Gangs behind 8-of-10 cyber crimes

Research from BAE Systems Detica and London Metropolitan University’s John Grieve Centre has found organised crime has entered a new era, with 80 per cent of all cybercrime now stemming from gangs.

The Organised Crime in the Digital Age report concluded that offline and online crime has converged, with criminal rings now viewing online as a fertile ground for exploitation. The move demonstrates a change in the nature of online criminality, showcasing how cybercrime has evolved from lone operators into one mainly perpetrated by organised digital crime groups.

The paper also challenges the assumption that cybercrime is an area dominated by the young, reporting that nearly half of digital crime group members are over 35 years old, whereas only around 30 per cent are under 25. “Organised criminal activity has now moved from being an emerging aspect of cybercrime to become a central feature of the digital crime landscape,” said Kenny McKenzie, head of law enforcement at BAE Systems Detica.

Many of the groups currently operating are newly created, with 25 per cent of all active cybercrime rings being less than six months old. The paper highlighted several different types of cyber gang, including: traditional cyber criminals; old-style crime families; street gangs; and extremist groups. The paper follows on from a number of reports, all showing a marked increase in the threat posed by cyber attacks.

From V3.co.uk, by Alastair Stevenson

Source: http://www.v3.co.uk/v3-uk/news/2164355/gangs-responsible-crimes

Android Bot Attacks Rooted Smartphones

Antivirus company NQ Mobile has discovered a variant of the DroidKungFu Android malware called DKFBootKit that targets users who have rooted their smartphones.

The malware piggybacks on apps that would otherwise ask for root privileges anyway – and, once the user has agreed, sets up camp deep in the smartphone’s boot sequence and replaces commands such as ifconfig and mount to help ensure it is started early in the boot sequence.

Since the bootkit itself doesn’t take advantage of any exploits, the security researchers say it is more difficult to catch.

From H Security

Source: http://www.h-online.com/security/news/item/Android-bot-attacks-rooted-smartphones-1499244.html

Facebook logins easily slurped from iOS, Android kit

Facebook’s iOS and Android clients do not encrypt users’ logon credentials, leaving them in a folder accessible to other apps or USB connections.

A rogue application, or 2 minutes with a USB connection, is all that is needed to steal the temporary credentials from either device. In the case of iOS, someone can even take the data from a backup, enabling the hacker to attach to a Facebook account and access applications.

This exploit comes from a reader of The Register, who came across the file and tested it to see if it was easy enough to pretend to be someone else. After developing a proof-of-concept, which lifted “several thousand” IDs, the reader deleted the collected data and reported the matter to Facebook.

It appears Facebook is already aware of the problem and working on a fix — though it will not say how long it is going to take or what users should do in the meantime.

From The Register, By Bill Ray

Source: http://www.theregister.co.uk/2012/04/03/facebook_security_weak_logon/

Beware Of Siberian Husky Puppy Scams

Internet security experts warn that an old email scam is hitting inboxes again, offering Siberian Husky puppies to anyone who promises to take good care of them.

Commtouch Café reports that the shady email advertises six puppies, three male and three female, all “registered from multi-championship bloodlines.” … The individual who wants the dogs must pay $140 (105 EUR) that’s allegedly needed for the ownership papers.

Those who respond to the email are requested to transfer the amount via Western Union which, of course, is a great way for the crooks to ensure that the money trail will never lead back to them. Individuals who fall for the scam never get any puppies and they can rest assured that the chances for the money to be recovered are close to none.

From SoftPedia, By Eduard Kovacs

Source: http://news.softpedia.com/news/Beware-of-Siberian-Husky-Puppy-Scams-262710.shtml

US Airways Spam Redirects To Blackhole, Zeus Infection

Cybercriminals are targeting US Airways customers with malicious spam emails containing a link that leads users to a domain hosting the Blackhole exploit kit.

The fraudulent email presents itself as a check-in notification. After a brief description of check-in procedures, there is a hyperlink that claims to lead to ‘online reservation details,’ but actually ends up taking victims to a page that infects them with the Zeus trojan.

According to Securelist’s Dmitry Tarakanov, the cybercriminals responsible are hopeful that someone receiving this email is flying somewhere sometime soon.

From Threat Post, by Brian Donohue

Source: http://threatpost.com/en_us/blogs/us-airways-spam-redirects-blackhole-zeus-infection-040312

DHS: utilities under daily cyberattacks

WASHINGTON, D.C. — America’s water and energy utilities face constant cyber-espionage and denial-of-service attacks against industrial-control systems, according to the team of specialists from the U.S. Department of Homeland Security who are called to investigate the worst cyber-related incidents at these utilities.

These ICS-based networks are used to control water, chemical and energy systems, and the emergency response team from DHS ICS-CERT, based at the DHS in Washington, D.C. will fly out to utilities across the country to investigate security incidents they learn about.

