Showing posts with label FBI. Show all posts
Showing posts with label FBI. Show all posts

Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet

Posted by Avik Sarkar On 12/08/2013 01:14:00 am

Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet Responsible For Infecting More Than 2 Million Computers
Redmond based software giant Microsoft yet again got a huge success against a big racket of cyber criminals while shattering one of the world's largest and most rampant botnets named 'ZeroAccess'. The Sirefef botnet, also known as ZeroAccess, is responsible for infecting more than 2 million computers, specifically targeting search results on Google, Bing and Yahoo search engines, and is estimated to cost online advertisers $2.7 million each month. Tech giant Microsoft working alongside the Federal Bureau of Investigation (FBI), Europol's European Cybercrime Centre (EC3) have successfully disrupted this notorious botnet. This is Microsoft’s first botnet action since the Nov. 14 unveiling of its new Cybercrime Center — a center of excellence for advancing the global fight against cyber crime — and marks the company’s eighth botnet operation in the past three years.

“This operation marks an important step in coordinated actions that are initiated by private companies and, at the same time, enable law enforcement agencies around Europe to identify and investigate the criminal organizations and networks behind these dangerous botnets that use malicious software to gain illicit profits,” said Troels Oerting, head of the EC3. “EC3 added its expertise, information communications technology infrastructure and analytic capability, as well as provided the platform for high-level cooperation between cyber crime units in five European countries and Microsoft.”
Due to its botnet architecture, ZeroAccess is one of the most robust and durable botnets in operation today and was built to be resilient to disruption efforts, relying on a peer-to-peer infrastructure that allows cyber criminals to remotely control the botnet from tens of thousands of different computers. ZeroAccess is used to commit a slew of crimes, including search hijacking, which “hijacks” people’s search results and redirects people to sites they had not intended or requested to go to in order to steal the money generated by their ad clicks. ZeroAccess also commits click fraud, which occurs when advertisers pay for clicks that are not the result of legitimate, interested human users’ clicks, but are the result of automated Web traffic and other criminal activity. Research by the University of California, San Diego shows that as of October 2013, 1.9 million computers were infected with ZeroAccess, and Microsoft determined there were more than 800,000 ZeroAccess-infected computers active on the Internet on any given day.



How It Happened:- 
Last week, Microsoft filed a civil suit against the cyber criminals operating the ZeroAccess botnet and received authorization from the U.S. District Court for the Western District of Texas to simultaneously block incoming and outgoing communications between computers located in the U.S. and the 18 identified Internet Protocol (IP) addresses being used to commit the fraudulent schemes. In addition, Microsoft took over control of 49 domains associated with the ZeroAccess botnet. A10 Networks provided Microsoft with advanced technology to support the disruptive action.
As Microsoft executed the order filed in its civil case, Europol coordinated a multijurisdictional criminal action targeting the 18 IP addresses located in Europe. Specifically, Europol worked with Latvia, Luxembourg, Switzerland, the Netherlands and Germany to execute search warrants and seizures on computer servers associated with the fraudulent IP addresses located in Europe. This is the second time in six months that Microsoft and law enforcement have worked together to successfully disrupt a prevalent botnet. It demonstrates the value coordinated operations have against cyber criminal enterprises. For more information about this botnet operation click here

ZeroAccess is counted as a very sophisticated malware, blocking attempts to remove it, therefore recommended for every Microsoft user to click Here for detailed instructions on how to remove this threat. As Microsoft found that the ZeroAccess malware disables security features on infected computers, leaving the computer susceptible to secondary infections, it is critical that victims rid their computers of ZeroAccess by using malware removal or antivirus software as quickly as possible. 
In conversation with press David Finn, executive director and associate general counsel of the Microsoft Digital Crimes Unit said -“Microsoft is committed to working collaboratively — with our customers, partners, academic experts and law enforcement — to combat cybercrime. And we’ll do everything we can to protect computer users from the sinister activities and criminal networks that victimize innocent people and businesses around the world.” 

