The hacker left a message or in other word a satire while saying "The Secret Files - If you believe that God makes miracles, you have to wonder if Satan has a few up his sleeve." Such hack, is very rare, where numbers of big fish get caught. The nature of this hack can be categorized as a clear identity theft. But the question is how? Well the answer is some of the United States' top credit bureaus have come forward and acknowledged that fraudulent and unauthorized access to the records of well-known figures have taken place. Most of the reports were apparently obtained from one of the three major U.S. credit ratings agencies Equifax, TransUnion and Experian — via a special Internet portal they maintain for the public to check their own credit ratings. All three companies have said that some of their reports had been fraudulently accessed since Monday by someone using personal data about the victims. Security experts said that suggests the attack is a “social hack” rather than a classic cyber security data breach.
Hidden Costs of 'Data Theft' A Serious Issue! What You Need to Know to Be Safe
Sitting at the edge of technology, we the people of this century are blessed with all the required equipment which makes our work so easy that one could have even imagined three hundred years ago. Along with these positive sides, we must have to keep in mind that, these technologies not only elaborating our effort making life easier, but also posing high level of threat. As the main concern of VOGH is cyber domain, so here w would like to share a fact which will make you think and even make your cyber life and your personal life too uncanny. Yes, I am talking about the rising cyber threats; the more we are shedding with technologies, the more we are involving our lives with some dangerous threats and challenges. Now a days cyber criminals are every where, you don't even know, what trap has already been set for you, that can ruin your happy life. One of the big example is "Data Theft" which becoming boomerang for us. In an age of fully digitized data, consumers and businesses can lose thousands of dollars in the blink of a hacker’s eye. The costs of data theft are well known to anyone who has ever found themselves victim to financial identity or medical record fraud. What few of us realize is that the procedures required to right a financial wrong are often costlier than the crimes themselves. Lets share some interesting statistic, which will surely put terror in your mind - the economy loses an average of $22,346 for every time an identity is stolen. And to fully recuperate losses, repair credit and prosecute fraudsters, consumers, accountants, lawyers and IRS officials can spend up to 5,000 hours, the equivalent of two years of full-time work on a single case. Even so, 60% of medical record fraud victims admit that they don’t monitor their medical statements for inconsistencies.
Shocking!! Why not?
For one, most consumers don’t have time every month to file through complex medical or financial statements and check for accuracy. And secondly, the image of thousands of evil savants working around the clock to hack BOA databases sure makes a consumer feel helpless. Identity theft seems random and unpreventable–a stroke of bad luck like getting struck by lightning. If we are struck, we tell ourselves, banks, credit agencies and insurance companies are legally bound to recover our funds and correct our records.
Now lets check out a fascinating video in our Hidden Costs Series to get a deeper look at how our high-cost, high-risk data management systems really work.
Hidden Costs of Data Theft (Statistic At a Glance):-
Data theft includes financial identity theft, identity cloning, and medical identity theft. The average cost per victim was $22,346 in 2012. And the total national cost of just medical identity fraud was $41 billion in 2012. The worst part – nearly 60% of reported victims say they don’t ever check their medical records for fraud. Depending on the severity of the case, it can take over 5,000 hours (the equivalent of working a full-time job for two years) to correct the damage.
Since 1935, over 435 million social security cards have been issued. That’s over 2,175 tons of paper issued as cards, or 52,200 trees and 5 million new cards are issued every year.
Worldwide, digital warehouses storing private information, like banking and personal history, use about 30 billion watts of electricity, which equals roughly the output of 30 nuclear power plants. Data centers in the US make up almost a third of that usage, and waste 90% of the electricity they pull off the grid.
On average, 47% of victims encounter problems qualifying for a new loan and 70% have difficulty removing the negative information from their credit reports.
Over the next five years, the IRS stands to lose as much as $21 billion in revenue due to identity theft, and worldwide, businesses lose close to $221 billion a year with the US, UK, Canada and Australia ranking the highest in reported fraudulent activity.
After reading the above story carefully, many of you will feel insecure and panic. But I would like to inform you that the main purpose of sharing such important information, is to enhance carefulness, to rise cyber awareness. Many people became victim, not because of less knowledge, but of less information, less awareness. So from now onward before connecting your self into the digital world make sure that the significant & the emergent knowledge and information you have gathered from the article, should remain intact inside your brain. Trust me, if you became a bit cautious, you can easily get rid of all those cyber threats, and can enjoy the bless of technologies to make your life prosperous and happy.
So stay tuned with VOGH and also be canny, be attentive and be safe inside the digital world.
