Posts Tagged ‘cybercriminals’

HackersInternational criminal group in just a few hours stole $ 45 million: having got access to a database on debit cards, they to remove cash in ATMs worldwide. According to prosecutor’s office of the USA, some thousand thefts from ATMs with use of duplicates of cards with a magnetic tape on which the data of clients of Middle Eastern banks obtained by hackers were put were made.

As prosecutor Lauretta Lynch notes, swindlers acted with a tremendous speed, working with small gangs worldwide, including in New York. On suspicion in theft seven citizens of the USA which have arrived to the country from Dominican Republic are already arrested. (more…)

Twitter hackedThe attack can be achieved by the introduction of Javascript code in your account page in the social network.

In one of the most popular social networks Twitter world was discovered malware aimed at social network users. This was reported by Tanya Shafir,  Trusteer’s researcher.

As declare in the company, the malicious software carries out MitB-attacks, using the web browser of the infected computers thanks to what get access to the account to Twitter from which the attackers and spread malicious entries. (more…)

Trend MicroIn 2012, the Android platform is five times ahead of Windows on the number of created malicious software for it – this is one of the key findings of new studies prepared by analysts Trend Micro Marlow, United Kingdom, January 28, 2013.

According to reports from Trend Micro, dedicated to the study of trends and cyber security of mobile devices (Trend Micro 2012 Annual Roundup and Mobile Security), in the 2012 range of targets of hackers has expanded to include not only PCs but also devices running Android, social media platforms and even Mac OS X.

In particular, at least for the last three years the number of malicious programs for Android caught up with the number of malware for Windows, created in 14 years. Projected Trend Micro, the number of threats for Android users this year will overcome the mark – 1 million. (more…)

AmazonSupport online store Amazon is so good that allows you to chat without logging on (or by phone).

Moreover, they are so ready to meet customers that we can change the address made by the order.

It’s just a gift for the social engineer.

For standard store’s clients is very convenient: the unexpected move or trip the customer can call to Amazon (or exit the chat) – and ask them to forward the last order at the new address.

But it is also convenient for attackers. Recently, more and more often we hear that the attackers redirect foreign orders Amazon to yourself.

Fraud scheme looks like this:

1. We learn the order number of the form 103-4XXXXXX-XXXXXXX. Amazon order numbers with the list of items sold on underground forums. Social engineer can even choose an appropriate order to the goods that he needs. (more…)

HackersAccording to experts, cyber criminals target, at least 30 major U.S. banks.

Antivirus company McAfee researchers found that cybercriminals are preparing a number of large-scale attacks against the United States, which would be implemented in the spring of next year.

As it became known to the experts, the project named ‘Blitzkrieg’ should destabilize the system of U.S. online-banking.

As the hacker under ‘vorVzakone’ nickname reported, preparation for implementation of the project began in September of the current year. Then malefactors started uniting in the groups capable ‘to strike blow’ to the USA at any time.

According to the cybercriminal, in plans of hackers – attacks to 30 American banks at which carrying out malefactors intend to use the Trojan programs being more effective, than the Zeus or SpyEye tools.

Experts of McAfee established that hackers plan to use the modified virus Gozi Prinimalka developed on the basis of a trojan created in 2008 of Gozi. (more…)

Computer VirusesExperts from the Israeli company Seculert, which is responsible for IT security, reported the discovery of an unusual virus, which in recent months has infected POS terminals in 40 countries.

While infecting the virus, called on the line in some components of the virus, steals cardholder data passing through the affected terminal. According to experts, now has stolen data on tens of thousands of credit and debit cards.

The virus infects Dexter POS running of Windows, stores large retailers, as well as hotels, restaurants and even in offices of private car parks. Dexter the first samples of the virus were found in studies of other threats. When experts analyzed the virus, they were able to gain access to the management server, which is located in the Seychelles. It is on this server passed the stolen data on bank cards.

In addition to information on payment cards, the virus sends Dexter to the management server list of processes running on the affected system. After receiving the list, cybercriminals verify compliance processes to a particular set of programs for the POS. If any of the processes corresponding to a specific software, the hosts of the virus cause the virus to capture memory and transmit the image to the management server. (more…)

Cloud Browsers

Cloud Browsers for Hackers

Cloud browsers – for example, Opera Mini, Amazon Silk Could or Puffin Browser – can give hackers free computing resources.

This conclusion was made by U.S. researchers, who showed to anonymously use the processing power of cloud browsers.

Cloud browsers provide user interface, and a significant part of computational problems related to the processing of the web page, they are transmitted to the remote execution server. Therefore, this type of browsers most relevant for mobile devices, which have a smaller than desktop computers computing resources. With the increasing use of smartphones and tablets cloud browsers are becoming more popular and increasingly attracted the attention of cybercriminals and security experts.

Using the model of distributed computing Google MapReduce, an American research team led by William Enck was able to successfully execute a number of standard features in cloud computing infrastructures multiple browsers. In fact, the researchers have shown the possibility of free use cloud browsers to meet foreign challenges. (more…)

Phishing

Spear fishing

The company Trend Micro, presents the results of a new study of targeted attacks, the material for which was collected in the period from February to September of this year. According to the results, 91% of targeted attacks begin with sending messages ‘Spear fishing’.

These results confirm our earlier conclusion that targeted attacks often begin with ‘stuff’, such as e-mail messages designed to persuade the recipient to open a malicious file as an attachment or click on a link leading to a site with malware or exploits.

Spear fishing – a new type of phishing attack, a distinctive feature – the use of malicious information on the alleged victim to make the message more ‘individual’ and better disguise their intentions. For example, these may contain a reference to the addressee by name, position and title instead of the standard ‘de-identified’ titles like “Good day,” or “Dear Sirs.” (more…)

DDoS attack alertAccording to researchers of Group-IB, hackers even more often resort to more profitable types of fraud.

According to experts of the Group-IB company, DDoS-attack as the type of criminal earnings loses the popularity among hackers in favor of more profitable bank fraud.

Botnets, used by malefactors both for carrying out DDoS-attacks, and for a compromise of systems of the remote bank service (RBS), have identical structure, however it is possible to use them differently.

On stealing from DBS systems swindlers can earn to 26 million dollars a month. On DDoS-attacks — to 5 thousand dollars a week. Attack to Internet banking by it more favourably.

At the high income the special software used by malefactors, it is possible to update for his developers for a fee. such service can cost to 35 thousand dollars a month. (more…)

HackersCybercriminals are heavily used in their illegal activities of the Joint European domain .eu, the report said the British antivirus company Sophos. “The number of malicious domains .eu growing. Many malicious domains were registered in November to distribute a set of exploits Blackhole”, – said Fraser Howard, anti-virus specialist Sophos.

Blackhole is a set of Web-based attacks exploits targeted at different browser vulnerabilities and plug-ins, such as Adobe Reader, Flash Player or Java Plug-in to infect users’ computers. The latest wave of attacks recorded by Sophos, cyber criminals attacked randomly selected .eu-domains, trying to place them malicious code. In addition, the attackers use specially registered domains to attack the computers of end users. A significant number of malware .eu-domains have been registered with the Czech Republic.

“The life of such domains is small, each specific to the server name indicates only a short period of time, after which the organizers determine the domain to the new server. Overall, this technique is customary for such an attack, because it makes it difficult to close a particular server and filtering traffic due change IP-addresses “- says Howard. (more…)