Feeds

Articles about Cybercrime

Romanian 'ransomware victim' hangs self and 4-year-old son – report

Reports have claimed that a Romanian man who committed suicide recently had been the victim of so-called "police" ransomware which falsely informed him he needed to pay a fine for downloading porn or risk going to jail. Marcel Datcu, 36, from the village of Movila Miresii, hanged himself while holding his four-year-old son in …
John Leyden, 18 Mar 2014
The Register breaking news

Cybercrime police's budget slashed by 30%

The national police unit responsible for fighting cybercrime faces a deep cut to its already stretched budget, counter to pre-election talk of an increased focus on the UK's digital security. According to senior Westminster sources, the coalition government has quietly and drastically trimmed the £3.5m that the Police Central …
The Register breaking news

Police confirm cybercrime budget cut

The Metropolitan Police have confirmed their budget for battling cybercrime nationally has been slashed by the Home Office. The Register revealed on Friday that central government funding for the Police Central eCrime Unit (PCeU) had been quietly cut by 30 per cent. A spokeswoman for the Met said the PCeU had been targeted as …
bug on keyboard

Cyber hostage-takers SCAMMED six times as many people last year

Malware-powered frauds that lock up victims' computers - or worse yet, encrypt files and force them to pay a fee to unlock their information - increased by 500 per cent during 2013, according to a study by Symantec. Symantec's latest global Internet Security Threat Report also revealed that targeted attack campaigns for the …
John Leyden, 09 Apr 2014
The Register breaking news

EU mulls new central cybercrime agency

The European Commission will investigate the establishment of a new EU agency to tackle cybercrime. The new agency could be part of Europol, EU ministers have said. The Council of Ministers has asked the Commission to look at its agreed set of cybercrime objectives and investigate whether a new, centralised agency is a better …
OUT-LAW.COM, 29 Apr 2010

Watch a bank-raiding ZeuS bot command post get owned in 60 seconds

Web thieves may get more than they bargained for if tech pros follow the lead of one researcher – who demonstrated how to hack the systems remote-controlling the infamous ZeuS crime bot in 60 seconds. The dangerous Trojan ZeuS infects Windows PCs to, among other things, silently siphon cash from victims' online bank accounts. …
Darren Pauli, 06 May 2014
The Register breaking news

Plug pulled Latvian cybercrime hub

Upstream providers have pulled the plug on Latvian ISP Real Host over allegations it maintained cybercrime servers linked to the Zeus botnet. Real Host was disconnected by its upstream provider, Junik, on Monday, after TeliaSonera told Junik to either cut the juice or face sanctions itself, according to reports by the FT and …
John Leyden, 05 Aug 2009

Hidden 'Windigo' UNIX ZOMBIES are EVERYWHERE

Hackers using a Trojan seized control of over 25,000 Unix servers worldwide to create a potent spam and malware distribution platform. The attack, dubbed Operation Windigo1, was uncovered by security experts at anti-virus firm ESET, in collaboration with CERT-Bund, the Swedish National Infrastructure for Computing, as well as …
John Leyden, 18 Mar 2014
Vrublevsky's Facebook image

Spammer sprung to run Russian national payment system

Russia has reportedly hired a man to develop its national payments system, days after the alleged mastermind of one of the country's biggest pharmacy spam networks was granted early parole. The criminal allegations following Pavel Vrublevsky were prodigious but were largely denied or unconfirmed by the 35 year-old Moscow native …
Darren Pauli, 04 Jun 2014
android malware mobile iphone

New software nasty encrypts Android PHONE files and demands a ransom

Miscreants have brewed the first file-encrypting strain of ransomware that infects Android smartphones. The malware, dubbed Android/Simplocker by ESET, scans the SD card in a handset for certain types of file, encrypts them, and demands a ransom to decrypt the data. The ransom message is written in Russian, with payment …
John Leyden, 04 Jun 2014

Scam emails tell people they have cancer to trick them into installing a money-stealing Trojan

