Showing posts sorted by relevance for query cyber criminals. Sort by date Show all posts
Showing posts sorted by relevance for query cyber criminals. Sort by date Show all posts

Internet Criminals Targeting Smaller Companies

Posted by Avik Sarkar On 5/02/2011 05:57:00 pm


Last week Sony announced that its PlayStation Network fell victim to hackers. This was embarrassing for the company, worrisome for gamers and just proved that big companies remain targets. But last week Verizon also released its annual Data Breach Investigation and there was good news and bad news.
The good was that cyber criminals were far less successful in 2010, with the amount of data that was obtained or compromised falling dramatically last year. One reason cited is that law enforcement has begun to crack down on cyber crime, with one individual receiving a 20-year prison sentence last year. In total the Secret Service arrested more than 1,200 suspects last year for cyber crime violations.
So what’s the bad news? Instead of targeting large companies, it seems the new breed of cyber criminals is going after smaller companies that tend to be less well-guarded. According to reports, about 40 percent of the breaches were in the hospitality industry, 25 percent in retail and 22 percent in financial services.
Attacks against small business have been on the rise since 2008, and in according to a recent report from KnowBe4 in 2009 cyber criminals extracted nearly $400,000 from a Florida dentist’s account! Talk about a painful extraction.
But it was also a savvy style of attack, where Robert Thousand Jr. received thousands of calls to his business, home and mobile phones. These calls consisted of 30-second long recorded messages from a sex hotline – and these were done to keep Thousand’s phone lines tied up while cyber criminals made five transfers totaling $399,000 from a TD Ameritrade retirement account.
Cyber criminals also targeted lawyer Kimberly Graus, bypassing her anti-virus software to initiate $35,000 in wire transfers from a trust fund she managed. She was likely the victim of a phishing attempt, which installed malware that allowed hackers to capture her account passwords.
Both Graus and Thousand had virus protection in place, but today’s savvy hackers are finding inventive ways around it.
Part of the issue for small business is that identity theft is often a large component of the cyber crime. When fraud strikes it reportedly costs the average consumer $631 and take on average 130 hours to recover from identity theft
The good news is that help may be on the way. Last month President Barack Obama stated that he is looking to create an “identity ecosystem” that could include unique software that creates one-time digital passwords. This is part of the National Strategy for Trusted Identities in Cyberspace (NSTIC).
The most important thing to do is to always be on guard, and not to be the low hanging fruit for cyber crimina

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

UK is Enhancing Cyber Security to fight Against Hackers

Posted by Avik Sarkar On 7/07/2011 12:11:00 am

The fight against cyber crime needs a stronger common international legal framework to enable perpetrators outside the country of their victims to be tracked down and punished, a British security official said on Tuesday.
James Brokenshire, a Home Office (Interior Ministry) Minister for Crime and Security, added in remarks to reporters that governments and companies had to work much more closely together to fight the "scammers, fraudsters and hackers" who were creating a truly global problem.
"Active international partnerships are central to tackling cyber crime," he said. "There needs to be an international response including international treaties, bilateral treaties and common agreements between countries." A priority for governments is to find ways of hunting criminals across borders and ensuring they are punished, but many nations lack a common definition of cyber crime or common legal standards that would enable prosecutions of criminals operating offshore. Security experts have long said the core problem has been that nations are thinking too parochially about their online security to collaborate on crafting global cyber regulation.
High-profile online assaults in recent weeks have targeted the International Monetary Fund, the U.S. Central Intelligence Agency and the U.S. Senate, and companies such as Citigroup and Lockheed Martin Corp. The raids have raised doubts about the security of government and corporate computer systems and the ability of law enforcement to track down hackers. Saying there should be "no safe haven" for online criminals, Brokenshire added that governments had to work with the private sector to provide technical expertise to police in those countries that lacked the resources to fight cyber criminals.

He was speaking at the launch of the International Cyber Security Protection Alliance (ICSPA), a global not-for-profit organisation that aims to channel funding, expertise and help directly to law enforcement cyber crime units around the world.The venture, which will seek funding from the European Union, governments of the United States, Canada, Australia, New Zealand and Britain, and private sector companies, plans to work in partnership with European police agency EUROPOL.
Rik Ferguson, Director of Security Research at Trend Micro said areas of concern to ICSPA included Brazil, which had expertise in banking malware, China, where computers were often used by criminals elsewhere to host attacks in third countries, and Russia and Ukraine.Companies supporting the venture include McAfee , Cassidian, Trend Micro, Yodel, Core Security Technologies, Visa Europe , Shop Direct group, A&REdelman, Transactis and Article10. Cyber crime costs the British economy some 27 billion pounds ($43.5 billion) a year and appears to be "endemic", according to the first official government estimate of the issue published in February 2011.
Brokenshire's call echoes remarks by U.S. Secretary of Homeland Security Janet Napolitano who said last week that cyber criminals were outwitting national and international legal systems that fail to embrace technological advances.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

