Articles about Cybercrime

Possible Lizard Squad members claim hack of Oz travel insurer

Nearly 900,000 client records including names, addresses, and phone numbers have been stolen from travel insurer Aussie Travel Cover by a suspected member of the Lizard Squad hacking crew. The hacker released databases including those detailing customer policies and travel dates along with a list of partial credit card …
Darren Pauli, 20 Jan 2015
The Register breaking news

Cybercrime talks end in failure

Plans to ratify an updated version of a global treaty against cybercrime have failed. Negotiations on modifying the Budapest Convention on Cybercrime to take into account third world objections and the move to cloud computing floundered after delegates attending an international conference in Brazil last week failed to reach an …
John Leyden, 22 Apr 2010
michael_oleary_ryanair_650

Ryanair stung after $5m Shanghai'd from online fuel account

Budget airline Ryanair has fallen victim to a $5m hacking scam. Crooks siphoned off money from an account earmarked for the payment of fuel bills via an electronic transfer to a bank in China last week. The transfer was subsequently blocked, but the funds – earmarked to pay for aviation fuel for Ryanair's 400-plus Boeing 737-800 …
John Leyden, 30 Apr 2015
The Register breaking news

German cybercrime forum hacked

An underground cybercrime forum has been hacked, with once walled-off information uploaded onto file-sharing networks. The attack on German e-crime site Carders.cc has led to the wider disclosure of stolen credit card details and passwords from victims along with data on the forum's criminal denizens. A database file containing …
John Leyden, 19 May 2010
The Register breaking news

Cybercrime figures 'as true as sexual-conquest scores'

Microsoft researchers have rubbished figures from cyber-crime surveys, deeming them subject to the types of distortions that have long bedevilled sex surveys. It's well enough established that men claim to have more female sexual partners in sex surveys than women claim male partners, a discrepancy that can't be explained by …
John Leyden, 09 Jun 2011
The Register breaking news

Bank insiders charged in ZeuS cybercrime smackdown

Six corrupt bank insiders turned ZeuS money mule suspects have been arrested in Moldova. All half dozen of the suspects worked in local banks in the east European country. Investigators reckon the suspects specialised in laundering Western Union and MoneyGram payments received from co-conspirators in the West that can ultimately …
John Leyden, 08 Nov 2010
The Queen Mother by Phil Houghton

Sony-blasting Lizard Squad suspects quizzed by UK and Finnish cops

UK police have arrested a suspected member of the infamous Lizard Squad crew. The 22-year-old from Twickenham, south-west London, was arrested by police on Tuesday, and questioned about alleged fraud against PayPal as well as claims he is reportedly linked to Lizard Squad – a group of cyber-miscreants who made headlines …
John Leyden, 02 Jan 2015
grand_theft_auto_v_gta_5_648

Screech! Grand Theft Auto V malware mods warning

Cybercrooks are cooking up malware disguised as mods for the Grand Theft Auto V video game. GTA V allows players to modify their gaming environment with "mods" (modifications). It's all been good fun, but recently two of the mods – "Angry Planes" and "No Clip" – have generated warnings on forums frequented by fans of the game. …
John Leyden, 18 May 2015
The Register breaking news

Alleged Muscovite cybercrime daddy hauled in to face US court

A suspected Russian cyber-crook has arrived in the US to face charges of security fraud, computer hacking and ID theft following his deportation from Switzerland. Vladimir Zdorovenin, 54, of Moscow, Russia, is alleged to have masterminded a series of credit card theft and stock manipulation scams in conjunction with his son, …
John Leyden, 18 Jan 2012
Files

UK banks hook themselves up to real-time cop data feed

UK banks will receive real-time warnings about threats to their customers' accounts as well as the overall integrity of their banking systems from a new financial crime alert system. Financial Crime Alerts Service (FCAS), which is being rolled out by banking industry association BBA, is designed to allow financial crime …
John Leyden, 23 Sep 2014
Shaun of the dead zombies cricket bat movie still. Copyright Universal Pictures

