Free Republic

Chalk up one for the defenders. Here’s how a trio of security researchers used a three-step attack to defeat a 250,000-pronged botnet.For two years as a researcher with security company FireEye, Atif Mushtaq worked to keep Mega-D bot malware from infecting clients' networks. In the process, he learned how its controllers operated it. Last June, he began publishing his findings online. In November, he suddenly switched from de fense to offense. And Mega-D--a powerful, resilient botnet that had forced 250,000 PCs to do its bidding--went down. Mushtaq and two FireEye colleagues went after Mega-D's command infrastructure. A botnet's first wave...

MONDAY, DECEMBER 07, 2009 Celebrity-Themed Scareware Campaign Abusing DocStoc UPDATE: Docstoc has removed all the participating accounts in this campaign, and is applying additional filtering to undermine its effectiveness. Last week's "Celebrity-Themed Scareware Campaign Abusing DocStoc and Scribd" is now exclusively targeting the popular Docstoc document-sharing service. Naturally, this very latest campaign once again offers overwhelming evidence on the inner workings of the cybercrime ecosystem, in this particular case, the connection between the Koobface gang and money mule recruitment campaigns.

I was checking my Twitter account today (@davidioxley) when I saw that the FBI Press Office (@FBIPressOffice) had just posted a lengthy series of tweets concerning wanted fugitives. Among these were terrorists, pimps, drug kingpins, and your regular run-of-the-mill scum of the earth. Alas, no one looked familiar. Guess I’m going to have to work for that $1,000,000 instead… What caught my attention, however, were three tweets that began with the words “Cyber Criminals.” Currently there are four cyber criminals profiled on the FBI site. It’s not quite “America’s Most Wanted,” but here’s our lineup (in alphabetical order). All pictures...

The FBI on Wednesday announced that it had charged 53 defendants, the largest number ever charged in a cybercrime case, following a multinational investigation into a phishing scheme that operated in the United States and Egypt. Thirty-three of the 53 defendants named in the indictment have been arrested, the FBI said, and several others are being sought. The investigation, dubbed "Operation Phish Phry," began in 2007. Authorities in Egypt have charged 47 defendants linked to the phishing operation. Phishing is a form of social engineering that attempts to convince Internet users, via e-mail or other means, to provide online credentials...

SNIPPET: "I guess it was inevitable. With the growth in SaaS (Software as a Service), it was only a matter of time before we saw CaaS - Crimeware as a Service. Criminal gangs are now offering services such as DDOS attacks, botnet rental, malware creation and electronic money laundering. And then there are the more exclusive, targeted services such as whaling to attack high net worth individuals and organisations. CaaS is one of the emerging threats associated with organised cybercrime, which is at the top of the latest Information Security Forum (ISF) Threat Horizon 2011 report." Permalink: http://www.infosecurityadviser.com/view_message?id=138

The rise of cyber attacks - and the call for global collaboration on solutions that reduce the threat - has led the United States Secret Service to become the sixth government agency to join Transglobal Secure Collaboration Program (TSCP). The move reflects a growing awareness of the need for a united effort and common solutions to defend against the advanced persistent threat of cyber attacks against nations and commercial organizations alike. High-profile attacks, such as GhostNet and the U.S. electrical grid infiltration, create the imperative for government agencies and private industry to work together on viable and robust solutions that...

SNIPPET: "An ongoing blackhat SEO (search engine optimization) campaign is actively hijacking a variety of U.S Federal Forms keywords in an attempt to serve the Personal Antivirus (Trojan.Win32.FakeXPA) scareware." SNIPPET: "Disruption of the campaign is in progress."

http://forums.somethingawful.com/showthread.php?threadid=3179840 As some of you may have noticed, recently the Republican Party has begun cracking down on the "birthers", realizing that openly supporting the most crazy members of your party is, well, problematic for appealing to non-crazy people. This, of course, leads to even more crazy, as they turn on their leaders for hiding the "truth". It's a drat shame to let all this crazy go to waste, when properly cultivated and raised it could be so much more. So welcome to the first FreeRepublic Infiltration Contest! We're going to infiltrate freerepublic as agents provocateur. This can take several forms;...