3 Russian Cyber Criminal Who Was The Master Mind of Banking Trojan 'Gozi' Charged in New York

Posted by Avik Sarkar On 2/01/2013 08:53:00 pm

3 Russian Cyber Criminal Who Was The Master Mind of Banking Trojan 'Gozi' Charged in New York 

Yet again another serious issue of cyber crime get resolved when the FBI tracked and figured out the master mind of infamous 'Gozi banking Trojan' which effected more than millions of system world wide, including a handful at NASA, leading to tens of millions of dollars in lost banking funds and damages to computer systems and networks. Three alleged international cyber criminals from Russia, responsible for creating and distributing 'Gozi' that infected over one million computers and caused tens of millions of dollars in losses charged in Manhattan Federal Court. Mihai Ionut Paunescu aged 28, a Romanian, Deniss Calovskis, 27, a Latvian, and Nikita Vladimirovich Kuzmin, 25, of the Russian Federation, are charged with computer intrusion, conspiracy to commit bank and wire fraud and access device fraud. Federal authorities said the three were arrested last week; Kuzmin is being held in New York, while Paunescu is in custody in Romania and Calovskis in Latvia. 
According to the press release of FBI -Deniss Calovskis, a/k/a “Miami,” a Latvian national who allegedly wrote some of the computer code that made the Gozi virus so effective, was arrested in Latvia in November 2012. Mihai Ionut Paunescu, a/k/a “Virus,” a Romanian national who allegedly ran a “bulletproof hosting” service that enabled cyber criminals to distribute the Gozi virus, the Zeus trojan, and other notorious malware and to conduct other sophisticated cyber crimes, was arrested in Romania in December 2012. 

The cases are being handled by the Complex Frauds Unit of the United States Attorney’s Office. Assistant United States Attorneys Sarah Lai, Nicole Friedlander, and Thomas G.A. Brown, along with Trial Attorney Carol Sipperly of the Computer Crime and Intellectual Property Section of the Department of Justice on the Paunescu case, are in charge of the prosecution. The charges contained in the Indictments are merely accusations, and the defendants are presumed innocent unless and until proven guilty.

DefendantAge and ResidenceChargesMaximum Penalty
Nikita Kuzmin25; Moscow, RussiaConspiracy to commit bank fraud; bank fraud; conspiracy to commit access device fraud; access device fraud; conspiracy to commit computer intrusion; computer intrusion95 years in prison
Deniss Calovskis27; Riga, LatviaConspiracy to commit bank fraud; conspiracy to commit access device fraud; conspiracy to commit computer intrusion; conspiracy to commit wire fraud; conspiracy to commit aggravated identity theft67 years in prison
Mihai Ionut Paunescu28; Bucharest, RomaniaConspiracy to commit computer intrusion; conspiracy to commit bank fraud; conspiracy to commit wire fraud60 years in prison


Brief About Gozi:-
The Gozi virus is malicious computer code, or “malware,” that steals personal bank account information, including usernames and passwords, from the users of affected computers. It was named by private sector information security experts in the U.S. who, in 2007, discovered that previously unrecognized malware was stealing personal bank account information from computers across Europe on a vast scale, while remaining virtually undetectable in the computers it infected. To date, the Gozi virus has infected over one million victim computers worldwide, among them at least 40,000 computers in the U.S., including computers belonging to the National Aeronautics and Space Administration (NASA), as well as computers in Germany, Great Britain, Poland, France, Finland, Italy, Turkey, and elsewhere, and it has caused tens of millions of dollars in losses to the individuals, businesses, and government entities whose computers were infected.

The Gozi virus was distributed to victims’ computers in several different ways. In one method, the virus was disguised as an apparently benign .pdf document which, when opened, secretly installed the Gozi virus on the victim’s computer. Once installed, the Gozi virus—which was intentionally designed to be undetectable by anti-virus software—collected data from the infected computer in order to capture personal bank account information including usernames and passwords. That data was then transmitted to various computer servers controlled by the cyber criminals who used the Gozi virus. These cyber criminals then used the personal bank account information to transfer funds out of the victims’ bank accounts and ultimately into their own personal possession.


For Detailed Information Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Cyber crime gets more personalised

Posted by Avik Sarkar On 4/24/2011 02:52:00 pm


Rajesh, a Bangalore-based software engineer received an e-mail from the Income Tax department saying that the department had reviewed his ‘tax fiscal payments’ for previous months and his ‘returns filed online’, and that he is eligible for a tax refund of Rs 40,135.50. However, what made him curious was the fact that he did not file his IT returns online.
The e-mail also contained a link for further details. He wasn’t convinced and checked the address of the sender; the id was same as that of the I-T department. However, when he clicked on the link he sensed he was the target of a cyber attack.
“I clicked the link, but when I saw some Brazilian ads on the website I got suspicious. Luckily, I didn’t reveal any important information,” says Rajesh.
Rajesh is one of the many tax payers in the country, who are facing such attacks at the beginning of the new financial just at the time of filing I-T returns. According to security experts, cyber criminals with an intention of stealing money and other personal information of netizens are becoming increasingly active. These perpetrators closely monitor netizens’ day to day activities on the Web and plan attacks. “Today’s phishing sites and spam e-mails are sophisticated enough to look identical to a legitimate e-mail and can easily betray you,” said a security expert.
A recent study by security solutions provider Websense says that 93 per cent of emails are spam. Of these, 2.5 per cent are phishing attacks. Another trend emerging is the attack based on search words. The search terms and trends vary based on the geography and seasons. For example, the subject lines of the recent spam mails and phising mails were Egypt revolution, Libyan unrest, and Japan tsunami among others.
Vinoo Thomas, technical product manager, McAfee Labs says: “Spammers and cyber criminals track most searched words and plan an attack accordingly. Earlier, the attacks were based depending upon festive seasons and other occasions, but now they are targeted at the individual level.”
As social media platforms such as twitter, Facebook and Orkut are gaining more acceptance, criminals also track these social networks and gather an individual’s personal information. Spear phishing is a more targeted and dangerous form of phishing attack. The e-mails are targeted at a particular user; the spear phisher thrives on familiarity by knowing the name, email address, etc.
“Criminals follow you on social networks, which gives them details about your location and background. This helps them reach you and send you spam mails,” said Anand Naik, Director, Systems Engineering, Symantec.
These days spam mails also originate with links of malicious sites, and on clicking them malicious content or codes are downloaded to the system. Spammers use URL shortening services to direct users to malicious links without their knowledge.
According to a data from Symantec, in March this year, 83.1 per cent of global spam was sent from botnets. Botnets have been and remain a destructive resource for cyber criminals. In addition to anonymous spam-sending, many botnets can be used for a number of other purposes, such as launching distributed denial of service attacks, hosting illegal website content on infected computers and installing spyware to track the activities of the users.
The study also said that India is among the top three countries for both infections for the five biggest spam-sending botnets — Rustock, Bagle, Festi, Cutwail and Lethic.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Reports Increased Cyber Scams