Finnish bank takes cricket bat to wave after wave of DDoS varmints

Finnish bank OP is continuing to fight off a cascading series of distributed denial of service (DDoS) attacks that began on New Year's Eve. OP was forced to restrict access to its services from outside the Nordic country as a result of the attack. The motive for the attack, much less the perpetrators' identity, remain unclear. …
John Leyden, 05 Jan 2015
Abbott and Costello dressed as policemen

NYPD cop in court for allegedly hacking into the FBI

A New York City Police Department auxiliary deputy inspector faces charges of hacking into a restricted NYPD computer and other law enforcement databases, including a system maintained by the FBI. Yehuda Katz, 45, of Brooklyn, New York, allegedly used the databases to obtain information about local traffic accident victims …
John Leyden, 20 Mar 2015
Meme of a dog "typing" at a computer, with the large font phrase "I have no idea what I'm doing' above him.

It's official: David Brents are the weakest link in phishing attacks

Middle management are increasingly becoming the focus of phishing attacks, according to a new study. Managers received more malicious emails and doubled their click rates year-on-year, according to a study by security company ProofPoint. Senior staff seemed more clued up about dodgy emails, meaning managers and staff clicked on …
John Leyden, 22 Apr 2015

Home routers co-opted into self-sustaining DDoS botnet

Hackers have established "self-sustaining" botnets of poorly secured routers, according to DDoS mitigation firm Incapsula. The hijacked routers – located mostly in Thailand and Brazil – were easy pickings for hackers because of the use of factory-default usernames and passwords. Knowledge of these login credentials allowed …
John Leyden, 13 May 2015
Man in an orange jumpsuit clutches prison bars. Image by Shutterstock

Cuffing darknet-dwelling cyberscum is tricky. We'll 'disrupt' crims instead, warns top cop

Europe's top cyber-cop has called for a shift in focus from the prosecution of online crims to the disruption of their activities. This comes as crooks increasingly make use of the darknet – private peer-to-peer networks such as Tor – to stay hidden and anonymous; cops find it difficult to work out suspects' true identities and …
John Leyden, 29 Apr 2014
The Register breaking news

UK.gov revamps cybercrime strategy

The government has announced a modest revamp of its strategy for fighting cybercrime. In a low-key statement to the House of Commons on Tuesday, junior Home Office minister Alan Campbell said the strategy aimed to build confidence in the provision of (government and private sector) services via the internet, tackle financial …
John Leyden, 31 Mar 2010
Cartoon of  green skeletal figure reaching out of phone

Fraudsters target Nazi Android malware at Russian bank customers

Alleged members of a gang of "cyber-fascist" Android malware-slingers have been arrested in Russia. The alleged perps behind the scam targeted customers of Russian bank Sberbank with software they called "Fifth Reich", which used Nazi symbols in the management system. Fraudsters targeted malware attacks at Android-operated …
John Leyden, 13 Apr 2015
Headshot of Trojan horse

Vawtrak challenges almighty ZeuS as king of the botnets

Crooks behind Vawtrak, a dangerous banking Trojan, are ramping up its reach and sophistication, security firms have warned. Vawtrak currently ranks as the single most dangerous threat, according to PhishLabs. Only Zeus and its many variants (GameOver, KINS, ZeusVM, Zberp, etc.) taken as a single malware "family" would outrank …
John Leyden, 27 Dec 2014

Carders punch holes through Staples

US office giant Staples is investigating a possible credit and debit card breach of its Northeastern stores. Evidence for the hack, reported by cybercrime and prolific breach blower Brian Krebs, is apparently based on a dozen fraud monitor sources within different US banks. Staples has contacted police and said it was …
Darren Pauli, 21 Oct 2014
Sad Anonymous

