Cybercrime

Newly IDed 'MiniFlame' malware targets individuals for attack

A new form of state-sponsored malware is making the rounds, this one apparently designed specifically to spy on its victims.

Dubbed "MiniFlame" by Kapersky Lab, but also known as SPE, the new malware variant is similar to the Flame virus that targeted computers in the Middle East this past summer. But MiniFlame is a cyber espionage program that can take over where Flame leaves off.

As described by Kaspersky:

First, Flame or Gauss are used to infect as many victims as possible to collect large quantities of information. After data is collected and reviewed, a potentially interesting victim … Read more

Ransomware resurrects the SOPA specter

SOPA. The dearly beloved antipiracy bill was quashed before it reared its ugly head and became signed into U.S. law. It only took months of worldwide protests, tech media outrage, site blackouts and the occasional satirical video or two.

A huge sigh of relief spread through the technology community when the bill was discarded -- at least for the moment. However, enterprising virus developers have piggybacked on the fear that copyright infringement and court cases produce for the general public -- using the recognizable SOPA branding to lure victims into parting with their hard-earned cash. 

The so-called SOPA … Read more

Symantec: Russian criminals sell Web 'proxy' with backdoors

A black hat Russian operation has served malware to hundreds of thousands of users a year who thought they were signing up for a paid proxy service, Symantec said today.

The security company said in a blog post that it has linked the malware to a cluster of Russian Web sites -- including one called Proxybox.name -- that claim to provide proxy access, VPN services, and antivirus scanning. Proxybox.name requires users to download what it calls "functional, simple, and convenient" proxy software.

Vikram Thakur, principal manager at Symantec Security Response, told CNET this afternoon that:

What … Read more

Middle East cyberattacks on Google users increasing

Here we go again.

Three months after it first began warning users of state-sponsored cyber attacks, Google is saying that the assault has only intensified.

The New York Times reports that since it began warning users of state-sponsored attacks, "it has picked up thousands more instances of cyberattacks than it anticipated." Many of the attacks appear to be originating in the Middle East.

Starting on Tuesday, the company began inserting a message at the top of affected users' Gmail inboxes: "Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer.

The attacks affect … Read more

Regulators shut down global PC 'tech support' scam

Regulators from five countries joined together in an operation to crack down on a series of companies they say orchestrated one of the most widespread Internet scams of the decade.

The U.S. Federal Trade Commission (FTC) and other international regulatory authorities today said they shut down a global criminal network that allegedly bilked tens of thousands of consumers by pretending to be tech support providers.

FTC Chairman Jon Leibowitz, speaking during a press conference with a Microsoft executive and regulators from Australia and Canada, said 14 companies and 17 individuals were targeted in the investigation. In the course of … Read more

White House confirms 'spearphishing' intrusion

The White House has confirmed that one of its internal computer networks -- reportedly a military office in charge of the president's communications -- has been targeted in a successful "spearphishing" attack.

An article yesterday published by the conservative FreeBeacon.com Web site said that hackers with ties to China's government had recently breached an unclassified "system used by the White House Military Office for nuclear commands," including the so-called nuclear football.

Spearphishing means an attacker is targeting a specific person or group, typically by sending fake e-mail that masquerades as legitimate correspondence.

The … Read more

Cyberspying effort drops 'Mirage' on energy firms

Researchers have uncovered a new cyberespionage campaign being waged on a large Philippine oil company, a Taiwanese military organization and a Canadian energy firm, as well as targets in Brazil, Israel, Egypt and Nigeria.

The malware being used is called "Mirage" and it leaves a backdoor on the computer that waits for instructions from the attacker, said Silas Cutler, a security researcher at Dell SecureWorks' Counter Threat Unit (CTU).

Victims are carefully targeted with so-called "spear-phishing" e-mails with attachments that are "droppers" designed to look and behave like PDF documents. However, they are actually … Read more

Two men plead guilty to hacking Subway stores

Two Romanian men pled guilty to working with others to hack into point-of-sale terminals at hundreds of Subway stores in the U.S. to steal credit card data from more than 146,000 accounts between 2009 and 2011, federal prosecutors said.

Iulian Dolan, 28, and Cezar Iulian Butu, 27, entered guilty pleas Monday in federal court to one count of conspiracy to commit computer fraud, the Department of Justice said in a statement.

Dolan also pleaded guilty to two counts of conspiracy to commit credit card fraud and has agreed to spend seven years in prison. He admitted helping the … Read more

Pirate Bay's Warg, back in Sweden, busted on hacking charges

Swedish police arrested Gottfried Svartholm Warg today as soon as he stepped off the plane from Cambodia.

Warg, one of the founders of The Pirate Bay, one of the best known file-sharing services on the Web, is accused of hacking into the servers of a company that supplies IT services for some of Sweden's tax services and making off with records belonging to thousands of people, according to Swedish news publication Aftonbladet.

Up until late last week, it was believed that Warg had been detained by police in Cambodia because of his conviction in Sweden on copyright charges. In … Read more