Posted by Avik Sarkar On 5/13/2011 10:36:00 pm



Cyber criminals are increasingly targeting consumers with “marketing-like” approaches, according to the security intelligence report released by Microsoft.
As the general public becomes more aware of cybercrime, cybercriminals have gotten more sophisticated and continue to evolve their attack methods.
Microsoft’s latest report found that attacks were being run like marketing campaigns with fake product promotions, especially during events that generate a lot of media attention.
A “polarization” of cybercriminal behavior was discovered by the report, with a surge in the use of “marketing-like” deception tactics to steal money from people.
On one side, highly skilled criminals exploit the vulnerability in systems and networks of a targeted environment by acquiring special intelligence and using social engineering to trick intended victims in pursuit of a large payoff, the report says.

While on the other side are cybercriminals that use more “accessible methods, including social engineering tactics and leveraging exploits created by the more skilled criminals, to take a small amount of money from a large number of people.”
With the increased popularity of social networking, criminals create new opportunities to directly affect individuals as well as their friends, colleagues and family through impersonation, the report says.
In addition, these social engineering techniques trick people with false advertisements, fake security software, and pay-per-click schemes that generate cash when Internet links are activated, Microsoft reports.
"With more consumers and devices coming online every day, cyber criminals now have more opportunities than before to deceive users through attack methods like adware, phishing and rogue security software," Graham Titterington of Britain-based analyst firm Ovum told the AFP news agency.
"It's becoming increasingly difficult for consumers to decipher legitimate communications and promotions given the sophistication of tools criminals are using."
Rogue security software, or “scareware,” are virus software used to dupe Internet users by pretending to find viruses and other problems on computers and then offering to sell a program to fix the issue, according to AFP. In 2010, Microsoft reported that it detected and blocked this type of software on almost 19 million systems.
In addition, Microsoft reports that phishing targeted at online gaming sites reached a high of 16.7 percent of all phishing online. Phishing tactics, which use social networking as the “lure,” increased 1,200 percent from a low of 8.3 percent in January to a high of 84.5 percent in December of 2010.
Furthermore, Microsoft reports that Adware, which uses software crated to infect machines with pop-up advertisements, also increased by 70 percent from the second quarter to the fourth quarter of 2010.Two new Adware families that are the most prevalent malware in many countries, JS/Pornpop and Win32/ClickPotato, were responsible for the increase.
To guard against these growing threats, computer users are advised to update their computers with reputable security software, and by not clicking on links or opening files without making sure that they are safe.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

DHS Issues Malware Warning Impersonating FBI & US Cyber Command

Posted by Avik Sarkar On 8/31/2012 06:05:00 pm


DHS Issues Malware Warning Impersonating FBI & US Cyber Command

If you think that only innocent computer users are just the only target of cyber criminals, then you are absolutely wrong. Recently United States Computer Emergency Readiness Team, widely known as US-CERT; which is a part of Depertment of Homeland Security's (DHS) National Cyber Security Division has issued an emergency alert wile announcing a new effort by cyber criminals to spread Malware that impersonates Federal law enforcement (FBI) and other government agencies. The malware is a malicious software that installs itself on a users computer without a users permission or knowledge, “displays a screen claiming that a Federal Government agency has identified the user’s computer as being associated with one of more crimes,” reports the US-CERT alert. Explaining further, the malware then instructs the victim “to pay a fine to regain the use of the computer, usually through prepaid money card services.” The appearance of the message displayed on a users screen is intended to seem like a legitimate and official looking warning from the FBI or US Cyber Command. In turn, the impersonation effort by the cyber criminals seeks to leverage this to scare victims into paying the so-called fine immediately.
“Affected users should not follow the payment instructions,” US-CERT recommends, adding, “Users may also choose to file a complaint with the FBI’s Internet Crime Complaint Center.” 


In their release US-CERT states:-
“US-CERT is aware of multiple malware campaigns impersonating multiple U.S. government agencies, including the United States Cyber Command (USCYBERCOM) and the Federal Bureau of Investigation (FBI). Once installed on a system, the malware displays a screen claiming that a Federal Government agency has identified the user's computer as being associated with one or more crimes. The user is told to pay a fine to regain the use of the computer, usually through prepaid money card services.”








SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Gang of Cyber Criminals Arrested For Stealing $7 Million From Exchange Companies in Dubai

Posted by Avik Sarkar On 3/11/2013 02:54:00 am

Gang of Cyber Criminals Arrested For Stealing $7 Million From Exchange Companies in Dubai 

