Entries with tag criminal investigations.

Target: Stolen Vendor Credentials Enabled Huge Data Theft

The Target department-store chain says that hackers used stolen electronic credentials to access the retailer’s computer network and steal 40 million credit and debit card records and 70 million other pieces of customer data. Without providing additional details, Target stated, “The ongoing forensic investigation has indicated that the intruder stole a vendor's credentials, which were used to access our system.” No other details were provided by the company. Since the attack, which Target discovered on 15 December 2013, the company has reportedly restricted access to its human resources website and Info Retriever database for suppliers. Security journalist Brian Krebs said deeper analysis of files related to the hack “suggests that the attackers may have had help from a poorly secured feature built into a widely-used IT management software product that was running on the retailer’s internal network.” Specifically, they used a default administrative username installed with BMC Software’s Performance Assurance for Microsoft Servers to access the company’s point-of-sale system and infect it with malware. Precisely how they initially gained access to the system is still unknown. The hackers also reportedly created a central control server within the Target network on which they stored all collected data. Several federal agencies are investigating the breach. (Reuters)(The Wall Street Journal)(Krebs on Security) 

Experts Debate Origins of Malware in Recent Attacks on Retailers

A security firm that originally tied malware used in the Target and Neiman Marcus cyberattacks to a Russian teenager is now backing off those claims. IntelCrawler had said that a St. Petersburg area teen not involved in the actual attacks wrote the  KAPTOXA or BlackPOS memory scraping malware. However, the company said this may not be the case after respected security blogger Brian Krebs wrote that he isn’t convinced the teenager wrote the malicious software.  The malware was reportedly created in March 2013, then placed online for others to take, alter, and utilize. It was used in a security breach in the Target department-store chain’s point-of-sales terminals, which yielded sensitive information for perhaps 70 million to 110 million customers. The Neiman Marcus luxury department store chain’s network was also compromised, as were retailers elsewhere in the US, as well as in Australia and Canada. (CNN @ KPHO)(Reuters)(BankInfoSecurity)(Krebs on Security)(Krebs @ Twitter)(Fox News)
 

Officials: Texas Arrests Unlikely to Aid in Netting Target Hackers

Although Texas police arrested two people at the Mexican border with 100 fake credit cards, some of which had debit- and credit-card numbers stolen in the recent network breach of the Target department-store chain, security experts say they are skeptical this will help authorities find the hackers responsible given what authorities characterize as “the vast, labyrinthine nature of the global market for stolen data.” These arrested suspects may have purchased the information they used on the online black market and have no knowledge of who hacked the Target system, according to law enforcement officials. Despite this, the US Secret Service is investigating whether there is a link between the Target attack and the Texas arrests. Typically, when criminals steal massive amounts of debit- or credit-card data, they sell it piecemeal online, said Chester Wisniewski, senior security adviser for the computer security firm Sophos. In the Target breach, hackers stole roughly 40 million debit and credit card numbers plus the personal information of about 70 million people. (Associated Press)(Reuters)

US Blocks Some Major Bitcoin Exchange Transactions

The US Department of Homeland Security’s (DHS’s) Immigration and Customs Enforcement agency has taken  legal action to stop the Dwolla online payment service from processing bitcoin virtual-currency transactions. Dwolla can now no longer send funds to Mt. Gox, the world’s largest bitcoin exchange. Some Bitcoin exchanges let users buy bitcoins with money transferred via Dwolla and then sell bitcoins with the proceeds transferred to them via Dwolla. In a warrant, DHS accused Mt. Gox of operating an unlicensed money transmitting business. In its investigation, DHS said, it used an undercover informant who bought bitcoins using Dwolla and subsequently had them converted to dollars. In a statement posted on its Google+ account, Mt. Gox said “we have not been provided with a copy of the court order and/or warrant, and do not know its scope and/or the reasons for its issuance. Mt. Gox is investigating and will provide further reports when additional information becomes known.” (CNET)(Ars Technica)(The New York Post)(Mt. Gox)
 

Dutch Officials Propose Law Authorizing Police Hacking

Newly proposed legislation in the Netherlands would give Dutch police who investigate online crimes the right to hack into computers in the country or abroad, with judicial approval. In addition to reading e-mail, law enforcement officers could install spyware or destroy files to combat cybercrimes. The pending law would also make it a crime for an individual or company not to decrypt files as requested by law enforcement in the course of an investigation. The Dutch parliament is expected to vote on the bill by year’s end. Proponents say the law would address areas of concern such as child pornography, terrorism, and distributed denial-of-service attacks. Dutch privacy advocates say the law could set a dangerous precedent for government access to civilian computers. They contend that the problem is not a lack of police power but a shortage of knowledge and manpower. (PhysOrg)(Computerworld)(BBC)(Ministerie van Veiligheid en Justitie)

Showing 5 results.