in dealing with the threat, according to Daniel Cohen, head of anti-fraud service for RSA in Israel. A simple search of “cvv2” inside Facebook turns up several stolen credit card freebie sample …
John Leyden, 27 Jun 2016

No watershed: China hacker groups in decline before Xi-Obama deal

The US-China pledge to put an end to state-backed intellectual property theft was made when Middle Kingdom hacking groups had been receding for more than a year, researchers say. Presidents Barack Obama and Xi Jinping agreed September to not "conduct or knowingly support cyber-enabled theft of intellectual property" in a move …
Darren Pauli, 21 Jun 2016
Handcuffs

NSW cops seek cyber-crooks over bank fraud

NSW Police has published photographs of nine men and three women wanted for questioning over Internet banking fraud. The group recruits mules to open bank accounts, and link them to accounts the scamsters have taken control of. While the police haven't detailed the technique for getting control over victims' bank accounts, …
 Can't See You... by https://www.flickr.com/photos/12023825@N04/  cc 2.0 attribution sharealike generic https://creativecommons.org/licenses/by-sa/2.0/

Half of Brit small biz hit by cyber crime. 10% spend zilch on infosec

Almost half (48 per cent) of Britain's small businesses were hit by cyber-crime in the last year, with 10 per cent targeted many times. Despite this only one in five see cybersecurity as a business priority, and just 15 per cent are confident that they have adequate measures in place to prevent cybercrime, according to a …
John Leyden, 14 Jun 2016

Tell us, evil phisherfolk: What's wrong with Angler Exploit Kit?

Crooks behind exploit kits have switched from using the Angler to favouring Neutrino in recent attacks. “Angler EK has almost completely disappeared,” according to Malwarebytes, a net security firm that has made a name for itself in closely tracking malicious advertising (malvertising) attacks. “We see Neutrino EK take centre …
John Leyden, 13 Jun 2016
Ireland map, photo via Shutterstock

Over Ireland? Bothered by Brexit? Find that new home for your cloud

As we all know, the cloud isn't an amorphous, non-geographical blob of computing. Which is a good thing, because there are plenty of legal implications around where your data lives and where it moves both to and from. The point is, of course, that as the cloud isn't just a cloud, your choice of provider is largely dependent on …
Dave Cartwright, 13 Jun 2016
hacker

Did you know there's a mega cybercrime backlog in Ireland? Now you do

As part of its new five year plan, the Garda Síochána will up its efforts to tackle cyber crime after “a lack of investment in technology and resources has led to a widely reported back-log of cases”. “[T]o ensure Ireland can protect itself from cyber attack from rogue States and individual criminal elements an holistic all-of …

TeamViewer: So sorry we blamed you after your PC was hacked

Beleaguered remote support tool maker TeamViewer has apologized for blaming its customers for the recent spree of PC and Mac hijackings. While TeamViewer maintains there was "no hack" on its end, public relations head Axel Schmidt told El Reg that the software house was sorry it used the term "careless" to describe folks who …
Shaun Nichols, 06 Jun 2016

100 million credentials from 'Russia's Facebook' go on sale

Russian social networking site VK.com appears to have been breached with hackers selling some 100 million records for a mere US$580 in Bitcoins. The breach has been reported by LeakedSource which received portions of the breached database. At least 100 million accounts are said to have had names, user logins, and phone …
Team Register, 06 Jun 2016