Yet again another infamous gang of cyber criminals who were behind the hack of more than $7 Million from exchange companies in Dubai get busted by the Dubai Police. The special Criminal Investigation Department (CID) of Dubai Police were behind these criminals for a long time, and after a certain period they successfully managed to track down and crack the cyber crime ring. Major General Khamis Matter Al Mazeina, acting chief of Dubai Police, said on last Sunday that a gang of Asians and Africans work with hackers in order to enter different websites and systems of different companies here in Dubai in order to transfer money inside and outside the country. “Cheques worth more than Dh6 billion have been found with the gang after their arrest,” he said. He also said that the gang was able to transfer more than Dh7 million from exchange companies in Dubai to their own accounts. From an exclusive report of Gulf News we came to know that the deputy director of the General Department of Criminal and Investigation for research, Colonel Salem Khalifa Al Rumaithi said the incident happened early this month when police received complaints about a scam and transfer of $2 million from a company’s account. “This was done through hacking the e-mails of this company by someone outside the UAE,” he said.
He said the hackers used to change the data of the transactions, billing, and then transfer the money into their accounts.
He said the first accused, an Asian identified as Kh. Q., used to receive the transferred funds. “He owns three luxury cars which he bought from the proceeds of such crimes,” he said. 
He said the role of the second suspect, another Asian identified as U.K., was to provide the gang with bank account numbers by creating fake companies on the internet and dealing with the victims’ accounts. “After the process of converting the money credited to the first accused U.K. used to take 3 per cent of the money and give the remaining to an African man who was the mastermind. According to Lt Colonel Saeed Al Hajeri, director of the electronic investigation department, the third suspect was identified as D.Q. from Africa.
“The role of this suspect was as a mediator between the gang members and manipulating the business processes and changing the bank accounts to any other account,” he said. The suspect admitted that he was part of the Dh4 billion scam and another Dh6 million scam.
Lt Col Al Hajeri said Dubai Police had taken the necessary measures to obtain sufficient information from the rest of the gang members who operate outside the country in African countries through Interpol. Brigadier Khalil Ebrahim Al Mansouri, director of CID, said the police team worked on arresting the gang quickly.






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

BBC Server Compromised! Russian Hackers Broke Into FTP & Tried to Sell Unauthorized Access

Posted by Avik Sarkar On 1/02/2014 11:09:00 pm

BBC Server Compromised! Russian Hackers Hacked Into FTP & Tried to Sell Unauthorized Access on The X-Mass Evening 
Earlier we have seen world renowned media houses like CNN, NBC, Fox News, Washington Post, NY Times, NDTV and so on have fallen victim to hackers and cyber criminals. Now it was the turn for world’s largest and oldest broadcaster -British Broadcasting Corporation, widely known to us as BBC. Sources revealed that cyber criminals have managed to breach the security system of BBC and secretly took over a computer server at the BBC and then launched a Christmas Day campaign to convince other cyber criminals to pay him for access to the system. The attack was first identified by a cyber security firm named Hold Security LLC, in Milwaukee that monitors underground cyber crime forums in search of stolen information. However, it is still not clear whether the hacker stole any information or data or caused any damage to the site. In conversation with press Alex Holden, founder and Chief Information Security Officer of Hold Security told -"So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC.” So far the identity of hacker has not been confirmed, but the firm researchers observed a notorious Russian hacker known by the monikers "HASH" and "Rev0lver," attempting to sell access to the BBC server on December 25. However, BBC's security team managed to secure the site on Saturday, claims a person close to clean up efforts. One of the BBC spokesman refused to comment on the issue, he said, “We do not comment on security issues.” On the other hand, Justin Clarke, a principal consultant for the cyber security firm Cylance, said that while "accessing that server establishes a foothold within BBC's network which may allow an attacker to pivot and gain further access to internal BBC resources.” So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC. But we all know that  ftp systems are typically used to manage the transfer of large data files over the Internet. That's why the chances of data breach cant not be denied at this time. For updates on this piece of news and other hot information of the cyber & tech world stay tuned with VOGH


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Cyber criminals could be costing New Zealanders $4.7 billion per year

Posted by Avik Sarkar On 4/24/2011 02:54:00 pm


Cyber criminals could be costing New Zealanders $4.7 billion per year, with businesses taking most of the hit, according to AVG.

The company's 'security evangelist' Lloyd Borrett cited the findings of a UK report by the Office of Cyber Security and Information Assurance, and found that extrapolating the UK statistics by New Zealand's GDP and population resulted in a loss of $4.7 billion.

The report found that in the UK, £27 billion are lost to cyber criminals every year, with businesses bearing £22 billion of the cost.

In Australia the extrapolated figure was AUD$22 billion per year.

“The whole pubs, clubs, cafe industry in Australia is only $11 billion," Borrett said.

Merchants took most of the hit because of credit card fraud. The customer would usually call the credit card company and cancel any illegitimate transactions, so it was businesses that lost money.

"Now, a merchant, of course you've got to educate them to be aware and sophisticated and you say, 'well, don't deal with someone in Ghana'," Borrett said.

"I've set up online shops for a few small businesses, and you tell them, 'well, we just won't deal with anyone from those countries'."

The cyber crime industry was "bigger than the drug industry", Borrett said, and had ties to the mafia and organised crime.

NetSafe executive director Martin Cocker said New Zealand was becoming more at risk of cyber crime as it was attempting to become a "digital economy" through ultra-fast broadband.

"For us, the interesting question is 'how ready is New Zealand to become a digital society?'" Cocker said.

"Are small businesses aware of what they're getting themselves into when they move to e-commerce? Are consumers really aware of the risks that they face? The answer from the research is no, not really."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet

Posted by Avik Sarkar On 12/08/2013 01:14:00 am

Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet Responsible For Infecting More Than 2 Million Computers
Redmond based software giant Microsoft yet again got a huge success against a big racket of cyber criminals while shattering one of the world's largest and most rampant botnets named 'ZeroAccess'. The Sirefef botnet, also known as ZeroAccess, is responsible for infecting more than 2 million computers, specifically targeting search results on Google, Bing and Yahoo search engines, and is estimated to cost online advertisers $2.7 million each month. Tech giant Microsoft working alongside the Federal Bureau of Investigation (FBI), Europol's European Cybercrime Centre (EC3) have successfully disrupted this notorious botnet. This is Microsoft’s first botnet action since the Nov. 14 unveiling of its new Cybercrime Center — a center of excellence for advancing the global fight against cyber crime — and marks the company’s eighth botnet operation in the past three years.