SNIPPET: "Today the world faces a wide array of cyber threats. The majority of these threats are aimed at the Western democracies and the Western-leaning countries of other regions. The reason for this is simple: They are ripe targets. These countries are either highly dependent, almost completely in some cases, on cyber means for nearly every significant societal interaction or are racing toward that goal. They seek the speed, accuracy, efficiency, and ease that a "wired" system of systems brings and all the benefits that accrue to such a situation. The danger we face is that there are many individuals,...

TUESDAY, MAY 19, 2009 "In gaz we trust"? I'd rather change GazTranzitStroyInfo's vision to HangUp Team's infamous - "in fraud we trust". It is somehow weird to what lengths would certain cybercriminals go to create a feeling of legitimacy of their enterprise.

Officials with the Defense Department and Lockheed Martin disputed a report by The Wall Street Journal that computer spies had hacked into government and contractor computer systems and stolen data about the design of the F-35 joint strike fighter program. The newspaper reported Tuesday that several government officials confirmed that intruders had downloaded F-35 data. The hackers could not access the most sensitive design data about the aircraft’s flight controls and electronics, which are stored on computers not connected to the Internet, The Journal reported. In a conference call with Wall Street analysts, Bruce Tanner, Lockheed’s chief financial officer, said...

The Sun-Sentinel has an article this morning about how a hackers are using a Web site that is posing as the Palm Beach County government Web site: Leaving out the first “.” in www.pbcgov.com lands unwitting visitors on a hoax site. Making the wrong move on that site could enable hackers and spammers to secretly take over a computer, using it to send viruses and mass e-mails without the owner knowing. Michael Butler, the county director of network services, says there’s a Trojan Horse for them to take over your machine. When you visit the hoax site, an official-looking message...

SNIPPET: "Oops, they keep doing it again and again. The web site of the Ethiopian Embassy in Washington D.C (ethiopianembassy.org) has been compromised and is currently iFrame-ed to point to a live exploits serving URL on behalf of Russian cybercriminals, naturally in a multitasking mode since the iFrame used to act as a redirector in several other malware campaigns. Despite that the iFrame domain (1tvv .com/index.php) is already "taken care of", details on the original campaign can still be provided."

KNOXVILLE, Tenn. (AP) - Three more federal charges have been filed against a University of Tennessee student charged with hacking into the personal e-mail account of Alaska Gov. and former Republican vice presidential nominee Sarah Palin.

If you're one of the many who envision hackers and identity thieves as pitiful, grubby men, slouched behind their computers in their parents' basements, peering at their computer screens with beady, glazed eyes, then the group of hackers that stole $9 million from global ATMs this past November might just put a new image in your mind. According to Network World, these cyber criminals are more cat burglar than catatonic, having composed an attack plan worthy of a Hollywood screenplay. In the first stage of their attack, the thieves hacked into electronic payment processing service RBS WorldPay, where they obtained...

In what appears to be a growing trend, displaced employees are turning to cybercrime using their corporate data access to steal, exploit and damage information networks, and may have cost businesses as much as $1 trillion globally according to a new study from McAfee and Purdue University's Center for Education and Research in Information Assurance and Security Although insiders have always posed a threat to information security, the report warns that the global recession is putting vital information at greater risk than ever before. The report, Unsecured Economies: Protecting Vital Information (free, requires free registration) was released last week at...

(beginning of article snipped) Obama's team may not be so lucky. It got off to a bad start by breaking loads of existing links, and by using WebTrends tracking code without making this clear to users. Also, while everybody loves YouTube, it may not be the best idea to serve WhiteHouse.gov videos from there. YouTube is owned by Google, which was one of Obama's contributors. (snip)

An unknown hacker has been on a Search Engine Optimization rampage to flood search engines with more than a million ways to infect yourself with his virus. This is the first major "Scareware" infection we've seen since writing about the Federal Trade Commission's action in our December 10th blog post, FTC Moves Against Fake Anti-Virus Scareware. The current scam takes advantage of the thousands of websites which have a "URL redirect" on them. A URL redirection program allows the website owner to "send you" to another website, while keeping track of where you went. They are often used in conjunction...

