Cybercrime Week in Review 19 December 2015
Understanding bitcoin – the virtual currency of choice for cybercriminals and terrorists (#PhishLabs)
Bitcoin is a decentralized, P2P network-based virtual currency that has only grown in popularity and controversy since its creation in 2008. It is believed that more than 100,000 legitimate businesses accept Bitcoins and 95 percent of all cryptocurrency transactions utilize BTC.
RAT trap: Norway police nab five in remote-access Trojan Europol swoop (#ZDNet)
Norway’s Kripos national criminal investigation service today announced the arrest of five males, aged between 16 and 24 years, for possessing, using, and selling malware.
Don’t Be a Victim of Tax Refund Fraud in ’16 (#KrebsOnSecurity)
With little more than a month to go before the start of the 2016 tax filing season, the IRS and the states are hunkering down for an expected slugfest with identity thieves who make a living requesting fraudulent tax refunds on behalf of victims. Here’s what you need to know going into January to protect you and your family.
VTech hack arrest over leak of 727,000 children’s profiles (#Wired UK)
A 21-year-old man from the UK has been arrested in connection with the VTech hack that saw millions of customer details from around the world taken from the toy manufacturer.
Joomla patches critical remote execution bug (#CSO)
The open-source project behind the widely used Joomla content management system has issued a patch for a vulnerability that is now being widely used by hackers.
Landmark EU Data Protection Laws Near Finishing Line (#Info Security)
The EU Parliament and Council finally agreed on a text for the long-awaited General Data Protection Regulation yesterday, in a deal which could lead to fines of 4% of annual turnover for firms which break the rules.
OFFICIAL! Good passwords more difficult than rocket science (#Naked Security)
While the UK is celebrating the arrival of British astronaut Tim Peake at the International Space Station, a reminder that rocket science is alive and well…the European Space Agency (ESA) is living down a database breach that took place over the weekend, in which three tranches of data were dumped anonymously, for the lulz.
19-Year-Old Teen Steals $150,000 by Hacking into Airline’s Website (#Hacker News)
That’s exactly what a 19-year-old teenager did and made approximately 1.1 Million Yuan (£110,000 or $150,000) by hacking into the official website of an airline and using the stolen booking information to defraud hundreds of passengers.
Three Colorado Safeway stores involved in skimming breach (#Denver Post)
Skimmers were found on three point-of-sale machines in the self-checkout areas of the stores at 9160 W. Colfax Ave. in Lakewood; 3800 W. 44th Ave. in Denver; and 27152 Main St. in Conifer, said Safeway spokeswoman Kris Staaf.
At least 10 major loyalty card schemes compromised in industry-wide scam (#The Register)
The reward schemes of at least 10 leading retailers have been compromised by hackers, with numerous fraudulent loyalty point accounts available on the dark web in exchange for Bitcoin, according to security experts.
In other Security News…
Police investigating the hacking of Chinese toy company Vtech have made an arrest. On Tuesday, U.K. police arrested a 21-year-old man on suspicion of two offenses under the Computer Misuse Act: unauthorized access to a computer, and causing a computer to enable unauthorized access to data.
Trend Micro predicts that one of the most successful infection vectors around – malvertising – might finally be on the way out in 2016 thanks to a rise in awareness and increased availability and use of ad-blocking technology. But beware: cybercriminals are a resilient bunch.
Twitter has issued its first ever warning about a possible hack by state-sponsored actors, as the social media site steps up its scrutiny of possible security breaches. The alert highlights growing concern over hacking activity backed by foreign governments after a year in which high-profile cyber attacks included the breach of 22m personnel profiles at the US Department of Homeland Security.
In an effort to start having serious conversations around how to address the issue, the Consumer Technology Association and CyberVista Inc. will host the first-ever Cybersecurity Forum at CES 2016. The event will feature a lineup of cyber experts, including Tom Kellerman, Chief Cybersecurity Officer at Trend Micro.
2015 was yet another exciting (and terrifying) year for the security industry. Growth for the market is astronomical, with worldwide information security spending expected to hit $75.4 billion in by the end of the year, according to Gartner. At the same time, the threats have become more serious than ever with a continued onslaught of breaches across every industry.