“This operation marks an important step in coordinated actions that are initiated by private companies and, at the same time, enable law enforcement agencies around Europe to identify and investigate the criminal organizations and networks behind these dangerous botnets that use malicious software to gain illicit profits,” said Troels Oerting, head of the EC3. “EC3 added its expertise, information communications technology infrastructure and analytic capability, as well as provided the platform for high-level cooperation between cyber crime units in five European countries and Microsoft.”
Due to its botnet architecture, ZeroAccess is one of the most robust and durable botnets in operation today and was built to be resilient to disruption efforts, relying on a peer-to-peer infrastructure that allows cyber criminals to remotely control the botnet from tens of thousands of different computers. ZeroAccess is used to commit a slew of crimes, including search hijacking, which “hijacks” people’s search results and redirects people to sites they had not intended or requested to go to in order to steal the money generated by their ad clicks. ZeroAccess also commits click fraud, which occurs when advertisers pay for clicks that are not the result of legitimate, interested human users’ clicks, but are the result of automated Web traffic and other criminal activity. Research by the University of California, San Diego shows that as of October 2013, 1.9 million computers were infected with ZeroAccess, and Microsoft determined there were more than 800,000 ZeroAccess-infected computers active on the Internet on any given day.



How It Happened:- 
Last week, Microsoft filed a civil suit against the cyber criminals operating the ZeroAccess botnet and received authorization from the U.S. District Court for the Western District of Texas to simultaneously block incoming and outgoing communications between computers located in the U.S. and the 18 identified Internet Protocol (IP) addresses being used to commit the fraudulent schemes. In addition, Microsoft took over control of 49 domains associated with the ZeroAccess botnet. A10 Networks provided Microsoft with advanced technology to support the disruptive action.
As Microsoft executed the order filed in its civil case, Europol coordinated a multijurisdictional criminal action targeting the 18 IP addresses located in Europe. Specifically, Europol worked with Latvia, Luxembourg, Switzerland, the Netherlands and Germany to execute search warrants and seizures on computer servers associated with the fraudulent IP addresses located in Europe. This is the second time in six months that Microsoft and law enforcement have worked together to successfully disrupt a prevalent botnet. It demonstrates the value coordinated operations have against cyber criminal enterprises. For more information about this botnet operation click here

ZeroAccess is counted as a very sophisticated malware, blocking attempts to remove it, therefore recommended for every Microsoft user to click Here for detailed instructions on how to remove this threat. As Microsoft found that the ZeroAccess malware disables security features on infected computers, leaving the computer susceptible to secondary infections, it is critical that victims rid their computers of ZeroAccess by using malware removal or antivirus software as quickly as possible. 
In conversation with press David Finn, executive director and associate general counsel of the Microsoft Digital Crimes Unit said -“Microsoft is committed to working collaboratively — with our customers, partners, academic experts and law enforcement — to combat cybercrime. And we’ll do everything we can to protect computer users from the sinister activities and criminal networks that victimize innocent people and businesses around the world.” 

While talking about ZeroAccess botnet take down, I would like to remind you that in Match, last year Microsoft has successfully shutdown two command and control (C&C) server of world's of the most dangerous banking trojan Zeus.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Dutch Govt. Setup National Cyber Security Centre (NCSC) To Protect Cyber-Crime

Posted by Avik Sarkar On 1/15/2012 09:56:00 pm


Now the Dutch Govt. is also paying attention to secure the Cyber Fence. To protect cyber crime and enhance cyber security The Dutch government has set up a new National Cyber Security Centre (NCSC) to deal with with the growing problem of online crime. The NCSC, which is a public-private partnership, commenced operations on 1 January 2012. Its ambition is to grow, in a phased manner, into the cooperation platform for cyber security in the Netherlands. In 2011 more than 123K web pages of Netherland was infected by Lilupophilupop attack and also recently a Hacker Group named The Hackers Army has hacked thousand of  Dutch sites while running their operation named #OPfreePalestine. Dutch cyber fence also been target from different part of the world. So this newly formed NCSC was indeed needed by Dutch Authorities.  
In the Netherlands several government departments are involved in the fight against cyber crime - and that's precisely the problem. The NCSC should improve coordination between them. The centre will bundle together a lot of knowledge and expertise. The NCSC is composed of over sixty people and will deal especially with the major issues. Wouter Stol is cyber safety expert at the NHL University of Applied Sciences in Leeuwarden.
He sees the NCSC as a good start:- "It's a clear move to streamline the approach to cybercrime. But it's not just about coordination. There's far too little knowledge in the public sector. How do you handle the problems with cyber crime? How do you organize it? Much remains to be done."

The fight against cybercrime is still in its infancy, according Mr Stol. First you have to map properly how cybercrime - nationally and internationally - actually works. Cyber criminals are a difficult group because they often don't operate from a fixed location. An efficient response is only possible through international cooperation that is fast and smooth. To keep up with the technical know-how of the cyber criminals, the government has suggested turning to "ethical" hackers. This is the group that detect various leaks and weak spots. They hack the sites of companies and governments to identify the problems, not for criminal reasons. Wouter Stol thinks that these hackers will soon be needed. "Developments in the digital world are rapid. Training a few internet producers isn't enough. Before you know it you'll be left behind. It's a good strategy to gain the latest knowledge in a flexible manner. So you also need the hackers."











SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

UK Announces Plans for ‘Cyber Reserve’ Online Crime Defence Force

Posted by Avik Sarkar On 12/08/2012 05:57:00 pm

UK Govt. Announces Plans for ‘Cyber Reserve’ Online Crime Defense Force

Earlier this week, the UK government announced that it was planning on setting up a ‘cyber reserve’ force aimed at dealing with security threats brought about by online crime. The proposed force will be run by the country’s ministry of defense and is going to allow the armed forces to draw on the nation’s computer-related talents in order to ward off online attacks and stem the tides of cyber crime. Minister for the Cabinet Office Francis Maude claims that ‘critical’ work is required in order to combat online lawbreaking. He says that nine tenths of large British corporations and three quarters of small British businesses have reported experiencing a cyber breach within the last year, meaning that this force has now become a necessity.

Cyber Crime in the UK
Research conducted by a team of academics recruited by the UK Ministry of Defense earlier this year concluded that the country spends a billion US dollars per year on protecting against and cleaning up after instances of cyber crime. This includes the cost of measures taken to safeguard bank account security and reduce computer-related fraud, the money forked out by businesses purchasing anti-virus software and the cost of removing viruses from computers. In addition to criminals, terrorists and rogue states have also targeted computers in the UK, meaning that it is not difficult to see why the country would consider setting up such a force.

More Students Trained in Tackling Cyber Crime Needed
Maude has promised to make the UK one of the safest places in the world to conduct online business. He added that further details of the ‘cyber reserve’ plans would be revealed in 2013 and said that British government agencies and departments are working with professional bodies in order to ensure that the consideration of internet security becomes an integral component of corporate governance and the risk management process. He stated that UK officials want more students in the country trained in the skills required for tackling cyber crime and pointed out that the nation’s ministry of defense is examining new methods for attracting talented cyber security specialists, as they are required for critical areas of work.

Cyber-Spying by Hostile Nations
The UK Ministry of Defence’s announcement came in the wake of revelations that hostile foreign states had carried out ‘mapping’ of the systems that control the country’s power and water supplies. Officials refused to name the nations that were believed to have carried out this mapping but there have been reports in the United States that China and Russia have conducted similar reconnaissance exercises there, which suggests that they could be the countries that are responsible for this cyber-spying activity. With this in mind, it is little wonder the UK is stepping up its security, as it wishes to safeguard vital information.

Cyber Confidence Tracker
Francis Maude stated that the increasing number of threats posed to the UK’s online security is partly down to the growth of the internet economy. He said that the country’s government cannot take sole responsibility for fighting cyber crime and emphasized the fact that individuals and businesses would also have to play their part. Next spring the UK will be taking steps to improve online security for consumers and small businesses. The nation plans on launching a ‘cyber confidence tracker’, which will keep tabs on online behaviors and perceptions about internet security in an effort to ensure that the advise that they are delivering to the public about this subject is being conveyed in the best possible way.

Implications
It appears that the UK is now taking the threat of cyber attack extremely seriously, which it is wise to do considering the increasing trend of nations targeting the infrastructures of those that they are hostile towards via the internet. This is a sign that the web is becoming the new battleground in the international struggle for power. The full extent of the country’s plans for its ‘cyber reserve’ are not yet known. It is also questionable whether it will be used solely for defense purposes. Espionage is no longer dominated by spies being physically placed in another country. It is now evidently moving online, meaning that countries are being forced to adapt and develop cyber spies of their own.


Special article by 
Evelyn Anderson of International Business and Journalism
Guest Editor VOGH








SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Facebook Donates $250,000 to University of Alabama at CIA|JFR to Fight Against Cybercrime

Posted by Avik Sarkar On 10/27/2012 02:49:00 am

Facebook Donates $250,000 to University of Alabama at CIA|JFR to Fight Against Cybercrime 

All of us, who are associated or directly involved in this cyber domain know very well that its almost impossible to stand against the rising cyber crime & cyber criminals. Then the very first question will arise and that is, what is the solution? The answer will be tie-up collaboration, unity in diversity. That means if we stand together and help each other, then definitely we can control cyber crime, not only that but also we can have a safe and secure cyber space. While talking about co-operation and collaboration then a live instance is here for you. It is your favorite social network, Facebook who stand against cyber criminals and donate $250,000 to help fight cyber crime. According to UAB NewsThe Center for Information Assurance and Joint Forensics Research at the University of Alabama at Birmingham has received a $250,000 donation from Facebook in recognition of the center’s role in tracking international criminals behind social-media botnet Koobface as well as other spammers. The donation, which comes from money Facebook has recovered from spammers located around the world, will be used to expand the new CIA|JFR headquarters. 
“As a result of numerous collaborations over the years, Facebook recognizes the center as both a partner in fighting Internet abuse, and as a critical player in developing future experts who will become dedicated cybersecurity professionals,” says Joe Sullivan, chief security officer at Facebook. “The center has earned this gift for their successes in fighting cybercrime and because of the need for formal cybersecurity education to better secure everyone’s data across the world.”  
Here we want to remind our readers that 'Koobface' was the most dangerous malware ever made to infiltrate Facebook made by few Russian hacker. The hackers, known as the Koobface gang, sent Facebook users attractive invitations to watch a funny or sexy video. When the unsuspecting users clicked the link, the message appeared saying that their computer’s Flash software needed updating. The “update” was in fact malware that hijacked the user’s clicks and delivered them to advertisers, making the hackers money -to the tune of over $2 million annually. According to Kaspersky Labs the network of infected computers included between 400,000 and 800,000 PC. Earlier in this year the entire Koobface gang was exposed and the C&C server of Koobface has been stopped prenatally by few German Researchers. 