Anonymous loose cannon admits DDoSing social services and housing websites

A middle-aged Briton has admitted running a series of debilitating denial of service attacks against social services, social housing and crime prevention websites. Ian Sullivan, 51, of Bootle, Merseyside, also admitted responsibility for a series of Distributed Denial of Service (DDoS) attacks against private sector firms, …
John Leyden, 10 Feb 2015

Two in five Brits cough up for CryptoLocker ransomware's demands

Around two in five people who fall victim to CryptoLocker have agreed to pay a ransom of around £300 to recover their files, according to a survey of victims. Researchers from the University of Kent quizzed a total of 48 people who had been affected by CryptoLocker. Of the sample, 17 said they paid the ransom and 31 said they …
John Leyden, 28 Feb 2014
Internet of Things

The Internet of Stuff is a gigantic ultra-perv robbery network – study

IoT devices facilitate robbery, stalking and cybercrime. That's the downbeat conclusion of a new study by app security firm Veracode into the insecurity of connected devices. Veracode reached its conclusion after looking into a variety of IoT kit, finding they are often designed without data security or privacy in mind. The …
John Leyden, 08 Apr 2015
JPMorgan

JP Morgan bank bod accused of flogging customer account info

The FBI has charged a former JP Morgan employee with selling customer information to thieves who wanted to empty accounts without triggering any alarms. Unsealed court records [PDF] recount that Peter Persaud, who worked at JP Morgan's Brooklyn branch, contacted an undercover FBI informant, and allegedly offered to sell him the …
Iain Thomson, 29 Apr 2015
The Register breaking news

Senate bill seeks crack down on cybercrime havens

Foreign countries that turn a blind eye to cybercrime would lose US financial assistance and resources under a bill introduced Tuesday in the Senate. The International Cybercrime Reporting and Cooperation Act would require the President to identify "countries of cyber concern" and to plot a course to help each one get tougher …
Dan Goodin, 23 Mar 2010
Manneken pis wears football kit. Source: James Cridland, Flickr

Tesla Twitter account and website hijacked, Elon Musk pwned

The website and Twitter account of carmaker Tesla were hacked over the weekend, as part of what looks like a prank between rival hackers. Elon Musk’s personal Twitter account was also hijacked on Saturday night (US time) by miscreants who at one point claimed to be from the infamous Lizard Squad hacking crew. The name …
John Leyden, 27 Apr 2015
The Register breaking news

Plug pulled Latvian cybercrime hub

Upstream providers have pulled the plug on Latvian ISP Real Host over allegations it maintained cybercrime servers linked to the Zeus botnet. Real Host was disconnected by its upstream provider, Junik, on Monday, after TeliaSonera told Junik to either cut the juice or face sanctions itself, according to reports by the FT and …
John Leyden, 05 Aug 2009

It's 2015 and ATMs don't know when a daughterboard is breaking them

Carders have jackpotted an ATM by inserting a circuit board into the USB ports of an ATM, tricking it into spitting out cash. The technique was thought to have emulated the cash dispenser of the ATM so the brains of the machine thought everything was normal, buying additional time for the brazen crooks to make off with the cash …
Darren Pauli, 07 Jan 2015
The Register breaking news

Cybercrime police's budget slashed by 30%

Exclusive The national police unit responsible for fighting cybercrime faces a deep cut to its already stretched budget, counter to pre-election talk of an increased focus on the UK's digital security. According to senior Westminster sources, the coalition government has quietly and drastically trimmed the £3.5m that the Police Central …

Cybercrim told to cough up £1m or spend years in chokey

A cybercriminal from Thamesmead has been given six months to turn up £1m, or he'll be spending another four years behind bars. Rilwan Adesegun Oshodi – a 31-year-old Nigerian national, formerly of Greenhaven Drive, Thamesmead, SE28 – is currently enjoying Her Majesty's hospitality for conspiracy to defraud and conspiracy to …
apple mac malware vxer