We the Team VOGH heartily thanks one of our invaluable reader and friend Emily Stewart of Insurance Quotes for the statistic and the awesome video. We love you Emily :)
3 Russian Cyber Criminal Who Was The Master Mind of Banking Trojan 'Gozi' Charged in New York
Yet again another serious issue of cyber crime get resolved when the FBI tracked and figured out the master mind of infamous 'Gozi banking Trojan' which effected more than millions of system world wide, including a handful at NASA, leading to tens of millions of dollars in lost banking funds and damages to computer systems and networks. Three alleged international cyber criminals from Russia, responsible for creating and distributing 'Gozi' that infected over one million computers and caused tens of millions of dollars in losses charged in Manhattan Federal Court. Mihai Ionut Paunescu aged 28, a Romanian, Deniss Calovskis, 27, a Latvian, and Nikita Vladimirovich Kuzmin, 25, of the Russian Federation, are charged with computer intrusion, conspiracy to commit bank and wire fraud and access device fraud. Federal authorities said the three were arrested last week; Kuzmin is being held in New York, while Paunescu is in custody in Romania and Calovskis in Latvia.
According to the press release of FBI -Deniss Calovskis, a/k/a “Miami,” a Latvian national who allegedly wrote some of the computer code that made the Gozi virus so effective, was arrested in Latvia in November 2012. Mihai Ionut Paunescu, a/k/a “Virus,” a Romanian national who allegedly ran a “bulletproof hosting” service that enabled cyber criminals to distribute the Gozi virus, the Zeus trojan, and other notorious malware and to conduct other sophisticated cyber crimes, was arrested in Romania in December 2012.
The cases are being handled by the Complex Frauds Unit of the United States Attorney’s Office. Assistant United States Attorneys Sarah Lai, Nicole Friedlander, and Thomas G.A. Brown, along with Trial Attorney Carol Sipperly of the Computer Crime and Intellectual Property Section of the Department of Justice on the Paunescu case, are in charge of the prosecution. The charges contained in the Indictments are merely accusations, and the defendants are presumed innocent unless and until proven guilty.
Defendant
Age and Residence
Charges
Maximum Penalty
Nikita Kuzmin
25; Moscow, Russia
Conspiracy to commit bank fraud; bank fraud; conspiracy to commit access device fraud; access device fraud; conspiracy to commit computer intrusion; computer intrusion
95 years in prison
Deniss Calovskis
27; Riga, Latvia
Conspiracy to commit bank fraud; conspiracy to commit access device fraud; conspiracy to commit computer intrusion; conspiracy to commit wire fraud; conspiracy to commit aggravated identity theft
67 years in prison
Mihai Ionut Paunescu
28; Bucharest, Romania
Conspiracy to commit computer intrusion; conspiracy to commit bank fraud; conspiracy to commit wire fraud
60 years in prison
Brief About Gozi:-
The Gozi virus is malicious computer code, or “malware,” that steals personal bank account information, including usernames and passwords, from the users of affected computers. It was named by private sector information security experts in the U.S. who, in 2007, discovered that previously unrecognized malware was stealing personal bank account information from computers across Europe on a vast scale, while remaining virtually undetectable in the computers it infected. To date, the Gozi virus has infected over one million victim computers worldwide, among them at least 40,000 computers in the U.S., including computers belonging to the National Aeronautics and Space Administration (NASA), as well as computers in Germany, Great Britain, Poland, France, Finland, Italy, Turkey, and elsewhere, and it has caused tens of millions of dollars in losses to the individuals, businesses, and government entities whose computers were infected.
The Gozi virus was distributed to victims’ computers in several different ways. In one method, the virus was disguised as an apparently benign .pdf document which, when opened, secretly installed the Gozi virus on the victim’s computer. Once installed, the Gozi virus—which was intentionally designed to be undetectable by anti-virus software—collected data from the infected computer in order to capture personal bank account information including usernames and passwords. That data was then transmitted to various computer servers controlled by the cyber criminals who used the Gozi virus. These cyber criminals then used the personal bank account information to transfer funds out of the victims’ bank accounts and ultimately into their own personal possession.
Help! I Think My Child Might Be a Cyberbully (Special Article)
Our society grows more and more connected. We have smart phones, computers, tablets, social media sites and other tools constantly creating new connections between people. This is generally a good thing, but there is a negative side to this enhanced communication—cyberbullying. Although bullying in the playground or classroom has been around since we started putting kids in schools, cyberbullying brings a new aspect to bullying. It is more difficult to stop because, in many cases, the bully is anonymous.