You didn't even think for a second that the supply of typosqutted domains serving packed and triple crypted to the point where the binary is not longer executing, fake security software domains is declining? With the upcoming holidays and the usual peak of web traffic, malicious activity on all fronts is prone to increase during December.

I’m leaving blow-by-blow coverage of election results to the approximately one million sites that will be looking at them in detail all through the night, but in the true spirit of election day, here’s a really nasty trick to consider. As an article by Scott Berinato in this month’s Wired magazine describes, distributed denial-of-service attacks can shut down the web servers of companies and organizations within minutes, even if they’ve taken measures to protect themselves. How do they work? Hackers penetrate inadequately protected computers (yours?) and install software (a “bot”) that hides in the background until it’s triggered by a...

The World Bank Group's computer network — one of the largest repositories of sensitive data about the economies of every nation — has been raided repeatedly by outsiders for more than a year, FOX News has learned. It is still not known how much information was stolen. But sources inside the bank confirm that servers in the institution's highly-restricted treasury unit were deeply penetrated with spy software last April. Invaders also had full access to the rest of the bank's network for nearly a month in June and July. In total, at least six major intrusions — two of them...

In an underground ecosystem that is anything but old fashioned when it comes to abusing legitimate web services, cybecriminals have started exploiting the traffic momentum, and by monitoring the peak traffic for popular search queries using Google’s Trends, are syndicating the keywords in order to acquire the traffic and direct it to malware serving blogs primarily hosted at Windows Live’s Spaces. According to a recent advisory issued by Webroot : “For the first time, hackers are capitalizing on the top news stories from Google Trends Labs, which lists the day’s most frequently searched topics, which can include news of the...

LAS VEGAS, Nevada (AFP) - A US judge on Saturday gagged hackers from telling peers at a notorious DefCon conference how to get free rides by cracking commonly used subway "smart cards." The decision was immediately condemned by Internet rights attorneys that decried it as an attack on free speech that endangers the existence of computer security gatherings such as DefCon and Black Hat.

n army of Internet avengers has set out to destroy Lori Drew and her family. With ruthless efficiency, they have learned the identity of the suburban St. Louis woman whose cyberspace meddling appears to have played a role in the suicide of a 13-year-old neighbor girl. They have published her address, phone numbers and photos, and harangued the clients of her advertising business. The Drew family has fled its home. Their teenage daughter is living apart from her parents, for her safety. The advertising business is closed. And still the online avengers forge on, seeking the whereabouts of Lori and...

China Disputes Cyber Crime Report By JORDAN ROBERTSONThe Associated PressThursday, November 29, 2007; 6:25 PM SAN FRANCISCO -- The Chinese government on Thursday disputed a report labeling it the world's most aggressive offender in probing for holes in other nations' Internet security and encouraging a looming global cyber showdown.The report, issued Thursday by Santa Clara-based security software vendor McAfee Inc., said government-affiliated hackers in China are at the forefront of a brewing "cyber Cold War" still in its infancy.Within two decades, according to McAfee, the scuffle could erupt into a worldwide conflict involving hundreds of countries attacking one another's online...

<p>As readers of this site know, among the vast pinata of hate-mail I get, I have received death threats from four diverse members of the "Religion of Peace," threatening to murder me and my family members, after raping and torturing me. And I take them very seriously.</p>

Exploit Prevention Labs in Atlanta, GA reported in September that company researchers have discovered a scam in which e-cards are used to install keylogger software on the victim’s computer. The scam, which was executed by an Australian cyber criminal ring and is known as MDAC, involves sending to the user an e-card that appears to originate from a major online greeting card service. When the user clicks on the hyperlink to open the card, the browser is redirected to a exploit server, which checks to see if the computer has been updated with the latest security patches. If it hasn’t,...

