Wednesday, September 30, 2009

New Trojan Balances Your Checkbook

"New malware being used by cybercrooks does more than let hackers loot a bank account; it hides evidence of a victim’s dwindling balance by rewriting online bank statements on the fly, according to a new report.

"The sophisticated hack uses a Trojan horse program installed on the victim’s machine that alters html coding before it’s displayed in the user’s browser, to either erase evidence of a money transfer transaction entirely from a bank statement, or alter the amount of money transfers and balances.

"The ruse buys the crooks time before a victim discovers the fraud, though won’t work if a victim uses an uninfected machine to check his or her bank balance.

"The novel technique was employed in August by a gang who targeted customers of leading German banks and stole Euro 300,000 in three weeks, according to Yuval Ben-Itzhak, chief technology officer of computer security firm Finjan."

More at Wired...

Twit PWNAG3 "Rampant"

"Social networks are rapidly becoming a primary channel to market for malware distributors and other cyber-criminals as the use of popular sites such as Twitter continues to take off, and the communications vehicles subsequently create new opportunities for attackers to hide their threats using features such as so-called link shorteners.

"Attackers have been working to infiltrate and abuse social networks for years, but the issue is becoming truly pervasive nowadays as they shift even more of their efforts away from more traditional electronic messaging systems and distribute a greater share of their nefarious content over so-called Web 2.0 sites, in particular Twitter, according to Symantec security researcher Ben Nahorney.

"The distribution of malware infection links over Twitter has become particularly problematic of late, Nahorney noted in a recent blog post. Since the 140 character limit for posts to made over micro-blogging platform has lead to widespread use of URL-shorteners obscure address details, and even savvy users of Twitter are likely taking bigger risks, the implication appears to be...

More at eWeek...

Tuesday, September 29, 2009

IT Employee Of The Week

"In a twist of Alanis Morrissettian irony, a man serving a six-year prison sentence for stealing millions of dollars through online credit card fraud recently succeeded in (surprise!) hacking into his prison's computer network, effectively paralyzing the entire system. The really incomprehensible part, though, is that officials at Ranby Prison, close to Retford, Nottinghamshire, England, gave him access to the computer.

"Apparently in dire need of an internal TV station at the facility, officers decided against hiring a third party (e.g., not a convicted hacker) to set up the system. They instead opted to keep the operation in (the Big) house, delegating the duty to one Douglas Havard. So, as convicted hackers are wont to do, Havard, left unguarded, worked his way into the prison's hard drive, and set up a labyrinth of passwords to lock everyone else out of the system....."

More at


"Employee misconduct investigations, often involving workers accessing pornography from their government computers, grew sixfold last year inside the taxpayer-funded foundation that doles out billions of dollars of scientific research grants, according to budget documents and other records obtained by The Washington Times.

"The problems at the National Science Foundation (NSF) were so pervasive they swamped the agency's inspector general and forced the internal watchdog to cut back on its primary mission of investigating grant fraud and recovering misspent tax dollars.

"`To manage this dramatic increase without an increase in staff required us to significantly reduce our efforts to investigate grant fraud,` the inspector general recently told Congress in a budget request. `We anticipate a significant decline in investigative recoveries and prosecutions in coming years as a direct result.`"

More at The Washington Times...

Monday, September 28, 2009

Finally, A Market For Macs

"New research from Sophos underscores a growing interest in the Mac among cyber-criminals.

"In a presentation at Virus Bulletin's VB Conference, in Geneva, Sophos Labs researcher Dmitry Samosseiko revealed a malware affiliate network offering 43 cents per infected Mac computer. The offer was the work of a larger network of Russian spammers, malware authors and businesspeople pushing everything from phony watches to medications—an alliance he called the `Partnerka.`

"This goes to show that Apple Macs, which are targeted far less than Microsoft Windows PCs, are not without security threats..."

From eWeek...

Thursday, September 24, 2009

Report: "Complacent Consumers" Responsible For Rise In Cybercrime

New Low In Blaming The Victim

"UK cybercrime has rebounded to worrying levels, not seen since 2006, as a result of the recession and consumer complacency, according to Garlik's annual UK Cybercrime report.

"The report, which analyses publicly available data to build a comprehensive view of cybercrime in the UK, revealed that during 2008 cybercriminals adapted to the social and economic changes in the UK to exploit victims in new ways and commit over 3.6 million criminal acts online (that’s over one every 10 seconds). In addition, the researchers believe that there is a growing complacency amongst consumers demonstrating poor understanding of their responsibility to protect their personal information against fraud.

"One of the most significant changes in cybercrime has been the 207% increase in account takeover[1] fraud indicating that criminals have now shifted their efforts from opening new accounts with stolen identities to accessing existing accounts. Savvy criminals have got round the drying up of available credit in the current economic climate to maintain their illegal activities.

"`We fear that account takeover fraud will continue to increase in 2009 due to the decline of available credit and tighter credit checking by the banks,` commented Tom Ilube, CEO, Garlik. `Consumers must be extra vigilant of all their online and financial accounts as well as avoiding increasingly convincing phishing scams.`"


Wednesday, September 23, 2009

If You Can't BEAT 'EM, SUE 'EM!

"Microsoft has filed what are believed to be the first lawsuits designed to stop the growing practice of malvertising

"The company has filed five suits against unnamed individuals who it has accused of posting malicious and deceptive code through ads on its MSN advertising network.

"The suits allege that individuals using the business names Soft Solutions, Direct Ad,, ITmeter INC, and used malvertisements to distribute the malicious software or present deceptive websites that peddled scareware to unsuspecting online users.

"Associate general counsel Tim Cranton said that although Microsoft doesn't know the names of the specific individuals involved, by filing the civil suits in a US court it hoped to uncover the individuals responsible and prevent them from continuing to deploy malvertising.

"`We hope that today's filings will help deter malvertising in the future,` Cranton said in a blog post. The documents were filed in King County Superior Court in Seattle, Washington."