March 8th, 2010
The Bangkok Post’s article on a Malaysian man’s arrest and extradition to the U.S., charged with identity theft, a part of a prosecution begun in 2008, exposes potentially the 12th person known only by his handle “Delpiero”. The man will be extradited for theft and sale of over 40 million credit card numbers and personal information. From a 2008 article reporting the original case:
“Indictments against Hung-Ming Chiu and Zhi Zhi Wang, both of China, and a person known only by the online nickname “Delpiero” were also unsealed in San Diego.”
Damages from the hack(s) were not estimated in 2008: ‘”They used sophisticated computer hacking techniques that would allow them to breach security systems and install programs that gathered enormous quantities of personal financial data, which they then allegedly either sold to others or used themselves,” Attorney General Michael Mukasey said at a news conference. “And in total, they caused widespread losses by banks, retailers, and consumers. Mukasey called the total dollar amount of the alleged theft “impossible to quantify at this point”‘, but the Bangkok Post article seems to cite an estimated $150 million for the ring’s take.
Posted in Crimeware, Fbi, Government and Cybersecurity, Scams and Monetization, Security breach | 1 Comment »
March 5th, 2010
The Koobface gang’s changing tricks and longevity are noted at a recent USAToday article. They’ve recently upped their activity on a major social networking site and user infections appear to have a quick jump. The current theme has been effective for the past month. A message will arrive in a user’s box from a friend (names purposely removed from image). Note that the gang is no longer using the bit.ly service in their attack links:
The link will lead the user to the familiar phony Yuotube “Broadcast Yourself” page with video frame and flash installer prompt “This content requires Adobe Flash Player 10.37. Would you like to install it now?”. The “setup.exe” file from “SquarePants”. When setup.exe is run, this file in turn drops and runs “bill103.exe” or “bill104.exe” and begins its badness. ThreatFire prevents it effectively.
Past posts on Koobface here.
If you are prompted to install the Flash Player, you can skip the install and go to the vendor’s site directly to download the player’s installer and install it in your web browser. Then browse the page you want to view. For legitimate sites, the content should play.
Posted in Bot, Downloader, Dropper, Koobface, Social Engineering, Uncategorized | 1 Comment »
March 4th, 2010
The U.S. Secretary of Homeland Security Janet Napolitano was this morning’s keynote speaker at RSA Conference 2010, speaking about succeeding in the cybersecurity battle. She joins the list of prominent speakers this week, along with Symantec’s Enrique Salem on “Defeating the Enemy: The Road to Confidence”. The conference continues through the week, and you can keep up to date with links to interactive webcasts here.
This year’s Cryptographer’s Panel discussed some interesting work on the new MD6 hash algorithm within the SHA-3 Competition, and MD5 as a ”dead hash algorithm”. This talk marked hopefully the last year of commercial Md5 use, in light of Md5’s fairly substantial and vulnerable use by vendors, webmasters and Certificate Authorities up through the beginning of 2009. May its death arrive quickly and a new, performance sensitive MD6 born soon.
Posted in Conference, Government and Cybersecurity | No Comments »