Trashing privacy By Bob Barr August 20, 2006 Thanks to the U.S. Senate's remarkable but well-known lack of backbone, nations such as Albania, Croatia, Uganda and many others now will be able to call up the U.S. Justice Department and find out as much as they would like about anything you do with your computer. At this point, you probably wonder why you haven't read about this. Frankly, there's not much reason you would have, unless you read some relatively obscure publications that focus mostly on technology issues. Another reason you wouldn't likely have heard of it is, of course,...

The CAD/CAM company thought it was protecting itself, having employees of the Indian outsourcing company that was debugging its source code sign non-disclosure agreements. But when a disgruntled outsourcing employee swiped a copy of the code a few years back and tried to sell it to the CAD/CAM vendor's competitors, the vendor found out that the NDAs were of little use when it came to prosecuting the alleged thief in India. "They weren't worth the paper they were written on," says Nenette Day, an FBI special agent out of Boston who did double duty as both the case agent and...

Biting the hand that feeds IT Original URL: http://www.theregister.co.uk/2005/11/29/cybercrime/Cybercrime 'more lucrative' than drugs By John Leyden Published Tuesday 29th November 2005 12:18 GMT Global cybercrime turned over more money than drug trafficking last year, according to a US Treasury advisor. Valerie McNiven, an advisor to the US government on cybercrime, claimed1 that corporate espionage, child pornography, stock manipulation, phishing fraud and copyright offences cause more financial harm than the trade in illegal narcotics such as heroin and cocaine."Last year was the first year that proceeds from cybercrime were greater than proceeds from the sale of illegal drugs, and that was,...

The former employee stole e-mail screen names and sold them to a spammer for $28,000. NEW YORK (Reuters) - A former America Online employee was sentenced to 15 months in prison on Wednesday for stealing 92 million e-mail screen names from the Internet company and selling them to a "spammer." Jason Smathers, 25, pleaded guilty in February in federal court in Manhattan to charges including conspiracy and interstate trafficking of stolen property. He was paid $28,000 by an Internet marketer for the names, which were taken from AOL's database of 30 million subscribers at the time. AOL subscribers can have...

Abstract This paper examines the Council of Europe ("CoE") Convention from a human rights and civil liberties point of view. It addresses only those parts of the Convention that have been the most controversial internationally in the time since the draft was publicly released in April 2000. It is postulated that the draft Convention fails to address privacy rights and focuses almost completely on law enforcement demands. The paper examines concerns over the adequacy of privacy and data protection, surveillance proposals, international cooperation in the absence of dual criminality, and removal of the common law privilege against self-incrimination. Recent Australian...

Ezboard Inc. Victim Of Vicious Internet Attack By D.L. McCracken Jun 1, 2005, 11:30 Ezboard systems touted as the "largest online community network site on the planet", was virtually brought to its knees Tuesday as the result of "a very precise and malicious internet attack resulting in the loss of a significant amount of current and historical board postings and interrupted services across all systems", according to Ezboards' CEO, Robert Labatt's message to Ezboard members. Tuesday's attack caused denial of service errors throughout the system and affected millions of users across approximately 9,000 message boards. The attack resulted in massive...

Simple question. Has EZBoard been hacked? Certainly, there is a major outage under way over there. There was a rumor of malicious code and hacking. I reckon a few of you also use EZBoard. I welcome your observations.

In an unmarked building in downtown Washington, Brian K. Nagel and 15 other Secret Service agents manned a high-tech command center, poised for the largest-ever roundup of a cybercrime gang. A huge map of the U.S., spread across 12 digital screens, gave them a view of their prey, from Arizona to New Jersey. It was Tuesday, Oct. 26, 2004, and Operation Firewall was about to be unleashed. The target: the ShadowCrew, a gang whose members were schooled in identity theft, bank account pillage, and the fencing of ill-gotten wares on the Web, police say. For months, agents had been watching...