With this story here we, the entire VOGH Team would like to congratulate the team at the University of Alabama at Birmingham on the donation from Facebook. More power to them and similar experts around the world, helping investigate cybercrime and making the online world a safer place! 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Criminals and foreign spy agencies launched more than 1,000 cyber attacks on the MOD last year

Posted by Avik Sarkar On 6/08/2011 03:47:00 pm





Criminals and foreign spy agencies launched more than 1,000 cyber attacks on the Ministry of Defence last year in an effort to steal secrets and disrupt services, Liam Fox has revealed.
In a speech on Tuesday night, the defence secretary laid out the growing threat to the country from cyberspace, saying that government departments were now under sustained attack.
He underlined the problem by saying that "across the core defence networks there were an average of over a million security alerts every day".
These comprise mainly of spam emails that are blocked before entering government computer systems. But many turn out to be deliberate attempts to infiltrate and steal from the MoD's computer systems.
Last week the Guardian revealed that the UK is now developing a cyber weapons programme to give ministers an attacking capability in cyberspace.
It also emerged that the FBI is investigating allegations that the Google mail accounts of senior US government officials have been attacked by Chinese hackers.
In his speech, Fox set out why the government had committed an extra £650m for cyber security in last year's Strategic Defence and Security Review. He also warned more would need to be done to protect the UK's core infrastructure from cyber attack.
"Between 2009 and 2010, security incidents more than doubled," he said: "Was this in Afghanistan? No. This was in cyberspace and the target was the MoD. I and my senior colleagues are routinely alerted to incidents that could have had severe consequences if they'd not been stopped.
"Our systems are targeted by criminals, foreign intelligence services and other malicious actors seeking to exploit our people, corrupt our systems and steal information.

"To give you an idea of the challenge, last year we in the MoD blocked and investigated over 1,000 potentially serious attacks. "
Fox described it as the "war of the invisible enemy" and said the boundaries between government, business and every individual internet user were becoming blurred."This threat is growing in scale and sophistication. My department is a prime target. Across the core defence networks there were an average of over a million security alerts every day."
He said the opening of a new Global Operations and Security and Control Centre would help to coordinate the Whitehall response to cyber attacks, but conceded that government could not do this alone.
"We now see weekly reports of cyber attacks against businesses, institutions and networks used by people going about their daily lives," he said. "The cost to the UK economy of cyber crime is estimated to be in the region of £27bn a year and rising. These are attacks against the whole fabric of our society.
"There is no Maginot Line in cyber space ... our national intellectual property in defence and security industries is at risk from a systematic marauding. Not only could it severely affect the future success of British industry, our economic advantage, and the country's financial recovery, but also directly impacts upon our national security today."
Last week, the US government said it was intending to rewrite its military rule book to make cyber-attacks a possible act of war. In May, the chancellor George Osborne said foreign intelligence agencies were carrying out cyber-attacks on the Treasury, targeting it with programs designed to steal information.
Some experts have warned against government's over-exaggerating the problems in cyberspace, noting that 80 per cent of all such attacks can be thwarted with better computer 'hygiene' – such as people using less obvious passwords. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Interpol, ITU & IMPACT Jointly Singed a Hostorical Agreement in Cybersecurity

Posted by Avik Sarkar On 11/12/2012 06:41:00 am

Interpol, ITU & IMPACT Jointly Singed an Agreement to Exchange Information, Expertise & Enhance Cybersecurity

During the 81st INTERPOL General Assembly taking place in Rome, Italy a historical and very vital cooperation agreement has been singed. In an effort to further enhance cybersecurity around the world, International Multilateral Partnership Against Cyber Threats (IMPACT), the cybersecurity executing arm of United Nations’ specialised agency – the International Telecommunication Union (ITU) and the General Secretariat of the International Criminal Police Organisation – (INTERPOL), reached a historic milestone with the signing of a landmark ‘Cooperation Agreement’ between both international organisations. Through this Agreement, it allows both IMPACT and INTERPOL to exchange information, expertise as well as to enhance both organisations’ knowledge base in the field of cybersecurity. The Agreement will also see the cross promotion of capacity building activities aimed at the public and private sector and the civil society, with an objective to curb cyber crimes by protecting the cyber space and orchestrating a safer global community. 
The Cooperation Agreement paves the way for INTERPOL and ITU-IMPACT to effectively cooperate within the scope of their respective mandates and resources in the field of cybersecurity. This Agreement is also designed to provide a broad framework for such cooperation to take place and to establish a collaborative association, with a view to promoting cybersecurity capacity-building and addressing cyber threats on a global scale. Datuk Mohd Noor Amin, Chairman of IMPACT and Mr Ronald K. Noble, Secretary General of INTERPOL signed the Cooperation Agreement today, witnessed by ITU Secretary-General, Dr. Hamadoun I. Touré. With 144 countries now, part of the ITU-IMPACT coalition, IMPACT is entrusted with the task of providing cybersecurity support and services to ITU’s Member States and other organisations within the UN system. ITU-IMPACT’s global partnership now embraces over 200 industry, academia and international organizations. 

“This kind of cross-agency collaboration is essential to combating the increasingly serious problem of international cybercrime,” said ITU Secretary-General Dr. Hamadoun I. Touré. “For too long, cyber criminals have hidden behind national borders, hoping to escape detection or eluding the jurisdiction of national law enforcement authorities. This new partnership with INTERPOL represents a major step forward in our efforts to bring such criminals to book.”
Datuk Mohd Noor Amin, Chairman of IMPACT added; “The signing of this agreement is truly a landmark event for all of us. For the first time, we are effectively pooling together and merging the resources from INTERPOL’s community of police forces worldwide with ITU-IMPACT’s existing stakeholders from governments, telecommunications regulators, CERTs, ISPs, ICT industry and academia. ITU’s recent MOU with the United Nations Office of Drug and Crime (UNODC) further strengthens the partnership by potentially adding in judicial officers and prosecutors under the ITU-IMPACT umbrella. This coming together of various different, but important, stakeholders is vital if we are going to succeed against the cyber criminals and enhance international cybersecurity.”