Sick fraudsters have put out a batch of malware-riddled hoax emails warning recipients that they may have cancer. The scam emails purport to come from the UK National Institute for Health and Care Excellence (Nice). The emails - which arrive with the header "important blood analysis result" - ask prospective victims to download …
John Leyden, 14 Mar 2014
Zombie cloud

Microsoft teams up with Feds, Europol in ZeroAccess botnet zombie hunt

Microsoft has teamed up with the FBI to launch a renewed attempt to disrupt the operations of the infamous ZeroAccess botnet. ZeroAccess is responsible for infecting over two million computers, specifically targeting search results as part of a click-fraud scam that Redmond estimates is costing online advertisers $2.7m a month. …
John Leyden, 06 Dec 2013
The Register breaking news

European conference sets agenda for cybercrime fight

The Council of Europe has called for a worldwide implementation of its Convention on Cybercrime to fight the growing problem of economic crime on the web. During the fifth annual CoE conference on cybrecrime in Strasburg this week, participants spoke in favour of greater international cooperation in sharing existing tools, …
John Leyden, 26 Mar 2010
balaclava_thief_burglar

Feds charge Vietnamese suspect with slurp'n'flog of half-a-million Americans' ID data

A Vietnamese man has been charged in connection with a long-running scam involving the theft and resale of what the DoJ rather hiply refers to as the "fullz”* (personal information) of hundreds of thousands of Americans. Hieu Minh Ngo, 24, a Vietnamese national, was hit with a total of 15 charges, including conspiracy to commit …
John Leyden, 22 Oct 2013
android malware mobile iphone

Gameover ZeuS botnet pulls dripping stake from heart, staggers back from the UNDEAD

The Gameover ZeuS malware is back from the dead just six weeks after a takedown operations that aimed to put a stake through the heart of the botnet, which is linked to the even more infamous CryptoLocker ransomware. International law enforcement acted against the crooks behind the Gameover ZeuS in early June. For the past month …
John Leyden, 14 Jul 2014
Eugene Kaspersky in Sydney

Eugene Kaspersky: Ukraine conflict hurts enterprise security

As governments around the world continue to wrangle for a peaceful solution to the political tensions in the Ukraine, cybercriminals could catch governments off guard with online attacks, warns Kaspersky Lab CEO Eugene Kaspersky. Speaking at a summit in San Francisco, the Kaspersky Lab cofounder and namesake expressed concern …
Shaun Nichols, 16 Apr 2014

Darknet: It's not just for DRUGS. Ninja Banking Trojan uses it too

Russian-speaking virus writers have brewed up a stealthy strain of banking Trojan that communicates over peer-to-peer networks using an encrypted darknet protocol that's arguably even stealthier than TOR: I2P. The i2Ninja malware offers a similar set of capabilities to other major financial malware such as ZeuS and SpyEye – …
John Leyden, 21 Nov 2013
PCS with a red X in front of them

Swiping your card at local greengrocers? Miscreants will swipe YOU in a minute

More than a thousand point-of-sale, grocery management and accounting systems worldwide have been compromised by a new strain of malware, results of a March 2014 probe have revealed. During a survey of compromised POS terminals, accounting systems and grocery management platforms, the Nemanja botnet was fingered as one of the …
John Leyden, 27 May 2014
The Register breaking news

Former White House advisor wants cybercrime haven crackdown

A former White House security advisor has urged a crackdown on rogue states that serve as a "safe haven" for cybercrime, along with a fundamental rethink of internet architectures. Richard Clarke, who served as special advisor to the President George W Bush on cybersecurity, told delegates to the RSA Conference in London that …
John Leyden, 14 Oct 2010
The Register breaking news

UK biz bled dry by cybercrime

The average UK business is losing £10,000 a year thanks to cyber espionage, extortion and other forms of online fraud. In total the UK economy is losing £27bn a year and British businesses soak up £21bn of this loss. Given there are 2.1 million UK firms registered for VAT this gives a loss per firm of £10,000. The numbers, …
John Oates, 17 Feb 2011
balaclava_thief_burglar