The spread of the wireless data technology known as Wi-Fi has reshaped the way millions of Americans go online, letting them tap into high-speed Internet connections effortlessly at home and in many public places. But every convenience has its cost. Federal and state law enforcement officials say sophisticated criminals have begun to use the unsecured Wi-Fi networks of unsuspecting consumers and businesses to help cover their tracks in cyberspace. In the wired world, it was often difficult for lawbreakers to make themselves untraceable on the Internet. In the wireless world, with scores of open Wi-Fi networks in some neighborhoods, it...

CHICAGO -- Leading technology executives are pressing the White House to create a commission on cyber-crime, hoping the panel can develop solutions to vexing computer problems, such as spam and identity theft, but skeptics told UPI's The Web if developers would build better and more secure products, the problems of cyber-security would become less severe. Executives from Adobe Systems, Dell, Hewlett-Packard, IBM and Microsoft, among others, last week met with White House science adviser John Marburger, as well as with officials from the Office of Management and Budget and the U.S. Department of Commerce to discuss the subject. "We believe...

Republican Websites Hacked in Protest of Inaugurations; DU shouting its approval Six Republican websites recently fell victim to left-wing cyber extremists, intent on shutting off what they do not want freedom-loving, free-speech backers to hear. Democratic Underground posters are praising the effort. The following is an excerpt of what is currently being posted on the DU site: NOT MY PRESIDENT, NOT MY WAR! THIS WHOLE SYSTEM IS ROTTEN TO THE CORE! In solidarity with the billions around the world who are being oppressed under the Bush agenda, The Internet Liberation Front has hacked and defaced six Republican websites who push...

Okay folks, need some thoughts on cyber crime. My struggling start-up company was the victim of some soul-less person who decided to use a stolen credit card and then download copyrighted information from our server. They have since contacted us with some extortion demands which we won't pay, based both on principle and poverty. Come up with $40K or they distribute the two reports out to the world. They sent it to 10 people tonight and copied the addressed to us. I've already filled out an on-line complaint with the FBI and I'm sure holding my breath waiting for them...

George Washington sailor is suspected in identity theft By MATTHEW DOLAN, The Virginian-Pilot © September 16, 2004 Last updated: 11:00 PM NORFOLK — A sailor serving aboard the aircraft carrier George Washington conspired to steal the identities of other sailors to buy more than $100,000 in luxury goods, according to military court papers released Wednesday. Petty Officer 3rd Class Curtis L. Phillips , 27, has been charged with unauthorized absence, using a ship computer to access personnel information, criminal misconduct and conspiracy involving the theft of his fellow sailors’ Social Security numbers. At least 19 officers on the aircraft carrier...

Wired.com reports that computer hackers are aiming to disrupt Republican websites during the Republican National Convention. Hardened electronic activists are planning to jam up the servers of GeorgeWBush.com, GOP.com and related websites, once the Republican National Convention gets underway Aug. 29. "We want to bombard (the Republican sites) with so much traffic that nobody can get in," said CrimethInc, a member of the so-called Black Hat Hackers Bloc. It's one of several groups planning to distribute software tools to reload Republican sites over and over again. These FloodNet programs are similar to hackers' distributed denial-of-service attacks, which overwhelm a server...

The retirement of Richard Clarke is appropriate to the reality of the war on terror. Years ago, Clarke bet his national security career on the idea that electronic war was going to be real war. He lost, because as al Qaeda and Iraq have shown, real action is still of the blood and guts kind. In happier times prior to 9/11, Clarke -- as Bill Clinton's counter-terror point man in the National Security Council -- devoted great effort to convincing national movers and shakers that cyberattack was the coming thing. While ostensibly involved in preparations for bioterrorism and trying to...

Hackers are preparing to launch a massive attack on millions of home PC users, experts have warned. They believe the current explosion in the number of email viruses - including MyDoom, netsky and bagle - is laying the groundwork for a systematic attack. The experts suspect that organised crime syndicates could be involved. Millions of computers across the world have been infected by one of the unprecedented number of viruses circulating. Some viruses have been designed so that when they infect a computer, they install an "electronic backdoor". This can be used later to hack into the infected computer and...