Three WireLurker suspects arrested in China – reports

Three people suspected of involvement in the WireLurker malware campaign have been arrested in China, according to reports. The suspects – whom the Beijing Public Security "internet" unit named only as Chen, Lee and Wang – were apparently arrested in the Beijing area following an investigation assisted by local security firm …
John Leyden, 17 Nov 2014
homeless man with sign

Met chief fears Brit cybercrime gangs

Britain's most senior police officer has raised fears that home-grown organised gangs are waking up to the low risks and high rewards of cybercrime. Sir Paul Stephenson, Commissioner of the Metropolitan Police, issued the warning in a Sunday newspaper article highlighting the importance of specialist officers. Debate around …
The Register breaking news

Police confirm cybercrime budget cut

The Metropolitan Police have confirmed their budget for battling cybercrime nationally has been slashed by the Home Office. The Register revealed on Friday that central government funding for the Police Central eCrime Unit (PCeU) had been quietly cut by 30 per cent. A spokeswoman for the Met said the PCeU had been targeted as …
The Register breaking news

EU mulls new central cybercrime agency

The European Commission will investigate the establishment of a new EU agency to tackle cybercrime. The new agency could be part of Europol, EU ministers have said. The Council of Ministers has asked the Commission to look at its agreed set of cybercrime objectives and investigate whether a new, centralised agency is a better …
OUT-LAW.COM, 29 Apr 2010
Kronos

'Father of Zeus' banking trojan appears at very reasonable price

A banking trojan dubbed the father of the infamous Zeus malware is being flogged on cybercrime marketplaces for a pricey $7000, says fraud specialist Etay Maor. The Kronos malware was sold on a cybercrime forum, pitched particularly to Zeus trojan customers given its capabilities to re-use that trojan's form grabbing templates …
Darren Pauli, 15 Jul 2014
Blackmail image

Cyber scum pump ransomware at victims from spambot-stuffed websites

Miscreants have brewed up a strain of ransomware which functions like the recently dead CryptoLocker - and this one communicates using the Tor browsing anonymization network. Critroni appears geared towards exploiting a gap in the market created by a takedown operation against the CryptoLocker and Gameover ZeuS botnets back in …
John Leyden, 22 Jul 2014
blackmail

Hackers seize Detroit's database, demand $800k. Motor City shrugs: OK, take it

Hackers seized a database from the City of Detroit earlier this year before unsuccessfully demanding $800,000 in Bitcoin. The failed extortion attempt back in April was disclosed by Detroit mayor Mike Duggan at the North American International Cyber Summit conference on Monday. The stolen database wasn’t needed by the cash- …
John Leyden, 20 Nov 2014

Elderly zombie Asprox botnet STILL mauling biz bods, says survey

The Asprox botnet was responsible for about 80 per cent of all attack sessions recorded during October 2014, impacting nearly 2,000 different organisations. These figures, from a new report by Palo Alto Networks, provide evidence that the Asprox (AKA Kuluoz) malware family is continuing to plague businesses, despite multiple …
John Leyden, 11 Dec 2014
Wifi grumpy cat

Japan's death threat hacker collared ... BY A CAT

A Japanese hacker who hijacked computers using malware before issuing death threats through the compromised machines has been jailed for eight years. Yusuke Katayama, 32, threatened to blow up planes and attack a kindergarten attended by the grandchildren of Japan's Emperor Akihito before he was finally nabbed in February 2013 …
John Leyden, 05 Feb 2015

Russian botnet suspects cuffed over romantic MMS spyware allegs

Russian cops have arrested two mobile botnet cybercrime suspects as part of an ongoing investigation that's reckoned to be the first of its kind in Russia. The unnamed duo, aged 25 and 24 and both resident in Arkhangelsk (a city in the north of European Russia) were arrested as part of an investigation into attempts to defraud …
John Leyden, 19 Sep 2014

Hilton member accounts info, trip dates open to plunder

A pair of security researchers have found a basic flaw that allows anyone to steal email and home address information, trip data, and spend points of Hilton Worldwide "HHonors" loyalty club members. The cross-site request forgery is tied to a password reset initiative the company launched offering 1000 points to those who took …
Darren Pauli, 24 Mar 2015
chalk outline of  human body at crime scene

