phishing

Overheard - Operation Phish Phry

“Criminally savvy groups recruit here and abroad to pool tactics and skills necessary to commit organized theft facilitated by the computer, including hacking, fraud and identity theft, with a common greed and shared willingness to victimize Americans.” FBI Los Angeles acting assistant director Keith Bolcar,  Operation Phish Phry: FBI Arrests 33 for Internet Scam

Today’s WhatIs.com Word of the Day is Operation Phish Phry.

Overheard - Baby botnet

I suspect that a sizable percentage of small botnets are those developed by people who understand or are operating inside a business as employees who want to gain remote access to corporate systems, or by criminal entities that have dug deep and gotten insider information on the environment…We’ve seen a growth in the number of sites that offer the sale of corporate documents that were extracted from the bots. Gunter Ollmann, as quoted in Up To 9 Percent Of Machines In An Enterprise Are Bot-Infected

Today’s WhatIs.com  Word of the Day is micro-botnet, also known as baby botnet.

Overheard - How a windshield becomes an attack vector

An enterprising group of criminals has been using a real-world scam in an effort to spread malware. The attacks reportedly began with a series of phony parking tickets issued in Grand Rapids, North Dakota. Individuals had the tickets placed under their windshields along with instructions to visit a website. Shaun Nichols, ‘Parking ticket’ scam brings malware infection

Of course, the website was a malware drop.  Lenny Zeltser (SANS Institute) explains how the scam worked. Later on, McAfee’s Avert Labs Blog identified the Trojan as Vundo.

Remember the good old days when phishing stayed on the Internet where it belonged?

Overheard: Botnets and online poker

There are myriad ways hackers can cash out once they have obtained stolen bank accounts or credit card details…One way is to find a partner and create two accounts on an online poker site, loading up one of the accounts with cash from a stolen card. The pair then enter a heads-up game and the cashed-up player purposely loses, making the other account rich. They then cash out and split the profits. Asher Moses, Inside the hackers’ den

Hunched over a computer terminal in his pyjamas, “Frank” makes more money than a small-time drug dealer without ever having to worry about being caught or even leaving the house.