Cardslurping kingpin caged for 18 years over Carderplanet forum

A Ukrainian national who co-founded the infamous cybercrime marketplace CarderPlanet has been jailed for 18 years following a lengthy US legal process that ran for more than a decade. Roman Vega, 49, eventually pleaded guilty in 2009 to conspiracy to commit money laundering and access device fraud offences – but he was only …
John Leyden, 13 Dec 2013
Resident Evil zombie takeover

Pushdo Trojan outbreak: 11 THOUSAND systems infected in just 24 hours

A wave of attacks by cybercrooks pushing a new variant of the resilient Pushdo Trojan has compromised more than 11,000 systems in just 24 hours. Indian PCs have been most affected by the outbreak, but systems in the UK, France and the US have also been hit, according to security software firm Bitdefender. The Romanian firm …
John Leyden, 17 Jul 2014

Sync'n'steal: Hackers brew Android-targeting Windows malware

Internet Igors have stitched together the first strain of Windows malware that can hop over and infect Android smartphones and tablets. The Droidpak mobile banking trojan exploits syncing between smartphones and Windows PCs to jump from a compromised PC onto an Android device. The Windows Trojan downloads a malicious .APK file …
John Leyden, 27 Jan 2014
australian credit cards fraud contactless

Teensy card skimmers found in gullets of ATMs

A series of tiny and sometimes transparent card-skimming devices have been detected in ATMs across Europe, researchers say. Boffins with the European ATM Security Team (EAST) have plucked out and displayed some clever thumb-sized skimmers that hide from victims' view by fitting in cash terminals' gullets. The devices paraded in …
Darren Pauli, 09 Jul 2014

Feds cuff five more suspects in $45m bank mega-cyber-heist

US Federal authorities have arrested five people accused of aiding a massive electronic bank heist in New York earlier this year. The US District Attorney's office for Eastern New York said that the five were detained following the discovery of photographic evidence that allegedly links the men to a $45m cash-swindling operation …
Shaun Nichols, 19 Nov 2013
PayPal inStore app in action

Credit card of PayPal PRESIDENT cloned by UK crooks

PayPal president's credit card got hacked on a UK visit, the victim revealed on Twitter. David Marcus said that an unidentified criminal used a skimming device and his credit card was cloned before "tons" of fraudulent transaction were made. The senior executive of the eBay-owned payment processing firm made sure to score a …
John Leyden, 12 Feb 2014
The Register breaking news

Police charge 11 over Zeus cybercrime scam

UK police investigating a suspected Zeus Trojan e-banking fraud ring have charged 11 people with a variety of fraud and money laundering offences. The accused, all east European nationals resident in Essex, allegedly participated in a series of frauds targeting customers of UK banks over the last three months that resulted in …
John Leyden, 30 Sep 2010

Feds charge three in brain-ache $15m Pentagon payroll pillage plot

Three men have been indicted in the US for trying to steal at least $15m by hacking into the Department of Defence's payroll service and customer accounts at 14 different financial institutions. The US Attorney's office in New Jersey has charged two men from Kiev in Ukraine, Oleksiy Sharapka and Leonid Yanovitsky, and a third …
The Register breaking news

UN split on cybercrime conventions

A United Nations committee on international crime prevention is split on how to deal with cybercrime. Some countries want the existing European convention to be adopted worldwide, while others want a completely new agreement to be created. At the UN Congress on Crime Prevention and Criminal Justice in Brazil last week nations …
OUT-LAW.COM, 19 Apr 2010
android malware mobile iphone

Malware-as-a-service picks Android apart

Quite possibly the most expensive and capable Android malware the world has yet seen is for sale at $US5000 on underground markets, replete with software-as-a-service support. The iBanking malware has evolved from a simple SMS-stealer to a highly capable application that records audio within the range of a device's microphone, …
Darren Pauli, 22 May 2014
The Register breaking news