While talking about ZeroAccess botnet take down, I would like to remind you that in Match, last year Microsoft has successfully shutdown two command and control (C&C) server of world's of the most dangerous banking trojan Zeus.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

'The Secret Files'- Hackers Exposed Personal Details of Celebrities, Public Figure, FBI Director & National Leaders

Posted by Avik Sarkar On 3/18/2013 04:15:00 am

'The Secret Files'- Hackers Exposed Personal Details of Celebrities, Public Figure, FBI Director & National Leaders 

Yet again celebrities fallen victim to cyber attack, no this time not the nude photo but confidential personal information. Renowned public figure, national leaders, celebrities like Kim Kardashian, US Vice President Joe Biden, Hillary Clinton, Mel Gibson, Michelle Obama, Ashton Kutcher, Jay Z, BeyoncĂ©, Paris Hilton, Britney Spears, Sarah Palin, Hulk Hogan, Donald Trump and Arnold Schwarzenegger together became prey. The list does not end here, the hacker catches two more big fishes in his net and they are head of the Los Angeles police force Charlie Beck and FBI Director Robert Mueller. Many of you might be astonished of how such big public figure, including Vice President, FBI Director became victim in single round of cyber attack! Let me tell you what exactly happened- the hacked data dubbed "The Secret Files" by the hackers contains personal information and credit reports (including social security numbers, details of their mortgages, addresses, and details of their credit card and banking details) was made public by those hackers on a new website, as shown in the picture below. 

The hacker left a message or in other word a satire while saying "The Secret Files - If you believe that God makes miracles, you have to wonder if Satan has a few up his sleeve." Such hack, is very rare, where numbers of big fish get caught. The nature of this hack can be categorized as a clear identity theft. But the question is how? Well the answer is some of the United States' top credit bureaus have come forward and acknowledged that fraudulent and unauthorized access to the records of well-known figures have taken place. Most of the reports were apparently obtained from one of the three major U.S. credit ratings agencies Equifax, TransUnion and Experian — via a special Internet portal they maintain for the public to check their own credit ratings. All three companies have said that some of their reports had been fraudulently accessed since Monday by someone using personal data about the victims. Security experts said that suggests the attack is a “social hack” rather than a classic cyber security data breach


-Source (Sophos & WT)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

3 Russian Cyber Criminal Who Was The Master Mind of Banking Trojan 'Gozi' Charged in New York

Posted by Avik Sarkar On 2/01/2013 08:53:00 pm

3 Russian Cyber Criminal Who Was The Master Mind of Banking Trojan 'Gozi' Charged in New York 

Yet again another serious issue of cyber crime get resolved when the FBI tracked and figured out the master mind of infamous 'Gozi banking Trojan' which effected more than millions of system world wide, including a handful at NASA, leading to tens of millions of dollars in lost banking funds and damages to computer systems and networks. Three alleged international cyber criminals from Russia, responsible for creating and distributing 'Gozi' that infected over one million computers and caused tens of millions of dollars in losses charged in Manhattan Federal Court. Mihai Ionut Paunescu aged 28, a Romanian, Deniss Calovskis, 27, a Latvian, and Nikita Vladimirovich Kuzmin, 25, of the Russian Federation, are charged with computer intrusion, conspiracy to commit bank and wire fraud and access device fraud. Federal authorities said the three were arrested last week; Kuzmin is being held in New York, while Paunescu is in custody in Romania and Calovskis in Latvia. 
According to the press release of FBI -Deniss Calovskis, a/k/a “Miami,” a Latvian national who allegedly wrote some of the computer code that made the Gozi virus so effective, was arrested in Latvia in November 2012. Mihai Ionut Paunescu, a/k/a “Virus,” a Romanian national who allegedly ran a “bulletproof hosting” service that enabled cyber criminals to distribute the Gozi virus, the Zeus trojan, and other notorious malware and to conduct other sophisticated cyber crimes, was arrested in Romania in December 2012. 

The cases are being handled by the Complex Frauds Unit of the United States Attorney’s Office. Assistant United States Attorneys Sarah Lai, Nicole Friedlander, and Thomas G.A. Brown, along with Trial Attorney Carol Sipperly of the Computer Crime and Intellectual Property Section of the Department of Justice on the Paunescu case, are in charge of the prosecution. The charges contained in the Indictments are merely accusations, and the defendants are presumed innocent unless and until proven guilty.