Privacy advocates have launched a last-ditch campaign to block a major piece of cybersecurity legislation that could soon be added to an expected omnibus spending deal. The bill would encourage companies to share more data on hackers with the government.
Cybersecurity researcher Peter Kruse, founder of CSIS Security Group in Denmark, thought his mother was calling. Her number appeared on his phone, but when he answered, it wasn’t her. Instead, a male voice told him to stop what he was doing as a computer expert. While this secretive lifestyle might be alluring to some, most cybersecurity researchers are, by nature, geeks. Computer science taught in high-school and at university level did not prepare them for what can only be described as spy games.
Notable news stories and security related happenings:
The Enterprise Strikes Back: Finding a New Hope in the Fight against Data Breaches. “In ‘Offense Informs Defense: Minimizing the Risk of a Targeted Attack,’ an upcoming session at ALM’s cyberSecure event, security experts Eduardo Cabrera and Pamela Passman will shed light on the people and motivations behind hacks, how attacks work, and the information that hackers want to steal.” (Source: #LegalTech News)
A Search Engine for the Internet’s Dirty Secrets. “Those behind Censys and Shodan can agree that making it easier to ferret out flaws in the Internet should make it more secure. Matherly says his tool has led to over 100,000 industrial control systems being properly secured and helped with the shutdown of numerous servers used by criminals to control malware.” (Source: #MIT Technology Review)
“Backstabbing” Malware Steals Mobile Backups Via Infected Computers. “In this day and age, our mobile devices carry more personal and business information than any other electronic device. Is it any wonder, then, that attackers want to have access to them? But sometimes they can’t find a way in, and opt for the second-best option: stealing mobile backup files from the victims’ computer.” (Source: #Help Net Security)
Windows’ Nemesis: Pre-boot Malware Pwns Payment Processors. “Cybercrooks targeting payment card data have developed a sophisticated malware that executes before the operating system boots. Security researchers at FireEye / Mandiant came across the rarely seen so-called bootkit technique during a recent investigation at an organisation in the financial transaction processing industry.” (Source: #The Register)
Average Age of Cyber-attack Suspects Drops to 17. “The average age of suspected cyber-attackers has dropped dramatically to just 17, the National Crime Agency has said. Experts believe the “kudos” of committing crime lures teenagers on to the wrong side of the law, and pranks used in online gaming can spiral out of control.” (Source: #The Guardian)
Attackers are Building Big Data Warehouses of Stolen Credentials and PII. “According to McAfee Labs, attackers are linking stolen personally identifiable information (PII) sets together in Big Data warehouses, making the combined records more valuable to cyber-attackers. The coming year will see the development of an even more robust dark market for stolen PII and usernames and passwords, according to McAfee Labs.” (Source: #CSO Online)
Facebook hoax alert! No, Mark Zuckerberg is not giving $4.5m to people like YOU and ME. “Here are some clues that this is one is bogus: First, it might remind you of a hoax about Facebook donating money for a boy’s life-saving surgery after he got shot while saving his sister from a rapist… … Money to be donated based on the number of times the message was shared, that is.” (Source: #Sophos’s Naked Security Blog)
100,000 Laptops and Phones Left in UK Bars Each Year. “UK bars guzzle up a staggering 138,000 mobile phones and laptops each year, and alarmingly 64 percent of the devices do not have any security protection installed, which means anyone can gain access to the contents they hold.” (Source: #Help Net Security)
The Problem with Email: The Security and Challenges of Corporate’s Favorite Communication Method. “Email practices are one of the most vexing and pressing concerns for companies. Even though other media are now being adopted, email is still the primary method of business communication. Unfortunately, it also creates inefficiencies and presents tremendous cybersecurity risks.” (Source: #LegalTech News)
Airline Customers’ Data Exposed by HTTPS Hole – Report. “Serious security holes have been found in the mobile sites and apps of several big name airline and rail companies, exposing payment data and sensitive personally identifiable information (PII). Security vendor Wandera notified 16 companies including easyJet, Chiltern Railways, Aer Lingus, AirAsia and Air Canada—although its investigation is still ongoing.” (Source: #InfoSecurity Magazine)