EU crackdown will see tougher sentences for stupid cyber-badhats

The European Parliament has agreed to toughen criminal penalties across the EU for cyber attacks, especially any that threaten national infrastructure or are deemed to be aimed at stealing sensitive data. The new directive forces the 28 member states to impose national maximum sentences of at least two years in prison for trying …
chalk outline of  human body at crime scene

Hi-tech Fagin couple used Apple scam cash to fly pickpockets to UK

A pair of phishing fraudsters each received long jail terms after they were convicted of making £15,000 through online scams before using the funds to finance the travel of other crooks into the UK. Constanta Agrigoroaie, 23, and Radu Savoae, 28, both of Mornington Avenue, Ilford, both pleaded guilty to conspiracy to commit …
John Leyden, 18 Jul 2014

Time-rich hacking crew scrawls web graffiti all over poor old .ME

Hackers have defaced more than 3,000 .me websites in a web graffiti attack carried out on Sunday. Pakistani defacement crew TeaM MaDLeeTs pulled off the attack after breaking into the systems of domain.ME, the organisation responsible for the registration of Montenegro (.me) domain names. Surfers visiting any one of 3,110 …
John Leyden, 16 Jan 2014

iDevice ransomware stalks OZ, demands payoff

Apple fans across Australia are finding their iPad and iPhones held for ransom by miscreants demanding $50 and more for unlock fee. The extortionate demands appeared in messages claiming the device had been "hacked by Oleg Pliss" – but it'd be highly unlikely that the cybercrooks behind the scam, which appears to be localised to …
John Leyden, 27 May 2014

Biz bods, politicos, beware: 'BOTS are on the loose, and they're coming for YOU

Businesses and governments in the US, UK, Canada, and India are under assault from a malware-based cybercrime campaign using the Tor anonymizing relay network to hide its authors, say infosec researchers. A strain of malware called Mevade, previously blamed for a massive Tor traffic spike is being used to compromise systems at …
John Leyden, 25 Oct 2013
Lecpetex

Facebook scuttles 250k-strong crypto-currency botnet

Facebook has taken down a Greek botnet that at its peak compromised 50,000 accounts and infected 250,000 computers to mine crypto-currencies, steal email and banking details and pump out spam. The scuttled Lecpetex botnet spread malware including the DarkComet remote access trojan by social engineering techniques and was adept …
Darren Pauli, 09 Jul 2014
The Register breaking news

Crimelords: Stolen credit cards... keep 'em. It's all about banking logins now

Stolen bank login information attracts an even higher price than credit card numbers on underground cybercrime bazaars, and EU logins are worth more than American ones, according to research by McAfee. The Intel-owned security division's Cybercrime Exposed paper highlights trends in the thriving digital underground, including …
John Leyden, 02 Jul 2013

Microsoft hardens EMET security tool: OK, it's not invulnerable, but it's free

Microsoft has beefed up its Enhanced Mitigation Experience Toolkit (EMET), adding features designed to block more exploits. The release of the technical review (beta) version of the tool, EMET 5.0, follows the discovery of new attacks against earlier versions of the technology. EMET 5.0 beta comes with a feature called Attack …
John Leyden, 26 Feb 2014
The Register breaking news

REVEALED: Cyberthug tool that BREAKS HSBC's anti-Trojan tech

Cybercrooks on an underground forum have developed a technique to bypass anti-Trojan technology from Trusteer used by financial institutions worldwide – including HSBC and Paypal – to protect depositors from cybersnoopers. Trusteer has downplayed the vulnerability and said it's in the process of rolling out beefed-up protection …
John Leyden, 06 Aug 2013

PC-infecting chat demon quotes THE BIBLE to summon malware plague

A new Trojan that distributes itself through Facebook instant messaging and Yahoo! Messenger has claimed hundreds of victims. Computer systems have been infected by the software nasty in the UK, Germany, France, Denmark, Romania, the US and Canada during the past week or so, according to Romanian antivirus firm Bitdefender. …
John Leyden, 27 May 2014

