Cybercrime Week in Review 18 July 2015
British Spamhaus DDoS Teen Walks Free (Info Security)
A British teenager has walked free from court despite pleading guilty to a DDoS attack on IP blacklister Spamhaus which was the largest ever of its kind when it struck in 2013.
Flash Player Update Patches Two Hacking Team Zero Days (Threat Post)
Adobe has put the two outstanding Hacking Team Flash Player zero-day vulnerabilities in check.
Mozilla blocks Flash on Firefox due to Hacking Team exploits (CSO)
Mozilla disabled Flash Player within Firefox on Tuesday, adding all versions of the software – including the most recent release – to the browser’s blocklist.
TeslaCrypt 2.0 disguised as CryptoWall (Securelist)
The TeslaCrypt family of ransomware encryptors is a relatively new threat: its samples were first detected in February 2015. Since then the malware has been widely portrayed in mass media as the ‘curse’ of computer gamers because it targets many game-related file types (game saves, user profiles, etc.). The Trojan’s targets have included people in the US, Germany, Spain and other countries.
ID Theft Service Proprietor Gets 13 Years (Krebs on Security)
A Vietnamese man who ran an online identity theft service that sold access to Social Security numbers and other personal information on more than 200 million Americans has been sentenced to 13 years in a U.S. prison.
Feds targeted in Clandestine Wolf phishing campaign (FCW)
A tenacious team of Chinese hackers targeted several large federal agencies in June with a new spear phishing campaign that uses an undiscovered flaw in Adobe Flash Player.
Darkode Shutdown: FireEye Intern Accused Of Creating $65,000 Android Malware (Forbes)
One of the more successful English-speaking cybercrime forums, Darkode, was shut down today and 28 arrests of individuals linked to the site made across the world, the FBI and Europol confirmed this morning.
Notorious cybercrime forum Darkode taken down, dozens arrested (Naked Security)
Darkode, a notorious cybercrime marketplace, was permanently shut down by a massive law enforcement operation coordinated between agencies in the US, Europe and elsewhere.
Google expanding security feature that prevents malware installs (ZDNet)
Google’s Safe Browsing feature can often be your “last line of defense” against unwanted software, like malware and browser toolbars.
Encrypted Web and Wi-Fi in danger as RC4 attacks become more practical (PCWorld)
There’s an old saying in the security community: Attacks always get better. The latest case where that holds true is for the aging RC4 cipher that’s still widely used to encrypt communications on the Internet.