January 29, 2004 Homeland Security Announces New Milestones in its Global Effort to Combat Child Sex Predators Measures Include Publicity Campaign and Pact with National Child Protection Group LOS ANGELES, Calif. – The Department of Homeland Security’s U.S. Immigration and Customs Enforcement (ICE) today announced new milestones in Operation Predator, the Department’s ongoing campaign to combat child sexual predators worldwide. The advances include the signing of an agreement with the National Center for Missing & Exploited Children (NCMEC). Today’s announcement follows a series of ICE enforcement actions over the last three weeks in the Los Angeles area that have resulted...

FBI Takes Computer Servers From Internet Chat Room Company Feb.24,'04 The Associated Press POWELL, Ohio (AP) - Federal agents conducting an Internet crime investigation confiscated computer equipment and data files from a company that hosts private Internet chat rooms, an FBI spokesman said Tuesday. Agents took computer servers from CIT Hosting while executing a search warrant Feb. 14 at a house in the Columbus suburbs, FBI spokesman James Turgal said. He would not elaborate on the investigation other than to say it concerns "cyber crime" and is not terrorism-related. "According to the warrant, it appears that the bureau is investigating...

Anti-spam organisations are coming under attack from a virus written to bombard their websites with junk data.The Mimail-L Windows virus poses as an e-mail from a woman called Wendy who writes about a sexual encounter and offers readers nude photographs. Opening the message's attachment rewards users with a virus that forwards itself to everyone in their e-mail address book. It also turns infected machines into junk mail relays that can be used to forward thousands of messages to one of eight anti-spam websites. Porn offerLike most other viruses, Mimail-L is aimed at users of Microsoft Windows and its Outlook e-mail...

<p>More than 125 people have been charged in a nationwide raid of computer hackers, identity thieves and other Internet criminals as part of a federal investigation called Operation Cyber Sweep, Attorney General John Ashcroft said yesterday.</p> <p>The joint Justice Department and Department of Homeland Security probe, coordinated by 34 U.S. attorneys' offices, the FBI, the U.S. Postal Inspection Service, the Federal Trade Commission, the Secret Service and the Bureau of Immigration and Customs Enforcement, targeted online economic crimes involving schemes including fraud, software piracy and the fencing of stolen goods.</p>

US cybercrime push 'imperils personal security' of Americans By John Leyden Posted: 20/11/2003 at 12:27 GMT White House plans to ratify a Council of Europe Cybercrime treaty will be a disaster for the privacy and security of Americans, Privacy International (PI), the human rights watchdog, claims. President Bush this week urged Senators to back the adoption of the mutual assistance Treaty into US law. The Treaty, designed to streamline cooperation between signatory countries, will significant expand the power of investigators to access data and prosecute offences ranging from copyright infringement to "hate speech". PI warns that if the Senate ratifies...

Bush pushes for cybercrime treaty By Declan McCullagh Staff Writer, CNET News.com President Bush has asked the U.S. Senate to ratify the first international cybercrime treaty. In a letter to the Senate on Monday, Bush called the Council of Europe's controversial treaty "an effective tool in the global effort to combat computer-related crime" and "the only multilateral treaty to address the problems of computer-related crime and electronic evidence gathering." Even though the United States is a nonvoting member of the Council of Europe, it has pressed hard for the cybercrime treaty as a way to establish international criminal standards related...

BUCHAREST, Romania - It was nearly 70 degrees below zero outside, but the e-mail on a computer at the South Pole Research Center sent a different kind of chill through the scientists inside. "I've hacked into the server. Pay me off or I'll sell the station's data to another country and tell the world how vulnerable you are," the message warned. Proving it was no hoax, the message included scientific data showing the extortionist had roamed freely around the server, which controlled the 50 researchers' life-support systems. The FBI (news - web sites) traced the e-mail to an Internet cafe...