Cyberbullying Can Lead to Suicide
Cyberbullying is using the internet, cell phones or other devices to post pictures, text, videos or other information intended to hurt or embarrass another person. According to the National Crime Prevention Association, cyberbullying affects almost half of all American teens. Although many feel cyberbullying is not a big deal, the consequences can be severe. As evidenced by the amount of suicides—particularly of gay teens—in the last few years, cyberbullying can have a devastating effect on the victim and their family. Because of the nature of cyberbullying, it is difficult to tell if your child is involved—either as a victim or an aggressor.
Prevent Your Child From Becoming a Cyberbully
There are some simple ways to prevent your child from becoming a cyberbully. Be a model for them. Don’t use abusive language when referencing workmates, other parents or kids. Make sure the language you use around your child does not lead them to believe it is alright for them to use abusive language. Children look to their parents as guides for how to operate in the world. Make sure, as a guide, you're pleasant, kind and non-aggressive.
Keep an eye on your child’s social networking profile. See if they are getting involved in harassing other children. This could be a precursor to them becoming the primary bully themselves. If you do find evidence they are harassing others, do not let it stand. Talk to them about it. Explain the better, healthier ways to deal with their aggression or anger towards their friends and classmates. Make sure they understand that harassment is not an acceptable type of behavior. There are ways to assure your child's social network site can't be hacked.
Keep Your Child's Social Network From Being Hacked
Cyberbullying is not exclusive to hateful or aggressive comments or messages. Many kids have their social networking site hacked, and the hacker shares embarrassing information or posts things the actual user would not post. There is software to track the sites that have been accessed on your computer and that can help you to protect your child against identity theft. Utilize the tools available to make sure your child has not stolen another kid’s identity.
The best way to stop cyberbullying is to prevent your child from ever becoming one in the first place. Have open conversations about bullying and its effects on others. Show through example the best way to solve problems is not through threats and anger but through calm and reasoned action.
Teen Hacker "Cosmo the God" of Underground Nazi Sentenced 6 Yrs Internet Ban By California Court
A teenager hacker from an infamous hacker collective group named Underground Nazi faced Internet ban. On Wednesday the 15 years old hacker known as "Cosmo" or "Cosmo the God" was sentenced in juvenile court in Long Beach, California. According to sources, Cosmo pleaded guilty to multiple felonies in exchange for a probation, encompassing all the charges brought against him, which included charges based on credit card fraud, identity theft, bomb threats, and online impersonation.
This newly formed hacker group Underground Nazi had taken the spot light in January this year, when they hacked UFC.com (Ultimate Fighting Championship). Later they involved them selves in mass protest against controversial privacy act SOPA & PIPA. The protest was dubbed Operation Megaupload (#OpMegaupload), where hacktivist Anonymous along with hackers around the globe stand together against the take down of Megaupload.com. In the middle of 2012 Cosmo was also responsible for Twitter outage, where Cosmo along with few other UG Nazi members performed massive denial of service attack to interrupt the service of Twitter. Also it has been found that, Cosmo pioneered social-engineering techniques that allowed him to gain access to user accounts at Amazon, PayPal, and a slew of other companies. He was arrested in June during a part of a multi-state FBI sting.
Representatives from both the Long Beach district attorney and public defenders offices refused to comment on the case, given Cosmo’s status as a juvenile. However, according to Cosmo, the terms of the plea place him on probation until his 21st birthday. During that time, he cannot use the internet without prior consent from his parole officer. Nor will he be allowed to use the Internet in an unsupervised manner, or for any purposes other than education-related ones. He is required to hand over all of his account logins and passwords. He must disclose in writing any devices that he has access to that have the capability to connect to a network. He is prohibited from having contact with any members or associates of UG Nazi or Anonymous, along with a specified list of other individuals. He had to forfeit all the computers and other items seized in the raid on his home. Also, according to Cosmo, violating any of these terms will result in a three-year prison term. The probationary period lasting until age 21 is standard, but other terms were more surprising.
Hacker Steals 3.6 Million South Carolina Social Security Number & Also Exposed 387,000 Card Details
The year 2012 is going from bad to worse for the cyber space, as yet another big data breach happened which effected more than 4.7 million residents of South Carolina at risk of identity theft. Anyone who filed a South Carolina tax return in the past 14 years may have had their Social Security number stolen and has been urged by the state government to immediately enroll in consumer protection services. The U.S. Secret Service detected a security breach at the S.C. Department of Revenue on Oct. 10, but it took state officials 10 days to close the attacker’s access and another six days to inform the public that 3.6 million Social Security numbers had been compromised. The attack also exposed387,000 credit and debit card numbers. The stolen data included other information people file with their tax returns such as names and addresses. Businesses’ taxpayer identification numbers also potentially have been comprised in the attack that is being described as one of the nation’s largest against a state agency. The hacker began accessing the Department of Revenue’s computer system in August, but wasn’t noticed by the Secret Service until October, giving him about two months to gather the data in what is one of the largest computer breaches in the US. Most of the data had not been encrypted, meaning the hacker would not need a key to a secret code to read the stolen data. Revenue director James Etter said none of the Social Security numbers were encrypted and about 16,000 credit card numbers were not encrypted.