DefendantAge and ResidenceChargesMaximum Penalty
Nikita Kuzmin25; Moscow, RussiaConspiracy to commit bank fraud; bank fraud; conspiracy to commit access device fraud; access device fraud; conspiracy to commit computer intrusion; computer intrusion95 years in prison
Deniss Calovskis27; Riga, LatviaConspiracy to commit bank fraud; conspiracy to commit access device fraud; conspiracy to commit computer intrusion; conspiracy to commit wire fraud; conspiracy to commit aggravated identity theft67 years in prison
Mihai Ionut Paunescu28; Bucharest, RomaniaConspiracy to commit computer intrusion; conspiracy to commit bank fraud; conspiracy to commit wire fraud60 years in prison


Brief About Gozi:-
The Gozi virus is malicious computer code, or “malware,” that steals personal bank account information, including usernames and passwords, from the users of affected computers. It was named by private sector information security experts in the U.S. who, in 2007, discovered that previously unrecognized malware was stealing personal bank account information from computers across Europe on a vast scale, while remaining virtually undetectable in the computers it infected. To date, the Gozi virus has infected over one million victim computers worldwide, among them at least 40,000 computers in the U.S., including computers belonging to the National Aeronautics and Space Administration (NASA), as well as computers in Germany, Great Britain, Poland, France, Finland, Italy, Turkey, and elsewhere, and it has caused tens of millions of dollars in losses to the individuals, businesses, and government entities whose computers were infected.

The Gozi virus was distributed to victims’ computers in several different ways. In one method, the virus was disguised as an apparently benign .pdf document which, when opened, secretly installed the Gozi virus on the victim’s computer. Once installed, the Gozi virus—which was intentionally designed to be undetectable by anti-virus software—collected data from the infected computer in order to capture personal bank account information including usernames and passwords. That data was then transmitted to various computer servers controlled by the cyber criminals who used the Gozi virus. These cyber criminals then used the personal bank account information to transfer funds out of the victims’ bank accounts and ultimately into their own personal possession.


For Detailed Information Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

FBI Wanted Cyber Criminal Hamza Bendelladj Arrested in Thailand

Posted by Avik Sarkar On 1/08/2013 02:52:00 pm

FBI Wanted Cyber Criminal Hamza Bendelladj Arrested in Thailand

Another FBI listed cyber criminal get nabbed. The suspect named Hamza Bendelladj of 24 yrs have been arrested in late Sunday night during a layover at Thailand’s international airport while traveling from Malaysia to Egypt. According to the officials Bendelladj is an Algerian national wanted by the United States Federal Bureau of Investigation (FBI) for allegedly making tens of millions of dollars from cyber crime. Police confiscated two laptops, a tablet computer, a satellite phone and a number of external hard drives from Bendelladj. According to the officials FBI had been pursuing Bendelladj for nearly three years. U.S. authorities believe the suspect hacked private accounts in more than 217 banks and financial companies worldwide, causing about $10 million in losses per transaction. After this arrest, he will be extradited to the U.S. state of Georgia, where a district court has issued an arrest warrant. In an exclusive report Bangkok Post said -a smiling Bendelladj, who was present at the press conference, denied claims by the Thai authorities that he was on the FBI's top-10 most wanted list. "I'm not in the top 10, maybe just 20th or 50th," the Algerian suspect said with a laugh. "I am not a terrorist."



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Hollywood Celebrities Nude Photo Hacker Sentenced to 10 Years in Prison

Posted by Avik Sarkar On 12/21/2012 07:17:00 pm

Hollywood Celebrities Nude Photo Hacker Sentenced to 10 Years in Prison 

Photo hacking case of Hollywood celebrities takes another direction, as Christopher Chaney, who pleaded guilty to hacking into the e-mail accounts of Scarlett Johansson and other celebrities including Mila Kunis, Christina Aguilera and few others, has been sentenced to 10 years in prison by the  federal judge in Los Angeles. Chaney was arrested last year as part of a year-long investigation  of FBI dubbed Operation Hackerazzi. At a hearing on Monday, U.S. District Court judge S. James Otero said that Chaney's conduct demonstrated a "callous disregard to the victims," some 50 in total, including two non-celebrities who the judge noted was stalked by Chaney for more than 10 years. The prison term was accompanied by an order to pay $66,179 in restitution. Chaney pleaded guilty to nine offences, including illegal wire-tapping and unauthorized access to computers. In his guilty plea, Chaney admitted to having repeatedly hacked email accounts over a period of at least eleven months. He hacked into email accounts by taking advantage of the "forgotten password" feature on web interfaces and using publicly available information to answer security questions. 
Chaney admitted that as his hacking scheme became more extensive, he began using a proxy service called “Hide My IP” because he wanted to “cover his tracks” and not be discovered by law enforcement agents. Even after his home computers were seized by law enforcement, Chaney used another computer to hack into another victim’s e-mail account. As a result of his hacking scheme, Chaney obtained private photographs and confidential documents, including business contracts, scripts, letters, driver’s license information, and Social Security information. On several occasions, after hacking into victims’ accounts, Chaney sent e-mails from the hacked accounts, fraudulently posing as the victims and requesting more private photographs. Chaney e-mailed many of the stolen photographs to others, including another hacker and two gossip websites. As a result, some of the stolen photographs were posted on the Internet.
"I don't know what else to say other than I'm sorry," Chaney said. "I could be sentenced to never use a computer again and I wouldn't care." For detailed information about this case click here.







