14 DAY TRIAL // In case you haven’t been online much over the past week and you want to catch up on the interesting stories you might have missed, check out our security brief.
One of the most interesting stories is about something known as “Sharking.” Sharking attacks are similar to Whaling attacks, but they target poker players instead of business managers.
A perfect example came to light after Jens Kyllönen, a professional poker player from Finland, took his laptop to F-Secure for forensic investigation. Experts found a RAT designed to spy on him in order to give his poker opponents an edge.
ZeuS is currently probably the most notorious piece of banking malware. The threat is very efficient as it is, but cybercriminals keep improving it. This week, Kaspersky experts have revealed spotting a 64-bit version of the threat that’s capable of communicating over the TOR anonymity network.
Another interesting story is the one of hackers from TeamBerserk, who have recently returned to the hacking scene. They’ve launched two separate, but connected, operations: Project Mayhem and OpBerserkChristmas.
The first one targets the online assets of government officials and employees, politicians and corporations. The hackers are using their targets’ credit cards to order them adult toys and other “naughty gifts.”
As part of OpBerserkChristmas, TeamBerserk is using the same credit card details to donate useful items to children’s centers and homeless shelters from all over the world. The personal details of a number of people have been leaked online so far.
Another noteworthy hacking story is the one in which the Syrian Electronic Army targeted Matthew VanDyke, an American filmmaker who recently released a documentary on Syria. The hackers say they’ve leaked his entire private correspondence.
As far as vulnerabilities are concerned, Microsoft has patched a security hole that could have been leveraged to hijack an organization’s SharePoint Online site, and Google has finally patched the Flash SMS DOS issue that impacted Nexus devices. eBay has also fixed a critical remote code execution vulnerability on one of its domains.
When it comes to cybercrime-related stories, we’ve had a lot of them. Authorities have been very busy arresting and convicting people accused of committing cybercrimes.
For instance, a California man was sentenced to 5 years in prison for hacking into the online accounts of 350 women and blackmailing them, a 21-year-old from Britain has admitted stealing the virtual goods of RuneScape players in order to pay off his gambling debt, and a 45-year-old from Missouri has admitted taking part in a massive scheme involving ID theft and computer hacking.
Also in this section, it turns out that one of the two people arrested by German police last week is the author of the Skynet botnet. 23 people have been charged for taking part in a counterfeit credit card scheme – two of them are still at large.
In the United Kingdom, a Nigerian national has been sentenced to 45 months in prison for his role in a phishing scheme that targeted the bank accounts of students. Also in the UK, four people have been arrested for using malware to steal money from banks.
A man from the US who wanted to become a doctor should have considered a career in IT security. He was sentenced to prison after trying to hack into the systems of the Association of American Medical Colleges to change his admission test scores.
US authorities have finally managed to sentence Roman Vega, an Ukrainian who co-founded the cybercrime website CarderPlanet. He has been sentenced to 18 years, of which he has already served 10.
Finally, Andrew James Miller, who admitted hacking and selling access to the systems of US government organizations, has been sentenced to 18 months in prison. He asked to be sentenced to time served, but the judge said even the 18-month sentence seems “too low.”
Here are some other interesting stories worth reading in case you’ve missed them:
Chinese hackers target five European governments just before the G20 Summit
Manchester United’s Twitter account was hacked. #MoyesOut
Nigeria’s Ministry of Finance hacked by Moroccan Ghosts
Romanian telecoms firm AdNet Telecom allegedly hacked again
Safari users beware! Your passwords can be easily stolen by hackers