Entries with tag cybercriminals.

British Citizen Charged in Numerous US Hacking Incidents

US officials have charged a UK computer hacker with breaching thousands of computer systems, including US military and government networks, and stealing confidential data. They charged Lauri Love, 28, with one count of accessing a federal agency’s computer without permission and one count of conspiracy. US attorneys filed their case in New Jersey, the location of one of the servers that Love allegedly used. Love was arrested on 25 October in the UK. Between October 2012 and October 2013, Love and others allegedly placed back doors in networks they breached, which allowed them to re-enter and take data. They reportedly hacked networks including those run by the US Department of Defense’s Missile Defense Agency, the US Army Corps of Engineers, NASA, and the Environmental Protection Agency and allegedly took budget information and personal data on military and government personnel. Love faces US and UK charges related to other incidents. (Reuters)(Associated Press @ Washington Post)

US Authorities Charge Hackers in Huge, High Profile Attacks

US authorities have charged four Russians and a Ukrainian in connection with an extensive, eight-year hacking operation in which they allegedly stole 160 million credit-card numbers and sold them on the black market. The network’s targets included numerous high-profile payment processors, retailers, and financial institutions including the 7-Eleven convenience-store company, Dow Jones, the Hannaford Bros. supermarket chain, the J.C. Penney department stores, and Visa Jordan Card Services, a licensee of the Visa credit-card company in the country of Jordan. Hackers initially penetrated the networks via SQL injection attacks and then added a backdoor to enable easy ongoing access. They stole usernames, passwords, other types of personal identification used for verification, credit-card numbers, and debit-card information. The hackers sold the data to identity-theft wholesalers for $10 per US credit card and associated data; $15 per Canadian credit card and associated data; and $50 per European credit card and associated data. The wholesalers put the information onto blank credit or debit cards that could be used to withdraw money or make purchases. Authorities indicted the suspects on charges including conspiracy to gain unauthorized access to computers, conspiracy to commit wire fraud, and wire fraud. Two were arrested in the Netherlands and have been extradited to the US, but the other three are at large. (SlashDot)(SecurityWeek)(The New York Times)

Security Researcher Thwarts Attempt to Frame Him for Heroin Possession

A US-based Internet-security researcher has discovered and blocked a hacker’s attempt to frame him for possession of heroin. Researcher Brian Krebs claims a Russian cybercrime forum’s administrator devised a plan to purchase heroin using bitcoin donations from other forum members and deliver the drugs to Krebs. A compatriot was then supposed to pretend to be a concerned neighbor and call the police to raid the researcher’s house.Krebs, however, saw the plot unfold while monitoring the Russian website and contacted the FBI and local police, who took the drugs once they arrived. Krebs noted that this is not the first attempt by cybercriminals to cause problems for him that might dissuade him from reporting on them. “One called in a phony hostage situation that resulted in a dozen heavily armed police surrounding my home,” he wrote. “Another opened a $20,000 new line of credit in my name. Others sent more than $1,000 in bogus PayPal donations from hacked accounts. Still more ‘admirers’ paid my cable bill for the next three years using stolen credit cards. Malware authors have even used my name and likeness to peddle their wares.” (BBC)(Krebs on Security) 

Hacker Network Steals Millions from ATMs

A sophisticated, global hacking network committed a series of thefts from ATMs in two dozen different countries -- including the United States, Japan, Russia, Romania, Egypt, Colombia, Britain, Sri Lanka, and Canada -- that netted the criminals $45 million. Officials arrested seven people in the US in connection with the thefts, which a dozen law-enforcement agencies worldwide have been investigating. Law-enforcement officials said the network’s leaders deployed operatives operating in cells in 27 countries, including this group in the US. According to authorities, the hackers infiltrated the databases of two Middle Eastern banks. They then reportedly eliminated withdrawal limits on prepaid debit cards and created passwords for the accounts. They then allegedly loaded the stolen account information onto plastic cards—including even old hotel key cards or expired credit cards—with a magnetic stripe. The hackers then reportedly coordinated the use of these cards with the different cells or groups of “cashers” they set up to quickly withdraw funds from various ATMs. Those cells retrieving the cash took their cut, laundered the money, and sent it in the form of goods or cash to the network’s leaders. In the first operation, the hackers took $5 million. In the second operation, officials claim that within 10 hours, the hackers took $40 million in a series of 36,000 transactions. They made 40,500 withdrawals overall in the two different operations. Security experts say the problem is that many banks and merchants in the United States use cards with magnetic strips rather than those with chips that are difficult to duplicate. Investigators say the suspects from the US cell are US citizens originally from the Dominican Republic living in Yonkers, New York, and face charges of conspiracy and money laundering after allegedly stealing $2.8 million. (CNBC)(The Associated Press @ The Telegraph)(Reuters @ NBCNews)(The New York Times -- 1) (The New York Times -- 2)(The Los Angeles Times)

Security Researchers: Computer Virus Targets Venezuelans

Researchers from security vendor Kaspersky Lab have announced the discovery of a virus that targets Venezuelans and steals their online credentials. Victims download the virus after clicking on a link— “listas-fraude-electoral.pdf.exe” (which means “electoral fraud lists”).—that purportedly connects to information about that nation’s recent presidential election. Dmitry Bestuzhev, Kaspersky’s head of Latin America research, said the malware spreads via e-mail and affected at least 75 of the company’s customers. The virus lets criminals steal victims’ banking information and their online credentials for Comisión de Administración de Divisas, the nation’s currency agency. “Being that this malware is quite simple and also targeting only Venezuelan banks and CADIVI, we can strongly assume that the cybercriminals who produced it are from Venezuela, too," Bestuzhev wrote.
(PhysOrg)(The Associated Press @ The Washington Post)(Kaspersky Lab SecureList)

Showing 5 results.