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

#ProjectWhiteFox -Team GhostShell Hacked 1.6 Million Accounts of NASA, ESA, Pentagon & FBI

Posted by Avik Sarkar On 12/15/2012 04:14:00 pm

#ProjectWhiteFox -Team GhostShell Hacked 1.6 Million Accounts of NASA, ESA, Pentagon & FBI

After the devastating "Project Blackstar" now the hacktivist group calling them selves "Team GhostShell" announced another big hack, where the hackers have targeted several big organizations. This round of cyber attack was going under the banner of #ProjectWhiteFox, in which GhostShell has posted log-in details of 1.6 million accounts they claim are taken from a series of attacks on organizations including NASA, FBI, European Space Agency and Pentagon, as well as many companies that partner with these organizations. The Anonymous subsidiary group has posted the details on Pastebin, while describing the aim of the hack; as part of their #ProjectWhiteFox campaign to promote hacktivism and freedom of information on the internet. The hacker group claimed that the leaked information contained log-in names, passwords, email addresses, CV & several other sensitive information. In their release GhostShell said - "For those two factors we have prepared a juicy release of 1.6 million accounts/records from fields such as aerospace, nanotechnology, banking, law, education, government, military, all kinds of wacky companies & corporations working for the department of defense, airlines and more."
GhostShell members also said that they have messaged security bosses about the insecurity a number of organizations they targeted during attacks throughout 2012, describing it as "an early Christmas present." 
In a Pastebin file, GhostShell features a list of 37 organizations and companies, including The European Space Agency, NASA’s Engineers: Center for Advanced Engineering, and a Defense Contractor for the Pentagon. GhostShell sets itself apart from other hacktivist groups by targeting more than just one company or organization, and then releasing the results of its attack all at once. This set of hacks is spread out across 456 links, many of which simply contain raw dump files uploaded to GitHub and mirrored on paste sites Slexy.org and PasteSite.com.
The uploaded files contain what appears to be user data that looks to have been obtained from the servers of the various firms (likely via SQL injection). The entries include IP addresses, names, logins, email addresses, passwords, phone numbers, and even home addresses. Email accounts include the big three (Gmail, Hotmail, and Yahoo), as well as many .gov accounts. There are also various documents and material related to partnerships between companies and government bodies, as well as sensitive information for the aforementioned industries. 
Furthermore, the group says it has sent an email to the ICS-CERT Security Operations Center, Homeland Security Information Network (HSIN), Lessons Learned and Information Sharing (LLIS), the FBI’s Washington Division and Seattle location, Flashpoint Intel Partners, Raytheon, and NASA. In it, they say to have detailed “another 150 vulnerable servers from the Pentagon, NASA, DHS, Federal Reserve, Intelligence firms, L-3 CyberSecurity, JAXA, etc.”
-Source (TNW)