Despite your fancy-schmancy security tech, passwords still weakest link in IT defences

The use of stolen login credentials continues to be the most common way for network intruders to access sensitive information. Two out of three breaches were the result of weak or swiped passwords, making a case for strong two-factor authentication, according to Verizon’s latest annual Data Breach Investigations Report. The …
John Leyden, 22 Apr 2014
Resident Evil zombie takeover

ZOMBIE iPAD PERIL? Cyberbadness slinger touts tool for iOS

A Swiss Army knife-like piece of malware has been ported to Apple's iOS from Windows and Linux, a security research team has claimed. We're told Zorenium is a low-profile, cross-platform, remote-controllable bot with advanced features including the ability to empty victims' online bank accounts, contribute to distributed denial- …
John Leyden, 21 Mar 2014
The Register breaking news

Internet evildoers stitch together vile ransomware-survey scam chimaera

Internet Igors have fused genomes from two of the web's most noxious scam strains to create a repulsive chimaera. The new ransomware doing the rounds locks up victims' PCs before forcing their users to complete a survey in order to receive an unlock code. Traditional ransomware scams typically involving locking up systems …
John Leyden, 15 Jul 2013
Prison window

Prison Locker: A load of überhyped malware FUD over... internet chatter

An underground advert seeking help in developing a file-encrypting ransomware kit that might be sold for just $100 a go sparked something of a panic on the interwebs this week. But security watchers are yet to see any samples of the so-called Prison Locker ransomware, leading at least two security firms to characterise the …
John Leyden, 10 Jan 2014
Spam image

Boffins pen 'Guide to better spamming'

Ignoring the manual and keeping your 'bot nimble are some of the tips a quartet of security researchers have recommended to help spam reach inboxes more effectively. The recommendations were some of the findings in studies by a research group into the relationships between email harvesters, botmasters and spammers and the …
Darren Pauli, 02 May 2014
Resident Evil zombie takeover

Multi-platform Java bot marshals ZOMBIE FORCE against spammers

Miscreants have brewed a multi-platform strain of malware capable of infecting Windows, Mac OS and Linux PCs. The evil bot, which surfaced in early January, was written entirely in Java and designed to take advantage of the CVE-2013-2465 vulnerability (a Java flaw patched by Oracle last June) to infect victims. The malware - …
John Leyden, 30 Jan 2014
chalk outline of  human body at crime scene

Security bods mop blood, sigh: NEW CryptoLocker zombies? We don't see their kind

Infections from the infamous CryptoLocker ransomware have fallen off sharply since a takedown operation earlier this week, according to security researchers. An FBI-led takedown operation disrupted the internet infrastructure powering the Gameover ZeuS botnet and the even more infamous CryptoLocker ransomware. Gameover ZeuS is a …
John Leyden, 05 Jun 2014

Android nasty sends your texts to CHINA

Security researchers have discovered an Android botnet that masquerades as a benign settings app for carrying out administrative tasks on mobile devices. Once authorised by the user, the malicious app surreptitiously steals SMS messages from the infected device and emails them to a command-and-control (C&C) infrastructure hosted …
John Leyden, 17 Dec 2013
Licensed under creative commons (Kafa4Prez) http://creativecommons.org/licenses/by-sa/2.0/deed.en

'Hand of Thief' banking Trojan reaches for Linux – for only $2K

Cybercrooks have created a banking Trojan that targets Linux users, which is been touted for sale on underground cybercrime forums for just $2,000 a pop. The "Hand of Thief" malware is a rare example of malicious code written especially to target the open-source operating system. The digital nasty includes form-grabbers for HTTP …
John Leyden, 08 Aug 2013
Prison window

Computing student jailed after failing to hand over crypto keys

A computer science student accused of hacking offences has been jailed for six months for failing to hand over his encryption passwords, which he had been urged to do in "the interests of national security". Christopher Wilson, 22, of Mitford Close, Washington, Tyne and Wear, was jailed for refusing to hand over his computer …
John Leyden, 08 Jul 2014