Cybercrime

Cybercrime / Most Viewed

Software Security Hole Exposes Critical Utilities to Internet attack

Internet attackers could gain control of water treatment plants, natural gas pipelines and other critical utilities because of a vulnerability in the software that runs some of those facilities, security researchers reported Wednesday. Experts with Boston-based Core Security Technologies, who discovered the deficiency, said there's no evidence anyone else found or exploited the flaw. Citect Pty. Ltd., which makes the program called CitectSCADA, patched the hole last week, five months after Core Security first notified Citect of the problem. more

Researchers Find Flaw in Conficker Worm to Help Find Infected Computers

Just days before the Conficker worm is set to contact its controllers for new instructions, security researchers have discovered a flaw in the worm that makes it much easier for users to detect infected PCs. Tillmann Werner and Felix Leder, members of the Honeynet Project, an all-volunteer organization that monitors Internet threats, have discovered that Conficker-infected PCs return unusual errors when sent specially crafted Remote Procedure Call (RPC) messages, according to preliminary information they have posted on the Web. more

Investigation on Whether Cyber Criminals Avoid Infecting Local Citizens and Why

In a report on Washington Post's Security Fix, Brian Krebs writes: "Some of the most prolific and recognizable malware disbursed by Russian and East European cyber crime groups purposefully avoids infecting computers if the program detects the potential victim is a native resident. But evidence from the Conficker worm -- which by some estimates is infecting more than one million new PCs each day -- shows that trend may be shifting." Based on an analysis by Microsoft experts, the original version of the Downadup (also known as "Conficker") worm will not install if the malware detects the host system is configured with a Ukrainian keyboard layout. However, the latest variant has no such restriction. more

Small Businesses in Denial about Threat Posed by Cyberattacks

Small- and medium-sized businesses are in denial about the threat posed by cyberattacks, security software firm McAfee concluded in a study published this week. While most small- and medium-sized companies believe that they operate under cybercriminals' radar, the study found that one-in-five firms have been attacked. The survey -- which polled 500 companies with 1,000 employees or less -- found that for every eight firms, only ten employees were dedicated to managing the businesses' information-technology systems. more

Cybersecurity Groups Start New Initiative to Combat Malware

Three of the world's leading cybersecurity groups today launched a new initiative to combat malicious software (malware) by establishing a "Chain of Trust" among all organizations and individuals that play a role in securing the Internet. Developed by the Anti-Spyware Coalition (ASC), National Cyber Security Alliance (NCSA) and StopBadware.org, the Chain of Trust Initiative will link together security vendors, researchers, government agencies, Internet companies, network providers, advocacy and education groups in a systemic effort to stem the rising tide of malware. more

Hacker Sentenced to 30 Years in Prison in Turkish Court

A Turkish court has sentenced a hacker to 30 years in prison for his role in the theft of 45 million identities from credit card transactions by nine US retailers including TJX. Ukrainian Maksym Yastremskiy was among 11 people charged by US authorities in August 2008 in connection with the biggest identity theft to date. more

Longevity of Phishing Websites Dropped by 25% Since Last Year, Study Finds

A new phishing survey released by the Anti-Phishing Work Group (APWG) reveals that the longevity of phishing Web sites dropped by 25 percent over the last year. The survey has also revealed that a single criminal syndicate dubbed "Avalanche" was responsible for nearly one quarter of all phishing attacks in the first half of 2009. Indications are that the gang is continuing to claim a larger proportion of all detected phishing attacks. more

Romanian Authorities Arrest Over 20 Cybercrime Suspects

Authorities have arrested more than 20 people in Romania who are suspected of running online fraud schemes, according to media reports. The Tuesday arrests were confirmed by the U.S. Federal Bureau of Investigation (FBI), which has been working with Romanian officials on cybercrime in recent months. The FBI would say only that the agency is aware of the arrests and because "this is an ongoing matter, we will have no further comment at this time." The losses caused by the cybercrime ring is estimated to reach millions of euros. more

An Arms Race: The Struggle Between Security Firms and Cybercriminals

Any improvement in the way computers spot malicious software is matched by a change in tactics by the criminals that undermines that better protection. One particular tactic that has proved successful for the criminals is the pumping out of ever more copies and variants of their malware. The numbers of malware samples received by the security companies tells this story all by itself. more