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

FBI's Cybercrime Unit Taken New Initiative to Nab Hackers & Intruders

Posted by Avik Sarkar On 10/31/2012 06:09:00 am

FBI's Cybercrime Unit Taken New Initiative to Nab Hackers & Intruders 

The month of October has been declared by FBI as the National Cyber Security Awareness Month of 2012 , and in the last week of this month the cyber crime division of FBI has started a new program which will specially emphasis on hackers and intrusion. The main aim of this program is to focusing on hackers and to prevent cyber crime. Last month  Federal Bureau of Investigation (FBI) has issued a report based on information from law enforcement and complaints submitted to the Internet Crime Complaint Center (IC3) detailing recentcyber crime trends and new twists to previously-existing cyber scams. Now the recent movement of FBI will surely inject fear into the heart & mind of hackers. According to FBI's official release - Early last year, hackers were discovered embedding malicious software in two million computers, opening a virtual door for criminals to rifle through users’ valuable personal and financial information. Last fall, an overseas crime ring was shut down after infecting four million computers, including half a million in the U.S. In recent months, some of the biggest companies and organizations in the U.S. have been working overtime to fend off continuous intrusion attacks aimed at their networks. The scope and enormity of the threat—not just to private industry but also to the country’s heavily networked critical infrastructure—was spelled out last month in Director Robert S. Mueller’s testimony to a Senate homeland security panel: “Computer intrusions and network attacks are the greatest cyber threat to our national security.”
To that end, the FBI over the past year has put in place an initiative to uncover and investigate web-based intrusion attacks and develop a cadre of specially trained computer scientists able to extract hackers’ digital signatures from mountains of malicious code. Agents are cultivating cyber-oriented relationships with the technical leads at financial, business, transportation, and other critical infrastructures on their beats. 

Today, investigators in the field can send their findings to specialists in the FBI Cyber Division’s Cyber Watch command at Headquarters, who can look for patterns or similarities in cases. The 24/7 post also shares the information with partner intelligence and law enforcement agencies—like the Departments of Defense and Homeland Security and the National Security Agencyon the FBI-led National Cyber Investigative Joint Task Force.
A key aim of the Next Generation Cyber Initiative has been to expand our ability to quickly define “the attribution piece” of a cyber attack to help determine an appropriate response, said Richard McFeely, executive assistant director of the Bureau’s Criminal, Cyber, Response, and Services Branch. “The attribution piece is: who is conducting the attack or the exploitation and what is their motive,” McFeely explained. “In order to get to that, we’ve got to do all the necessary analysis to determine who is at the other end of the keyboard perpetrating these actions.”
The Cyber Division’s main focus now is on cyber intrusions, working closely with the Bureau’s Counterterrorism and Counterintelligence Divisions.  “We are obviously concerned with terrorists using the Internet to conduct these types of attacks,” McFeely said. “As the lead domestic intelligence agency within the United States, it’s our job to make sure that businesses’ and the nation’s secrets don’t fall into the hands of adversaries.”
In the Coreflood case in early 2011, hackers enlisted a botnet—a network of infected computers—to do their dirty work. McFeely urged everyone connected to the Internet to be vigilant against computer viruses and malicious code, lest they become victims or unwitting pawns in a hacker or web-savvy terrorist’s malevolent scheme.
“It’s important that everybody understands that if you have a computer that is outward-facing—that it’s connected to the web—that your computer is at some point going to be under attack,” he said. “You need to be aware of the threat and you need to take it seriously.” 


To Listen the Podcast of FBI's "“The intrusions are occurring 24/7, 365 days a year.” Click Here






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

FBI Started National Cyber Security Awareness Month 2012

Posted by Avik Sarkar On 10/03/2012 04:37:00 am

FBI Started National Cyber Security Awareness Month 2012

Last week the  Federal Bureau of Investigation (FBI) has issued a report based on information from law enforcement and complaints submitted to the Internet Crime Complaint Center (IC3) detailing recent cyber crime trends and new twists to previously-existing cyber scams. As you all know that the Month of October is celebrated as National Cyber Security Awareness Month for last nine years. This year also FBI declared the October as National Cyber Security Awareness Month 2012. According to the official blog of FBI - the threat has continued to grow even more complex and sophisticated. Just 12 days ago, in fact, FBI Director Robert Mueller said that “cyber security may well become our highest priority in the years to come.” 

For its part, the FBI is strengthening its cyber operations to sharpen its focus on the greatest cyber threats to national security: computer intrusions and network attacks. We are enhancing the technological capabilities of all investigative personnel and hiring additional computer scientists to provide expert technical support to critical investigations. We are creating two distinct task forces in each field office: Cyber Task Forces, focused on intrusions and network attacks that will draw on our existing cyber squads; and Child Exploitation Task Forces, focused on crimes against children. We are also increasing the size and scope of the National Cyber Investigative Joint Task Force—the FBI-led multi-agency focal point for coordinating and sharing cyber threat information to stop current and future attacks.

The FBI also runs several other cyber-related programs, including the Innocent Images National Initiative—which combats online child predators—and the Internet Crime Complaint Center—a partnership between the Bureau and the National White Collar Crime Center that serves as a clearinghouse for triaging cyber complaints and provides an easy-to-use online tool for reporting these complaints.

