Archive for the ‘Fbi’ Category

FBI IC3 2009 Report

Saturday, March 13th, 2010

The Fbi released its Internet Crime Complaint Center (IC3) 2009 report. The organization maintains that cyberfraud losses reported to them doubled year over year.

The report contains what appears to be significant changes. The report includes mention of the FakeAv scams that have plaqued users over the past couple of years. Another friend just brought in a laptop screaming “Your system is infected!” yesterday, most likely due to a banner ad drive-by. At this point, it’s hard to believe that the fraud is not occuring on a large enough scale to quantify the criminal activity.

The report provides list of the most common complaints that the IC3 received in 2009, including spam, identity theft, credit card fraud, and computer damage, all things that an additional layer of protection like ThreatFire effectively helps protect your system against.

Complaints of internet crime, including spam and fraud, should be filed here, in addition to making other appropriate contacts. They can’t report on what is not filed.

Delpiero Nabbed?

Monday, March 8th, 2010

The Bangkok Post’s article on a Malaysian man’s arrest and extradition to the U.S., charged with identity theft, a part of a prosecution begun in 2008, exposes potentially the 12th person known only by his handle “Delpiero”. The man will be extradited for theft and sale of over 40 million credit card numbers and personal information. From a 2008 article reporting the original case:

“Indictments against Hung-Ming Chiu and Zhi Zhi Wang, both of China, and a person known only by the online nickname “Delpiero” were also unsealed in San Diego.”

Damages from the hack(s) were not estimated in 2008:  ‘”They used sophisticated computer hacking techniques that would allow them to breach security systems and install programs that gathered enormous quantities of personal financial data, which they then allegedly either sold to others or used themselves,” Attorney General Michael Mukasey said at a news conference. “And in total, they caused widespread losses by banks, retailers, and consumers. Mukasey called the total dollar amount of the alleged theft “impossible to quantify at this point”‘, but the Bangkok Post article seems to cite an estimated $150 million for the ring’s take.

Multinational Phish Phry

Thursday, October 8th, 2009

In Wisconsin, they’ve got a great smelt fry on Lake Michigan. In Louisiana, you can find great crayfish boils. But in Los Angeles, the Fbi announced a very different fry — another major international cyberfaud takedown they named Operation Phish Phry. The hundreds of people involved defrauded online banking users with phony banking sites, stealing online user identities and later money with those user names and passwords from thousands of individuals.

We’ve posted previously on projects more closely related to ThreatFire’s anti-bot capabilities, like Operation Bot Roast. Sometimes, phishing web servers hosting fraudulent/spoofed banking web pages are provided by compromised, bot-infested systems, without the knowledge of the system’s user. Either way, this multi-year, multinational Phish Phry takes another facet of cybercrime off the grid.