Botnet masters using Tor to hide control tools for ZOMBIE SLAVES

The Tor anonymisation network is being used to hide 900 botnet and cybercrime-related hidden services, according to Kaspersky Lab. Kaspersky security researchers report that the Tor network is playing host to the ChewBacca point-of-sale keylogger and the ZeuS banking malware control infrastructure, as well as the first Tor …
John Leyden, 06 Mar 2014
Ransom note saying "Pay Up" in blackmail type

Cyber-crypto-criminal-cock-up. Little money and (probably) embarrassed

A newly released crypto-ransomware strain has been broken, thus allowing victims — in over two out of three cases — to get back their data without paying. The Scraper ransomware has a flaw, meaning that in about 70 per cent of cases files can be decrypted, according to Kaspersky Labs, with the Russian security firm publishing a …
John Leyden, 10 Apr 2015

Flash zero day under attack

A zero day Flash vulnerability is being actively exploited by criminals using the popular Angler exploit kit. Adobe is investigating the report by respected French malware researcher Kafeine, who found the exploit kit circulating on cybercrime forums. The vulnerabilities affected Flash Player versions up to 15.0.0.223 and the …
Darren Pauli, 22 Jan 2015
Hacker baseball cap

Hackers use DRAFT emails as dead-drops for running malware

Sneaky hackers are using Gmail and Yahoo! drafts to control compromised devices, with the tactic designed to make detection of malware-related communications more difficult to pick up in enterprise environments. Attacks occur in two phases. Hackers first infect a targeted machine via simple malware that installs Python onto the …
John Leyden, 06 Nov 2014
Spying image

Securobods claim Middle East govts' fingerprints all over malware flung at journos

Researchers at Toronto-based Citizen Lab have shot down denials by Syria, Bahrain and the United Arab Emirates regarding attacks against activists, journalists and dissidents, labelling some of the assaults as incompetent. The team gathered tens of thousands of documents and files detailing the malware and social engineering …
Darren Pauli, 31 Jul 2014
PCS with a red X in front of them

ATTACK of the Windows ZOMBIES on point-of-sale terminals

Security watchers have spotted a fresh Windows-based botnet that attempts to hack into point-of-sale systems. Cyber threat intelligence firm IntelCrawler reports that the “@-Brt” project surfaced in May through underground cybercrime forums. The malware can be used to brute-force point-of-sale systems and associated networks, …
John Leyden, 09 Jul 2014

Most convincing PHISHING pages hoodwink nearly half of you – Google

Nearly half (45 per cent) of those who visit the most convincing phishing pages are tricked into handing over personal information, according to Google. This effectiveness drops to just three per cent in the case of the most obviously scummy phishing sites, while the online giant reports that the account hijackers work quickly, …
John Leyden, 11 Nov 2014

Citadel Trojan snooped on password managers to snatch victims' logins

Crooks have unsheathed a variant of the Citadel Trojan that targets password managers. The malware is designed to steal a victim's master passphrase, thus unlocking his or her database of website passwords in the process. The software nasty runs a key-logger to intercept what people type into the Password Safe and KeePass open- …
John Leyden, 21 Nov 2014

Google dodges 'costly' legal precedent, settles Daniel Hegglin case

Google has avoided a costly legal precedent by settling out of court in an online abuse case due to be heard in the High Court today, legal experts have said. Daniel Hegglin was seeking an injunction to force Google to block all traces in its search results of online abuse against him, following a defamatory anonymous campaign …
Kat Hall, 24 Nov 2014

Miscreants leak banking baddie's secret source

Miscreants have released the source code for the Tinba banking Trojan in a move that may spawn the development of copycats. The secret source behind early versions of the small (some versions weigh in at just 20KB) but pernicious banking Trojan was released through an underground forum last week, reports Danish security …
John Leyden, 11 Jul 2014