Because of the interconnectedness of online systems, every American who uses digital technologies at home or in the office can—and must—play a part in cyber security. For example, if you open a virus-laden e-mail attachment at work, you could infect your entire company’s computer network. Don’t be the weakest link: get educated on cyber safety.

Here are a few basic steps you can take to be more secure:

  • Set strong passwords, and don’t share them with anyone.
  • Keep a clean machine—your operating system, browser, and other critical software are optimized by installing regular updates.
  • Maintain an open dialogue with your family, friends, and community about Internet safety.
  • Limit the amount of personal information you post online, and use privacy settings to avoid sharing information widely.
  • Be cautious about what you receive or read online—if it sounds too good to be true, it probably is.


Visit the links below for more tips on protecting your computers and other electronic devices, information on cyber threats, and details on how to report cyber crimes or scams:



For more information:






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

FBI's Internet Crime Complaint Center (IC3) Issues Latest Internet Scam Alerts

Posted by Avik Sarkar On 9/26/2012 01:37:00 am

FBI's Internet Crime Complaint Center (IC3) Issues Latest Internet Scam Alerts

The Federal Bureau of Investigation (FBI) has issued a report based on information from law enforcement and complaints submitted to the Internet Crime Complaint Center (IC3) detailing recent cyber crime trends and new twists to previously-existing cyber scams. 


TRIANGLE CREDIT CARD FRAUD:- 

Triangle Credit Card Fraud is a common scam known to affect many on-line merchants. It has been called "Triangle Credit Card Fraud" because there are three primary parties involved or impacted by the scam.
The first party is the fraudster who acts as a seller on a popular auction or marketplace site. The fraudster "sells" a product to the second party, the buyer that knows nothing about the scam. The buyer pays the seller for the product or service. The seller then needs to deliver the product or service to the buyer and does so by placing an order with the manufacturer of the product or service to the buyer and does so by placing an order with the manufacturer of the product or service, the third party. That order will contain the buyer’s information for shipping and stolen credit card information for billing. When the company receives the order, the billing and shipping information is all legitimate, thus it looks like an order being placed as a gift, so the company delivers the product or service.
When the card holder finds a fraudulent charge on their card, they may file a dispute with the credit card company resulting in a chargeback for the company. This scheme is often much more complex as it is often led by overseas criminals who recruit established sellers (often referred to as mules) on auction or marketplace sites to "sell" the products. Once a sale is completed, the mule will forward the buyer information and the bulk of the money to the fraudster to place the fraudulent order. Once a mule becomes trusted, they are often allowed to recruit other mules, leading to a complex pyramid of fraudsters and mules.
Through the on-line merchant community, many companies have been made aware of this scheme and have had great successes with stopping the illegal activity using fraud prevention and detection solutions as well as successful criminal prosecutions.

NEW TWIST TO THE WORK-AT-HOME SCHEME:-

The IC3 has previously reported on work-at-home schemes where victims advised they applied for employment through on-line resumes. The alleged employers used the names of well-known financial institutions and industry agencies to lure their victims into the scheme. The potential employees were contacted via e-mail and interviewed for various positions using Yahoo! Instant Messenger.
In some cases, the employees were required to purchase various software packages to perform the tasks required for their employment. The employees received a check and were instructed to keep a portion of the funds for supplies and wire the remaining funds to another individual. Once the employee wired the funds, the check was returned as counterfeit. The IC3 has received over 80 complaints identifying a twist to the scheme reporting that employees were asked to post employment advertisements on Craigslist and provide full details of a credit card, including owner name, address, card number, security code, and the expiration date of the card. In doing so, the victim unknowingly became a recruiter for the fraudster.

NEW TWIST TO THE HIT MAN SCAM:-

Recent complaints reported to the IC3 identified a new twist to the Hit Man Scam The victims informed that the e-mails advised they have been targeted for assassination and asked them to purchase a security alarm to use if they see suspicious activity. The e-mails were signed by Agent Bauer of the International Intelligence Bureau and included the following language:

You have been targeted for assassination over a past legal financial matters. A hired international assassin has been hired to kill you. All information and concrete evidence will be forwarded to you, but that should be after the apprehension of the assassin. Please do not disclose this information to any body, including any other enforcement personal in your region. Our effort to trap him might be jeopadise , if our strategies are expose by other enforcement agencies behind this crime. From this moment see anybody as somebody that wants to kill you.
The private international investigator tracking the assassin , wants you to purchase our device security alarm, as you are expected to press the device alarm if you suspect any activities . We can come to your rescue through any of our attached security personel, and this is possible within our network close to you in less than 10 minutes.
Please try to cooperate with us. We wait to hear from you.