“The number of records breached requires an unprecedented, large-scale response by the Department of Revenue, the State of South Carolina and all our citizens,” South Carolina Gov. Nikki Haley said during a news conference. “We are taking immediate steps to protect the taxpayers of South Carolina, including providing one year of credit monitoring and identity protection to those affected.”
S.C. Inspector General Patrick Maley said nine agencies had been evaluated thus far, and some corrective action had been taken. There was no overarching security policy within state government, he said. No one at the Revenue Department or within the state’s information technology division has been disciplined over the latest attack.
While this case of hacking was the largest in US history, it wasn’t the first. On March 30, 2012, officials in Utah discovered that one of their health department servers had been hacked. That time also a large number of Social Security numbers were stolen from the server – including those of children. Here we would like to give you reminder that in the last few months we have been a slew of attacks against the following sites: Adobe, Guild Wars 2, Gamigo, Blizzard, Yahoo, LinkedIn, eHarmony, Formspring, Android Forums, Gamigo, Nvidia, BlizzardandPhilips. And after this breach Adobe also enlisted its name among those who was fallen victim to cyber criminals in this year. For all the latest on cyber security and hacking related stories; stay tuned with VOGH.
Hacker Stolen 300K Student Information From Florida College Computer
While fighting against the rising amount of cyber threats, the cyber security domain is getting stronger and developed everyday. But till today its not as up-to dated as it should be, and that is why every day the news of security breaches are being spotted in the wild. In the last few months we have been a slew of attacks against the following sites: Guild Wars 2, Gamigo, Blizzard, Yahoo, LinkedIn, eHarmony, Formspring, Android Forums, Gamigo, Nvidia, Blizzard, Philips and Adobe. And it was the turn for Florida Panhandle College. According to sources, a massive security breach hit the main system of Florida Panhandle college, which effected the records of more than 300,000 students, faculty & other employees. Education officials said that the computer hackers accessed confidential information of staff and students in a massive security breach. A breach that at first involved employees at Northwest Florida State College was much larger than suspected and now potentially involves student records from across the state, state and college officials said. The Department of Education said hackers stole 200,000 records including names, Social Security numbers and birth dates for any student statewide who was eligible for Florida’s popular Bright Futures scholarships for the 2005-06 and 2006-07 school years.
The hackers also stole more than 3,000 employee records, including some that contained confidential financial information. Some 76,000 records containing personal identification information from students who attended the college was also hacked. “We speculate this was a professional, coordinated attack by one or more hackers,” said Northwest Florida State College President, Ty Handy, in a memo that went out to employees in this week. According to Florida College System Chancellor Randy Hanna in a statement. “While some of the contact information is dated, we will be trying to reach every student whose records may have been captured.” Because of the scope of the breach, Federal Authorities have joined the local and state investigation that got under way last week, confirmed the authority.
The breach occurred sometime between late May and late September. College officials said in a news release that 50 employees to date have reported issues with identity theft, including the college president, faculty and staff. The information has been used to either obtain personal loans or to take out a Home Depot credit card.
A Tribute to The 10 Most Infamous Student Hackers of All Time
Since last two years, we the VOGH team has been covering all the latest cyber security updates. But today lets do some thing different. One of our frequent reader and fan Katina Solomon has requested us to share a fantastic article. Everyday VOGH draws headlines of hackers around the world and their activities. While trying to maintain speed with time, we usually forgot our past. Today we will take you into the past, where we will discuss about those heroes, who are always been ill treated by the society & the system while revamping those heroes into cyber-criminals or infamous hackers. Its our question to our humanity "Did the system has done justice with them??"
Hacking has always been inherently a young person’s game. The first usage of the word “hacker” was to describe pranksters meddling with the phones at MIT. Many hackers have cited boredom, a desire for change, or the thrill of going somewhere one is not supposed to go as their motivation for hacking, all of which could apply to scores of common activities on college campuses. While today’s hacking scene is dominated by large hacking groups like Anonymous and Masters of Deception, many of the greatest hacks ever have been pulled off by college, high school, and even middle school kids who rose to infamy armed only with a computer and the willingness to cross the bounds of legality.
Sven Jaschan:
In the words of one tech expert,
“His name will always be associated with some of the biggest viruses in
the history of the Internet.” The viruses: the Sasser and NetSky worms
that infected millions of computers and have caused millions of dollars
of damage since their release in 2004. The man behind the viruses proved
to be not even a man at all, legally. Seventeen-year-old hacker Sven
Jaschan, a student at a computer science school in Germany, claimed to
have created the viruses to become a hero by developing a program that
would eradicate the rampaging Mydoom and Bagle bugs. Instead he found
himself the subject of a $250,000 bounty courtesy of Microsoft, for which some of his classmates turned him in.
Jonathan James:
In 2000, at the age of 16, James, or “C0mrade” as he was known in
the hacker community, infamously became the first juvenile federally
sentenced for hacking. The targets of his notorious hack jobs were a
wing of the U.S. Department of Defense called the Defense Threat
Reduction Agency, NASA, and the Marshall Space Flight Center in
Huntsville, Ala. (By hacking the latter James gained the ability to
control the A/C in the International Space Station.) All of these were
pulled off “for fun” while James was still a student at Palmetto Senior
High in Miami. Unfortunately, the fun ran out when James was tied into a
massive identity theft investigation. Though insisting he was innocent, James took his own life, saying he had “no faith in the justice system.”
Michael Calce:
Yahoo. CNN. Ebay. Amazon. Dell.com. One by one in a matter of days,
these huge websites crashed at the hands of 15-year-old Canadian high
school student Michael Calce, aka “MafiaBoy.” Armed with a
denial-of-service program he called “Rivolta” that overloaded servers he
targeted, the young hacker wreaked $7.5 million in damages, according to court filings.
Calce was caught when he fell victim to a common ailment of teenage
boys: bragging. The cops were turned on to him when he began boasting in
chat rooms about being responsible for the attacks. On Sept. 12, 2001,
MafiaBoy was sentenced to a group facility for eight months on 56 counts
of cybercrime.
Kevin Mitnick:
Before performing hacks that prompted the U.S. Department of Justice
to declare him “the most wanted computer criminal in United States
history,” Kevin Mitnick had already made a name for himself as a hacker
in his school days, first at Monroe High School in LA and later at USC.
On a dare, Mitnick connived an opening into the computer system of
Digital Equipment Corporation, which some fellow hackers then used to steal proprietary source code
from the company before ratting on him. While still on probation for
that crime, Mitnick broke into the premises of Pacific Bell and had to
go on the run from police in the aftermath, during which time he hacked
dozens of systems, including those of IBM, Nokia, Motorola, and Fujitsu.
Tim Berners-Lee:
“Scandalous” is a synonym for “infamous,” and for this legendary
computer scientist, knight of the British Empire, and inventor of the
World Wide Web to have been a hacker in his school days is certainly a
juicy factoid. During his time at Oxford in the mid-’70s, Sir Tim was
banned from using university computers after he and a friend were caught
hacking their way into restricted digital areas. Luckily by that time
he already knew how to make his own computer out of a soldering iron, an old TV, and some spare parts. And also luckily for him, he will always be revered as the father of the Internet.
Neal Patrick and the 414s:
In the early ’80s, hacking was still a relatively foreign concept to
most Americans. Few recognized the enormous power hackers could hijack
with a few strokes on a keyboard, which explains why a young group of
hackers known as the 414s (after a Milwaukee area code) were virtual
celebrities after they hacked into the famous Los Alamos National
Laboratory, the Memorial Sloan-Kettering Cancer Center, and elsewhere.
While today hacking a lab where classified nuclear research is conducted
could earn you a one-way ticket to Guantanamo, the 17-year-old
ringleader and high school student Neal Patrick was on the cover of Newsweek. The group members got light sentences but prompted Congress to take a stronger role in cybercrime.
Robert T. Morris:
The first ever Internet worm, the Morris Worm derived its name from
Cornell grad student Robert Tappan Morris. In 1988, Morris released the
worm through MIT’s system to cover his tracks, which would seem to
contradict his claims that he meant no harm with it. But that’s exactly
what resulted: the worm spread out of control, infecting more than 6,000
computers connected to the ARPANET, the academic forerunner to the
World Wide Web. The damages reached as high as an estimated $10 million,
and Morris earned the ignominious distinction of being the first person
prosecuted under the Computer Fraud and Abuse Act. Morris got community
service but was apparently not considered too infamous to be offered
his current job as a professor at MIT.
George Hotz:
To some, George Hotz (aka “geohot,” aka “million75,” aka “mil”) is a
public menace, a threat to electronic businesses everywhere. To many,
Hotz is a hero. The high-schooler shot to fame/infamy in 2007 at the
tender age of 17 by giving the world its first hacked, or “jailbroken”
iPhone. He traded it for a new sports car and three new iPhones, and the
video of the hacking received millions of hits. Apple has had to
grudgingly come to terms with jailbreaking, seeing as the courts have declared it legal,
but Sony Corp. is definitely not OK with such tampering. When Hotz
hacked his PlayStation 3 and published the how-to on the web, the
company launched a vicious lawsuit against him. In turn, the hacker
group Anonymous launched an attack on Sony, stealing millions of users’
personal info.
Donncha O’Cearbhaill:
According to the FBI, this 19-year-old freshman at Trinity College
Dublin is one of the top five most wanted hackers in the world. Well, he
was; now that he’s been arrested he’s not really “wanted” anymore. The
Feds contend the young man is a VIP member of the Anonymous and LulzSec
hacking groups that have already been mentioned and whose targets have
included the FBI, the U.S. Senate, and Sony (in the Hotz backlash). It
seems “Palladium” (O’Cearbhaill) took the liberty of listening in on a
conference call between the FBI and several international police forces
who were discussing their investigations of the hacking groups. He could
be sentenced to up to 15 years in prison if convicted for that hack
alone.
Nicholas Allegra:
Just as George Hotz moved on from the Apple hacking game, Brown
University student Nicholas Allegra is also hanging up his jersey.
“Comex,” as he is known to millions of rooted iPhone fans, created the
simple-to-use Apple iOS jailbreaking program JailbreakMe in 2007 and has since released two newer versions of it. However, Comex seems to have gone over to the dark side, accepting an internship
with the very company whose products he became famous exploiting.
Still, Allegra’s hacking skills are so advanced (one author puts him
five years ahead of the authors of the infamous Stuxnet worm that
corrupted Iran’s nuclear facilities) and so many people availed
themselves of his talents, he will forever live in hacking infamy.
We want to dedicate the above post to the legendary hacker, who left us -Jonathan James aka “C0mrade”. Also the post is a tribute to all the so called 'infamous hackers'. You are our heroes and inspiration, you will always be there in our soul. Team VOGH salutes you......
Russian Hacker'Dmitry Zubakha' Arrested For DDoS Attacks on Amazon, eBay & Priceline
A twenty five years old hacker from Russia get arrested for allegedly perforimg two massive DDoS (Denial-of-Service) attacks on one of the most popular online shopping site Amazon.com and eBay in 2008. Dmitry Olegovich Zubakha also known as "Cyber bandit" in most of the hacker's underground community was indicted in 2011, but he was just arrested in Cyprus on Wednesday. The arrest of Zubakha took place under an international warrant and currently he is in custody pending extradition to the United States. According to the indictment unsealed on Thursday said- Zubakha, with the help of another Russian hacker planned and executed DDoS attacks against Amazon.com, eBay, and Priceline in the middle of 2008. Zubakha and his co-conspirator launched the attack with the help of a DDoS botnet to generate a large number of traffic which interrupts the normal service of those online shopping sites. According to a press release by the U.S. Department of Justice (DOJ), the attacks made it "difficult for Amazon customers to complete their business on line."
He has been charged by law enforcement for stealing more than 28,000credit cards in 2009 for that reason, Zubakha and his partner are also charged with aggravated identity theft for illegally using the credit card of at least one person. At present the charges in the indictment conspiracy, intentionally causing damage toa protected computer resulting in a loss of more than $5000, possession of more than 15 unauthorized access devices (credit card numbers), and aggravated identity theft are just allegations. Zubakha faces up to five years in prison for conspiracy, up to teh years in prison and a $250,000 fine for intentionally causing damage to a protected computer, up to ten years in prison and a $250,000 fine for possessing unauthorized access devices, and an additional two years in prison for aggravated identity theft.
Two Young Researchers Found Security Flaws in Microsoft Windows Live Which Could Lead Identity Theft
Recently two young security researchers of Morocco named Abdeljalil S'hit and Yasser Aboukir discovered a serious vulnerability in Microsoft's Windows Live service. The vulnerability has been reported to Microsoft, but unfortunately the software giant neither gave compastion nor did any comment about the said topic. In a report ZDNet said the vulnerability in question leveraged Cross-Site Scripting (XSS) to execute a malicious script.
More specifically, the two researchers managed to cause an error on the Windows Live login page (as you can see above), and once the victim clicked on the "Continue" button, their malicious script would be executed. XSS flaw means that an attacker could impersonate a Windows Live user by gaining full control of the victim's cookies. Combined with social engineering, this technique could be used to steal a victim's Windows Live identity with ease.
The last update we got from Microsoft is saying - "We quickly addressed the vulnerability in question to help keep customers protected and appreciate the researchers using Coordinated Vulnerability Disclosure to assist in us working toward a fix in a coordinated manner"
27 Years Old Hacker (Timothy Noirjean) From Washington Fined & Jailed For Hacking Several Facebook Accounts & Pages
Washington County district court judge sentenced Woodbury resident Timothy Noirjeanto 150 days in jail, five years on probation and more than $15,000 in fines.
27 year old Noirjean pleaded guilty to 13 counts of electronic identity theft. He was accused of posing as a Facebook friend to an Oakdale woman and hacking her information – and information belonging to her friends. Washington County Attorney Pete Orput said his prosecutors never budged from his assertion in 2011 that the case would not be plea-bargained. “I’m not willing to tell one or several (of the victims) that we dismissed one or several of the counts in return for guilty pleas for the others,” Orput said.
He said he was committed to getting convictions on the 13 counts – all felonies – due to the harm caused by Noirjean’s actions. After hacking the women’s information, Noirjean posted photos of several of the women on an adult website.
Orput said that while his office could prosecute Noirjean, it couldn’t legally make the website take down the photos. “That harm goes on forever,” he said.
Orput said Internet users must be critical when it comes to sharing information, adding that identity theft has emerged as perhaps the most common crime in Washington County. “This case illustrates the need to be very, very safe and vigilant online,” he said. “I hope people just won’t share passwords with anybody.”
According to a criminal complaint, the woman reported having a Facebook chat with someone she thought was a friend. When the woman logged off Facebook, then attempted to log back in, she learned her password had been changed.
After gaining access to her Facebook page, she found a link on her page that appeared to have been posted by the friend she had been chatting with earlier. That link led to a sexually explicit website that contained three of the woman’s photos and identified her by first and last name and city of residence. Those photos had been stored in her email account, according to the complaint.
The woman then realized that she had unwittingly disclosed account information to her chat correspondent, later identified as Noirjean. The friend Noirjean had been posing as also learned her account information had been hacked.
Police closed in on Noirjean using Internet records. In an interview with police, Noirjean admitted to hacking into or attempting to hack more than 100 accounts. More victims were discovered after a search of Noirjean’s computer.
As part of the sentence, Tenth District Court Judge Elizabeth Martin ordered Noirjean to pay $1,000 to each of the 13 victims. She also required him to pay more than $2,000 to two women to cover computer expenses.
LulZsec Hacker Jeremy Hammond Aka "Anarchaos" Might Have to face 10 Years Imprisonment
Federal prosecutors said four Irish and British men charged in a crackdown on the international hacking group Anonymous also helped breach the security analysis company Stratfor last year. Among them 27-year old Chicago hacker Jeremy Hammond had been formally charged with the Stratfor breach. Hammond, who is in custody in New York, was formally indicted on Wednesday for the first time, and has yet to be arraigned. His lawyer declined comment. Hammond's arrest was announced on March 6 along with charges against the four suspected"AntiSec" members, Donncha O'Cearrbhail and Darren Martyn of Ireland, and Jake Davis and Ryan Ackroyd of Britain.
In announcing the charges in March, U.S. authorities revealed that a leading hacker known online as "Sabu" was Hector Xavier Monsegur, and that he was arrested at his small apartment in a Manhattan housing complex last June and had been cooperating with the FBI ever since. U.S. authorities said all six men were top members of LulzSec, an offshoot of the loose-knit cyber-activist group Anonymous.
Wednesday's indictment also charged Hammond, known online as "Anarchaos," "tylerknowsthis" and also "crediblethreat," and Davis, known as "Topiary," with a June 2011 hack of the Arizona Department of Public Safety. The four Irish and British defendants are charged with three counts of conspiracy to commit computer hacking, which each carry a 10-year maximum prison term. Hammond is charged with two hacking conspiracy charges and one substantive hacking count. He also faces one count each of aggravated identity theft and conspiracy to access device fraud.
Facebook Application For iOS & Android Have Security Hole Which Allows Identity Theft
Facebook users again under risk. Recently a new security vulnerability found in Facbook application for iOS & Facebook application for Android. Researcher app developer Gareth Wright, who discovered the issue, said it comes down to Facebook’s native apps for the two platforms not encrypting your login credentials, meaning they can be easily swiped over a USB connection, or more likely, via malicious apps. Facebook has responded that this issue only applies to compromised or jailbroken devices. Means if you are using a jailbroken iOS device or a rooted Android device then your identity can easily be theft. Wright copied the hash and tested a few FQL queries. "Sure enough, I could pull back pretty much any information from my Facebook account. As of the 1st of May 2012 these tokens run out after 60 days but aside from that a simple .Net tool could easily snaffle this info and grab a fair whack of confirmed email addresses and marketing info.
“Not good, but then I had to wonder what the Facebook app stored. Popping into the Facebook application directory I quickly discovered a whole bunch of cached images and the com.Facebook.plist. “What was contained within was shocking. Not an access token but full oAuth key and secret in plain text. Surely though, these are encrypted or salted with the device ID. Worryingly, the expiry in the plist is set to 1 Jan 4001!"
“Facebook’s iOS and Android applications are only intended for use with the manufacture provided operating system, and access tokens are only vulnerable if they have modified their mobile OS (i.e. jailbroken iOS or modded Android) or have granted a malicious actor access to the physical device,” a Facebook spokesperson said in a statement. “We develop and test our application on an unmodified version of mobile operating systems and rely on the native protections as a foundation for development, deployment and security, all of which is compromised on a jailbroken device. As Apple states, ‘unauthorized modification of iOS could allow hackers to steal personal information … or introduce malware or viruses.’ To protect themselves we recommend all users abstain from modifying their mobile OS to prevent any application instability or security issues.”
As for the USB connection scenario, Facebook says there’s no way to fix this problem. Note that in this case it doesn’t matter if your device is jailbroken or not, because whoever is doing the deed has physical access to your phone or tablet.
The European Commission is Launching "European Cybercrime Centre" To Fight Against Cyber Threats
The rise of cyber-crime and cyber-crminals are on the high node. According to a statistic more than 1m people are victims of cybercrime across the globe each day. It says the cost of cybercrime could reach US$388bn worldwide. To fight against rising cyber-crime The European Commission is proposing to set up a European Cybercrime Centre in the Hague to focus on online fraud, e-crime and identity theft. As for the European Cybercrime Centre, the commission is proposing to set it up within the European Police Office, Europol in The Hague in The Netherlands. According to the official release of European Commission - The EU plans to tackle this with a new European Cybercrime Centre , which would warn EU countries of major threats and alert them to weaknesses in their online defences. It would also identify criminal networks and prominent offenders, and provide support during investigations. The centre will use information from the public domain, industry, the police and academia to assist cybercrime investigators, prosecutors and judges.
Anyone can be a victim of cybercrime – it includes:
Online identity theft
Computer fraud
Credit card scams
Sexual exploitation of children
Hijacking of web accounts
Attacks on public or private IT systems
And this type of crime is increasing. Around 600,000 Facebook accounts need blocking every day after hacking attempts. In Belgium alone, internet fraud rose from just over 4,000 cases in 2008 to over 7,000 in 2010. And in the UK, bank account takeovers shot up by 207% between 2008 and 2009. A crackdown on cybercrime will help to increase confidence in e-banking and online booking, and will save millions of euros – a 2011 study put the global cost of cybercrime at €85-291bn. Unfortunately, very few of the perpetrators are currently caught. The pan-EU nature of the centre would ensure that threats are passed on quickly to other EU countries. If someone in Lithuania reports that their bank account has been accessed illegally, it could be linked quickly to similar incidents anywhere from Greece to Ireland, allowing the centre to immediately alert all EU countries to the threat.
By 2011, nearly 73pc of European households had internet access at home.
In 2010, more than 36pc of EU citizens were banking online.
80pc of young Europeans connect through online social networks.
Circa US$8trn exchanges hands globally each year in e-commerce.
Credit card details can be sold between organised crime groups for as little as €1 per card, a counterfeited physical credit card for around €140 and bank credentials for as little as €60.
Up to 600,000 Facebook accounts are blocked every day, after hacking attempts.
The commission said the centre will fuse information from open sources, private industry, police and academia, as well as serving as a platform for European cybercrime investigators, where they can have a collective voice in discussions with the IT industry, private-sector companies, academia, users' associations and civil society organisations.
60 Years Imprisonment For Hacker Who Leaked Scarlett Johansson Nude Photo
A 35 year aged Florida man charged with hacking into the email accounts of celebrities including Scarlett Johansson and Mila Kunis is facing up to 60 years in prison after agreeing to plead guilty to the felony counts. Christopher Chaney, was taken into custody in October and charged with 25 counts of identity theft before being released on bail. He denied the accusations and entered a not guilty plea, but new documents filed in court on Thursday show Chaney is now set to confess to nine felonies, including unauthorized access to a computer and wiretapping for crimes committed between November, 2010 and his arrest. He is expected to officially change his plea to guilty in court on Monday. Few days ago famous singer Teyana Taylor twitter account get hacked and also few topless get exposed.