ICS-CERT typically doesn’t name the names of the utilities they try to assist, but this week they did provide a glimpse into how vulnerable America is. In a panel at the GovSec Conference, ICS-CERT’s leaders candidly presented a bleak assessment of why America’s utilities have a hard time maintaining security, and why it’s getting worse.

From CIO.com By Ellen Messmer

Source: http://www.cio.com/article/703491/DHS_America_s_Water_and_Power_Utilities_Under_Daily_Cyberattack

Cybercriminals target Google, LinkedIn and Mass Effect 3 users

During March, GFI Labs documented several spam attacks and malware-laden e-mail campaigns infiltrating users’ systems under the guise of communications purporting to be from well-known companies and promotions for popular products and services.

Google, LinkedIn, Skype, and the video game Mass Effect 3 were among the brands exploited by cybercriminals in order to attract more victims.

“Taking advantage of the notoriety of companies, celebrities and major events is a tactic cybercriminals continue to use because it works,” said a senior threat researcher at GFI Software. “They know that Internet users are bombarded with countless emails every day, and these scammers prey on our curiosity and our reflex-like tendency to click on links and open emails that look like they’re coming from a company we know and trust,” he added.

From Help Net

Source: http://www.net-security.org/malware_news.php?id=2055

Flashback Trojan Infects Over 600,000 Macs

Despite Apple releasing a patch for Java, the Flashback Trojan has infected 600,000 Macs, according to reports.

As a result, there are 600,000 Macs being remotely controlled by the growing Mac botnet, according to Russian antivirus company Dr. Web.

The majority of the botnet computers are located in the United States and Canada, according to Dr. Web. The company says: “This once again refutes claims by some experts that there are no cyber-threats to Mac OS X.”

According to Dr. Web, systems get infected with BackDoor.Flashback.39 after a user is redirected to a bogus site from a compromised resource or via a traffic distribution system. JavaScript code is used to load a Java applet containing an exploit.

From ComputerWorld UK, By Karen Haslam

Source: http://www.computerworlduk.com/news/security/3349425/flashback-trojan-infects-over-600000-macs/

New Android Malware Targets Non-Rooted Devices

A new customized variant of the Android malware called Legacy Native (LeNa) is now worming its way onto unrooted Android devices, posing as a legitimate app to gain unauthorized privileges.

In its reworked form, LeNa can connect to remote servers, transmit sensitive phone information, and drop more rigged software onto the phone – without any complicity from the end user.

LeNa disguises itself in fully functional copies of apps and hides its malicious payload in the string of code at the end of an otherwise genuine JPEG file. This rogue code exploits the GingerBreak vulnerability, a flaw that enables it to gain control of the phone and trick the victim into purchasing apps from illegitimate app stores.

The risks of downloading LeNa are not currently high; it has not been found in the Google Play market (formerly the Android App Market), and has only been spotted in unauthorized, third-party Chinese-language app markets.

From Security News Daily, by Matt Liebowitz

Source: http://www.securitynewsdaily.com/1692-android-malware-legacy-native.html]

Deadline Extended to May 18! Grant available to engage communities & neighborhoods using online technology

Background

The Online Boost Project was developed in response to what we learned from neighborhood organizations putting up web sites and using social media for their organizations.  We conducted an inventory (Seattle Communities Online assessment) and held discussions at Neighborhood District Council and community group meetings. We looked at the current capacity of neighborhood groups to do effective outreach online, maintain their content, foster online engagement and use city widgets and tools.

We are looking for up to 15 projects who will receive up to $1000 in matching funds and will also participate in workshops with experts in using social media. Our goal is to boost their capacity through a project that takes them 3 months or less to complete.   This program is administered by Community Technology Program of the City of Seattle Department of Information Technology (DoIT).

Program Goals

The Online Boost Project is designed to help community and neighborhood groups implement a short term project that will increase their ability to post and manage online content, and foster more diverse participation. In coordination with the Seattle Communities Online initiative, we are seeking opportunities to enhance:

  • Increased awareness of community issues;
  • Increased community participation in problem solving; and
  • Increased interaction with government.

Online Boost grantees will have access to:

  • Up to $1000 mini-grants for a quick, specific project to be completed within 3 months.
  • Workshop (required in order to receive funding) where participants would leave the workshop knowing what resources are out there, what their plan of action will be, and how to go about implementing.
  • Mentorship and networking opportunities

The deadline is Friday, May 18 at midnight. The application is submitted online and all interested groups must register ahead of time in order to access the application.  You can register at: http://webgrants.seattle.gov.  If you have already registered for another grant with the City, you can log in with your user ID and password and select “Funding Opportunities” and then “Online Boost Grant.”

For help and resources visit the Online Boost Project at http://www.seattle.gov/seattlecommunitiesonline/boost.htm.

For in-person help please contact:

Vicky Yuki, vicky.yuki@seattle.gov, by phone at 206-233-7877.