-Source (PRWeb)








SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

PandaLabs Exclusive Report: Privacy Violations Will Be The Biggest Security Threat in 2012

Posted by Avik Sarkar On 12/17/2011 12:47:00 pm



Panda Security anti-malware laboratory, today announced its predictions for top security trends to watch for in the coming year. Cyber-espionage, along with privacy violations and social networking attacks facilitated by the increased use of mobile and tablet devices, will be the source of increased security threats over the coming months.
Cyber-espionage targeting companies and government agencies around the world will dominate corporate and national information security landscapes, with the integrity of classified and other protected information on the line. Trojans are expected to be the weapon of choice for hackers focused on these highly-sensitive targets.
According to Luis Corrons, technical director of PandaLabs, “We live in a world where all information is in digital form and is easily accessible if you know how. Today’s spies no longer need to infiltrate a building to steal information. As long as they have the necessary computer skills, they can wreak havoc and access even the best-kept secrets of organizations without ever leaving their homes.”
Consumers will continue to be targeted by cyber-criminals as they find ever more sophisticated ways to target social media sites for stealing personal data. Social engineering techniques exploiting users’ naïveté have become the weapon of choice for hackers targeting personally-identifiable information. “Social networking sites provide a space where users feel safe as they interact with friends and family. The problem is that attackers are creating malware that takes advantage of that false sense of security to spread their creations,” says Corrons. “It is very easy for cyber-criminals to trick users with generic messages like ‘Look, you’re on this video,’ for example. Sometimes, curiosity can be our own worst enemy.”

Summary of what PandaLabs predicts as the major security trends of 2012:-

  • Mobile Malware:- A year ago, PandaLabs predicted a surge in cyber attacks on mobile phones, and the fact that Android has become the number one mobile target for cyber-crooks in 2011 confirms that prediction. That trend will continue in 2012, with a new focus on mobile payment methods using Near-Field Communications (NFC) as these applications become increasingly popular.
  • Malware for Tablets:- Since tablets share the same operating system as smartphones, they are likely be targeted by the same malware. In addition, tablets might draw a special interest from cyber-crooks since people are using them for an increasing number of activities and are more likely to store sensitive data.
  • Mac Malware:- As the market share of Mac users continues to grow, the number of threats will grow as well. Fortunately, Mac users are now more aware that they are not immune to malware attacks and are increasingly using antivirus programs to protect themselves. The number of malware specimens for Mac will continue to grow in 2012, although still at a slower rate than for PCs.
  • PC Malware:- PC malware has grown exponentially over the past few years, and everything indicates that the trend will continue in 2012. Trojans, designed to sit silently on users’ computers, stealing information and transmitting it back to their handlers will continue to be cyber-crooks’ weapon of choice; 75 percent of new malware strains in 2011 were Trojans.
  • SMBs Under Attack:- Financial institutions are fairly well protected these days against malware. But smaller businesses are easier and cheaper targets to attack, and their customer databases can be a real treasure trove for hackers, particularly if credit card and other financial data is stored “in the clear”. Unfortunately, many small to medium-sized companies do not have dedicated security teams, which makes them much more vulnerable.
  • Windows 8:- While not scheduled until November 2012, the anticipated next version of Microsoft’s operating system will offer cyber-crooks new opportunities to create malicious software. Windows 8 will allow users to develop malware applications for virtually any device (PCs, tablets and smartphones) running this platform, although this will likely not take place until 2013.

Corrons concludes, “The malware game continues. As new technologies advance, cyber-crooks develop new modes of attack, often by simply adapting old techniques to the new platforms – which is an area software vendors need to pay attention to. In the end, though, it’s users’ false sense of security that is the hacker’s best friend.”


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Chinese Hackers Broke Into Indian Navy's Computer System & Stolen Sensitive Data (VOGH Exclusive)

Posted by Avik Sarkar On 7/06/2012 07:07:00 pm

VOGH Exclusive:- Chinese Hackers Broke Into Indian Navy's Computer System & Stolen Sensitive Data

Again cyber criminals from China targeted Indian cyber fence. This time Indian Navy have fallen victim of this cyber espionage. According to sources hackers have broken into sensitive naval computer systems in and around Visakhapatnam, the headquarters of the Eastern Naval Command, and planted malware that relayed confidential data to IP addresses in China.  There is, to date, nothing known about the data thieves. 
Primary investigation revealed that the classified data has been leaked and that the breach may have occurred as a result of the use of USB flash storage on important systems. The Navy and other armed forces store sensitive data on standalone systems, unconnected to the internet and supposedly with no free USB ports where a flash drive could be plugged in.
The malware is reported to have created a hidden folder on the USB flash drives. When the drive was plugged into a Navy system, the malware searched for files based on particular key words it had been configured to look for. These files were then copied to the flash drive where they would remain hidden. When the drive was plugged into a system which was connected to the internet, the malware would then begin to transfer the files to a specific IP address. The extent of the loss is still being ascertained, and officials said it was “premature at this stage” to comment on the sensitivity of the compromised data. But the Navy has completed a Board of Inquiry (BoI) which is believed to have indicted at least six mid-level officers for procedural lapses that led to the security breach. Navy official also said: “An inquiry has been convened and findings of the report are awaited. It needs to be mentioned that there is a constant threat in the cyber domain from inimical hack ers worldwide.”
Couple of months ago Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSAAlso in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 
The above phenomena are clearly indicating that hackers from China was directly linked and responsible for all those biggest cyber espionage. Still it is not clear that whether these cyber criminals are supported by the Govt. or not!!



 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search