Tag Archives: fraud

[ISN] Hacking Team orchestrated brazen BGP hack to hijack IPs it didn’t own

http://arstechnica.com/security/2015/07/hacking-team-orchestrated-brazen-bgp-hack-to-hijack-ips-it-didnt-own/ By Dan Goodin Ars Technica July 12, 2015 Spyware service provider Hacking Team orchestrated the hijacking of IP addresses it didn’t own to help Italian police regain control over several computers that were being monitored in an investigation, e-sent among company employees showed. Over a six day period in August 2013, Italian Web host Aruba S.p.A. fraudulently announced its ownership of 256 IP addresses into the global routing system known as border gateway protocol, the messages document. Aruba’s move came under the direction of Hacking Team and the Special Operations Group of the Italian National Military Police, which was using Hacking Team’s Remote Control System malware to monitor the computers of unidentified targets. The hijacking came after the IP addresses became unreachable under its rightful owner Santrex, the “bullet-proof” Web hosting provider that catered to criminals and went out of business in October 2013, according to KrebsOnSecurity. It’s not clear from the e-mails, but they appear to suggest Hacking Team and the Italian police were also relying on Santrex. The emails were included in some 400 gigabytes of proprietary data taken during last weekend’s breach of Hacking Team and then made public on the Internet. With the sudden loss of the block of IP addresses, Italy’s Special Operations Group was unable to communicate with several computers that were infected with the Hacking Team malware. The e-mails show Hacking Team support workers discussing how the law enforcement agency could regain control. Eventually, Italian police worked with Aruba to get the block—which was known as 46.166.163.0/24 in Internet routing parlance—announced in the BGP system as belonging to Aruba. It’s the first known case of an ISP fraudulently announcing another provider’s address space, said Doug Madory, director of Internet analysis at Dyn Research, which performs research on Internet performance. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Credit Card Breach at a Zoo Near You

http://krebsonsecurity.com/2015/07/credit-card-breach-at-a-zoo-near-you/ By Brian Krebs Krebs on Security July 9, 2015 Service Systems Associates, a company that serves gift shops and eateries at zoos and cultural centers across the United States, has acknowledged a breach of its credit and debit card processing systems. Several banking industry sources told KrebsOnSecurity they have detected a pattern of fraud on cards that were all used at zoo gift shops operated by Denver-basd SSA. On Wednesday morning, CBS Detroit moved a story citing zoo officials there saying the SSA was investigating a breach involving point-of-sale malware. Contacted about the findings, SSA confirmed that it was the victim of a data security breach. “The violation occurred in the point of sale systems located in the gift shops of several of our clients,” the company said in a written statement. “This means that if a guest used a credit or debit card in the gift shop at one of our partner facilities between March 23 and June 25, 2015, the information on that card may have been compromised.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] EFCC arraigns two for hacking into bank’s internet network

http://nationalmirroronline.net/new/efcc-arraigns-two-for-hacking-into-banks-internet-network/ By Matthew Irinoye National Mirror June 25, 2015 The Economic and Financial Crimes Commission, EFCC yesterday arraigned two men for allegedly attempting to hack into the internet network of Enterprise Bank Plc. The suspects include Ola Lawal, Abass Ajide while the third person Olumide Kayode was said to be at large. The defendants who were arraigned before Justice Lateef Lawal-Akapo, on a four count charge offence bordering on conspiracy to defraud, felony, stealing and forgery pleaded not guilty to the four count charge. EFCC counsel, Mr. Seidu Atteh, said that the suspects conspired to defraud Enterprise Bank and hacked into the bank’s network with their laptop computer, router model and grabber/ key logger to obtain the password of key operations staff through the Central Processing Unit (CPU). He said the defendants aimed to access the network of the bank without authority to conduct fraudulent transactions. Atteh alleged that the defendants wanted to access the CPU to conduct fraudulent transactions and transfer unauthorised money into other accounts. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] U.S. Suspects Hackers in China Breached About 4 Million People’s Records, Officials Say

http://www.wsj.com/articles/u-s-suspects-hackers-in-china-behind-government-data-breach-sources-say-1433451888 By DEVLIN BARRETT, DANNY YADRON and DAMIAN PALETTA The Wall Street Journal June 4, 2015 U.S. officials suspect that hackers in China stole the personal records of as many as four million people in one of the most far-reaching breaches of government computers. The Federal Bureau of Investigation is probing the breach, detected in April at the Office of Personnel Management. The agency essentially functions as the federal government’s human resources department, managing background checks, pension payments and job training across dozens of federal agencies. Investigators suspect that hackers based in China are responsible for the attack, though the probe is continuing, according to people familiar with the matter. On Thursday, several U.S. officials described the breach as among the largest known thefts of government data in history. It isn’t clear exactly what was stolen in the hack attack, but officials said the information can be used to facilitate identity theft or fraud. The Department of Homeland Security said it “concluded at the beginning of May” that the records had been taken. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] PCI council gives up, dumbs down PCI DSS for small business