Recipients must be cautious of e-mails purportedly from any government agency endorsing a product or encouraging the recipient to send money for any reason. The United States government does not endorse products via e-mail.


-Source (ic3.gov)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

FBI Charged an Indian Programmer For Hacking & Damaging Toyota Website

Posted by Avik Sarkar On 9/20/2012 03:44:00 pm


FBI Charged an Indian Programmer For Hacking & Damaging Toyota Website 

A computer programmer from central Kentucky named Ibrahimshah Shahulhameed who once did contract work for Toyota has been charged with hacking into and damaging computers used by the automobile maker. The FBI filed a federal criminal complaint against Ibrahimshah Shahulhameed of Georgetown, Ky., alleging that the disgruntled former worker logged in to the www.toyotasupplier.com site, which the company uses to communicate with vendors around the globe, and issued commands to slow down the functions of the computer servers. "In some circumstances, there was no rational basis for issuing the commands, unless one was seeking to render the system inoperable," wrote FBI Special Agent Adam Keown, who conducted the probe. 
Both Keown and Toyota alleged that Shahulhameed worked on contract as a computer programmer for Toyota until being let go in late August. Andrew Sell, Shahulhameed’s boss at GlobalSource IT, a Milwaukee, Wis.-based company, told Keown that Shahulhameed had been dismissed because he was harassing other employees working on the Toyota account.
Sell notified Shahulhameed via email that night that his contract to work on the Toyota account had been terminated. “I want to be clear, to prevent any additional issues moving forward, that you should NOT have any future contact with … anyone at Toyota,” Sell wrote. In a response sent Aug. 24, Shahulhameed wrote, “I also want to make sure … I will not be responsible if anyone called me from Toyota.” At that point, Shahulhameed accessed Toyota’s internal computer system without authorization, the FBI and Toyota allege. Toyota also alleges that Shahulhameed possibly copied, downloaded and disseminated trade secrets and proprietary information, including pricing information, quality testing data and parts testing data. Keown had Toyota’s computer equipment examined as well as Shahulhameed’s computer, which the company gave him to use while working on contract. Keown determined that Shahulhameed spent about six hours inside the firewall of Toyota’s computer system, resulting in an estimated 3,000 to 5,000 labor hours in investigative time, restoration of systems and fixing the problems created by the hacking. “Several toyotasupplier.com and internal applications either were not working properly or went down for a number of hours,” Keown wrote.


-Source (mybroadband)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Former Anonymous Spokesman Barrett Brown Arrested in Texas

Posted by Avik Sarkar On 9/17/2012 11:15:00 am

Former Anonymous Spokesman Barrett Brown Arrested in Texas After Threatening FBI Agent

Barrett Brown, former spokesman and leader of infamous hacker collective Anonymous was arrested by authorities in Dallas. This arrest took place on Wednesday just hours after he posted a YouTube video in which he appeared to threaten an FBI agent for allegedly harassing his mother. Brown was arrested shortly before 11 p.m. and turned over to FBI custody, according to Carmen Castro, a spokeswoman for the Dallas County Sheriff’s Office. Castro could not say what he had been charged with. Brown's attorney, Jay Leiderman, told the press that his client was charged with making threats to a federal agent.  
In immediate response Anonymous on Thursday,  released a statement on Pastie detailing what it claimed were credit card numbers, addresses and phone numbers of 13 federal government employees. On Twitter, the hacker group said the release of the information was in retaliation for Brown's arrest, calling him “our controversial hated/loved friend.”  But it seems that, these protest cant make any difference to Barrett Brown's future. We would like to remind you that in middle of last year Brown officially broke all his attachment with Anonymous. But still he has been under the eye of law enforcement for some time and In March, Brown’s home was raided by the FBI, which confiscated his laptop, when authorities revealed that Hector Xavier Monsegur was the person behind Sabu, the colorful leader of LulzSecurity, an offshoot of Anonymous. Brown has been faulted by many members of Anonymous for using his real name and for being quoted as a representative of the group, which prides itself on being loosely knit and having no clear leaders. He is best known for threatening to hack into the computers of the Zetas, one of Mexico's deadly drug trafficking cartels. Brown did not immediately return a message left on his cell phone on Thursday. Several websites posted what they said was video of Brown conducting a web chat as officers arrived, yelling "get your hands up!"


-Source (CNBC & Huffington Post)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

FBI Agent's Laptop Hacked, 12 Million Apple UDID Stolen By Anonymous (#FFF)

Posted by Avik Sarkar On 9/04/2012 10:55:00 pm

FBI Agent's Laptop Hacked, 12 Million Apple UDID Stolen By Anonymous (#FFF)

#Antisec an Offshoot part of infamous hacker collective Anonymous claims to have stolen a file from an FBI laptop which contained more than 12 million unique Apple device indentity numbers. The hackers declares this hack as part of their Friday rampage (#FFF) though the breach did not took place on Friday
The data which hackers stole came from a laptop belonging to Supervisor Special Agent at the FBI, Christopher K. StanglStangl, who joined the FBI in 2003 after graduating from Monmouth University, has been with the agency for nine and a half years and won an award in 2010 for helping bust a cyber crime ring. He was also sucked into another Anonymous stunt earlier this year when at least one of their supporters breached an FBI conference call that had been discussing Anonymous and LulzSec. Stangl was listed among those invited into the call, in an e-mail that was posted on PastebinIn a video posted to Facebook in 2009 (and which will likely be getting a lot more views in the coming days), Stangl is shown wearing a dark suit and tie, speaking to the camera, and calling for “cyber security experts” to join the FBI.

According to the hacker :-

"During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of “NCFTA_iOS_devices_intel.csv” turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts. no other file on the same folder makes mention about this list or its purpose."

The data is just part of a larger database of 12,367,232 UDIDs, and personal information such as full names, cellphone numbers, addresses and zipcodes belonging to Apple customers. The data was allegedly stolen via exploiting a Java vulnerability. In a pastebin note, the hacker posted several download links of the hacked database. Several security experts have already stated that the stolen data is correct. For those you are not familiar with the term UDID -Each iOS device (iPhone, iPad, iPod touch) is assigned a unique alphanumeric number known as a UDID. This was previously used by app developers to track data usage for their apps, until Apple decided to reject any apps which sought to gain access to this number in the most recent official iOS update. As well as believing that the FBI was using these identifiers to track people, though AnticSec, in its missive on Pastebin, said it didn't agree with the idea of hardware coded identifiers anyway: "We always thought it (UDIDs) was a really bad idea. That hardware coded IDs for devices concept should be eradicated from any device on the market in the future." To read the full press release of #Antisec click Here




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

DHS Issues Malware Warning Impersonating FBI & US Cyber Command

Posted by Avik Sarkar On 8/31/2012 06:05:00 pm


DHS Issues Malware Warning Impersonating FBI & US Cyber Command

If you think that only innocent computer users are just the only target of cyber criminals, then you are absolutely wrong. Recently United States Computer Emergency Readiness Team, widely known as US-CERT; which is a part of Depertment of Homeland Security's (DHS) National Cyber Security Division has issued an emergency alert wile announcing a new effort by cyber criminals to spread Malware that impersonates Federal law enforcement (FBI) and other government agencies. The malware is a malicious software that installs itself on a users computer without a users permission or knowledge, “displays a screen claiming that a Federal Government agency has identified the user’s computer as being associated with one of more crimes,” reports the US-CERT alert. Explaining further, the malware then instructs the victim “to pay a fine to regain the use of the computer, usually through prepaid money card services.” The appearance of the message displayed on a users screen is intended to seem like a legitimate and official looking warning from the FBI or US Cyber Command. In turn, the impersonation effort by the cyber criminals seeks to leverage this to scare victims into paying the so-called fine immediately.
“Affected users should not follow the payment instructions,” US-CERT recommends, adding, “Users may also choose to file a complaint with the FBI’s Internet Crime Complaint Center.” 


In their release US-CERT states:-
“US-CERT is aware of multiple malware campaigns impersonating multiple U.S. government agencies, including the United States Cyber Command (USCYBERCOM) and the Federal Bureau of Investigation (FBI). Once installed on a system, the malware displays a screen claiming that a Federal Government agency has identified the user's computer as being associated with one or more crimes. The user is told to pay a fine to regain the use of the computer, usually through prepaid money card services.”








SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search