http://www.theregister.co.uk/2015/05/22/pci_council_drafts_small_biz_security_militia/ By Darren Pauli The Register 22 May 2015 The Payment Card Industry Security Standards Council has created a taskforce charged with improving security among small businesses. The prodigious task will be tackled by encouraging small businesses to adopt security best practice and simplified Payment Card Industry Data Security Standards (PCI DSS). Barclaycard payment security manager and taskforce chair Phil Jones says the Small Merchant Taskforce will focus on the most vulnerable business vertical. “Though incidents of fraud are low, it’s small merchants that are particularly vulnerable to attack from hackers,” Jones says. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Foiling Pump Skimmers With GPS

http://krebsonsecurity.com/2015/05/foiling-pump-skimmers-with-gps/ By Brian Krebs Krebs on Security May 4, 2015 Credit and debit card skimmers secretly attached to gas pumps are an increasingly common scourge throughout the United States. But the tables can be turned when these fraud devices are discovered, as evidenced by one California police department that has eschewed costly and time-consuming stakeouts in favor of affixing GPS tracking devices to the skimmers and then waiting for thieves to come collect their bounty. One morning last year the Redlands, Calif. police department received a call about a skimming device that was found attached to a local gas pump. This wasn’t the first call of the day about such a discovery, but Redlands police didn’t exactly have time to stake out the compromised pumps. Instead, they attached a specially-made GPS tracking device to the pump skimmer. At around 5 a.m. the next morning, a computer screen at the Redlands PD indicated that the compromised skimming device was on the move. The GPS device that the cops had hidden inside the skimmer was beaconing its location every six seconds, and the police were quickly able to determine that the skimmer was heading down a highway adjacent to the gas station and traveling at more than 50 MPH. Using handheld radios to pinpoint the exact location of the tracker, the police were able to locate the suspects, who were caught with several other devices implicating them in an organized crime ring. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] More Uber Accounts Have Been Hacked, This Time in the United States

http://motherboard.vice.com/en_uk/read/more-uber-accounts-have-been-hacked-this-time-in-the-united-states By Joseph Cox Motherboard.Vice.com May 2, 2015 UPDATE: An Uber spokesperson responds, “We do not have any additional information to share beyond the statement we provided before: We investigated and found no evidence of a breach. Attempting to fraudulently access or sell accounts is illegal and we notified the authorities about this report. This is a good opportunity to remind people to use strong and unique usernames and passwords and to avoid reusing the same credentials across multiple sites and services.” Back in March, Motherboard revealed that fully functioning Uber accounts were for sale on the dark web for as cheap as $1 each. At the time, it appeared that the victims of those hacks were based in the United Kingdom. Now, Uber customers from all over the United States have taken to Twitter to complain that their account has been charged for trips they never took, sometimes half way across the world. “It was crazy,” one apparent victim, Stephanie Crisco from North Carolina, told me over Twitter direct message. “I used Uber for the first time Thursday night. On Friday morning I received a notification on my phone that my driver was en route. I didn’t request a driver. I clicked on the notification and it said that the ride was cancelled but the pickup was in London.” Crisco also tweeted a picture of the trips she claims she didn’t make. While many of the trips in the screenshot were cancelled, one of them in London was indeed successful, and Crisco told me that three charges were made against her account in total. Crisco has since cancelled her bank card, and Uber have refunded her for the three charges, which range between $40 and $120 each. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Harbortouch is Latest POS Vendor Breach

http://krebsonsecurity.com/2015/05/harbortouch-is-latest-pos-vendor-breach/ By Brian Krebs Krebs on Security May 1, 2015 Last week, Allentown, Pa. based point-of-sale (POS) maker Harbortouch disclosed that a breach involving “a small number” of its restaurant and bar customers were impacted by malicious software that allowed thieves to siphon customer card data from affected merchants. KrebsOnSecurity has recently heard from a major U.S. card issuer that says the company is radically downplaying the scope of the breach, and that the compromise appears to have impacted more than 4,200 Harbortouch customers nationwide. In the weeks leading up to the Harbortouch disclosure, many sources in the financial industry speculated that there was possibly a breach at a credit card processing company. This suspicion usually arises whenever banks start feeling a great deal of card fraud pain that they can’t easily trace back to one specific merchant (for more on why POS vendor breaches are difficult to pin down, check out this post. Some banks were so anxious about the unexplained fraud spikes as stolen cards were used to buy goods at big box stores that they instituted dramatic changes to the way they processed debit card transactions. Glastonbury, Ct. based United Bank recently included a red-backgrounded notice conspicuously at the top of their home page stating: “In an effort to protect our customers after learning of a spike in fraudulent transactions in grocery stores as well as similar stores such as WalMart and Target, we have instituted a block in which customers will now be required to select ‘Debit’ and enter their ‘PIN’ for transactions at these stores when using their United Bank debit card.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail