- Email: [email protected]
Romanian bank fraudsters smashed
NEWS
IT worker charged with harvesting bots to commit ID theft
A
zombie master pleaded guilty to using armies of bots to steal the identities of people in the US.
Jonathan Schiefer, 26, from Los Angeles, extracted information from peoples’ computers and wiretapped their communications. It is the first case of its kind where a person has been charged with harvesting bot computers. Schiefer and co-conspirators used malignant code to harvest armies of up to 250 000 computers to steal identities. He worked at 3G Communications while the fraud was ongoing between 2005 and early 2006. Schiefer is also accused of hacking into the computers to defraud a Dutch advertising company. As victims were unaware that their computers were under control, they continued to conduct transactions. Schiefer used malware – which he called spybot – to intercept electronic communications being sent over the Internet from the zombie PCs to www.paypal. com and other websites. Schiefer and his accomplices, who have not been identified, then sifted through data to find usernames and passwords. The gang then accessed bank accounts with the usernames and passwords and bought goods. Another scheme saw Schiefer installing malware on zombie computers running Microsoft operating systems, which caused them to disgorge user names and passwords from secure area – Pstore. The computers then sent the account access data to computers controlled by the gang. Again Schiefer used the information to access bank accounts. He also signed up as a consultant with a Dutch Internet advertising company to install the company’s programs on computers whose users granted permission. Schiefer and two co-schemers installed the program on approximately 150 000 computers that they infected with malware without permission. To avoid detection by the advertising company, Schiefer instructed his associates to moderate the number of installations so it appeared that 4
Computer Fraud & Security
the installations were legitimate and not the result of a malicious computer program that was propagating itself. Schiefer was ultimately paid more than US$19 000 by the advertising company. He could receive a maximum fine of 60 years and a fine of US$1.75 million. Website: www.cybercrime.gov
Romanian bank fraudsters smashed
P
olice have smashed an organised cybercrime gang operating in Romania.
Nine members of the 22-strong group have been arrested. Massive fraudulent transactions using stolen credits on the Western Union system in Romania came to light in March 2007. In April, a bank reported that it had suffered phishing attacks which investigators tied to the gang. The suspects have been charged with producing and maintaining equipment used to counterfeit electronic payment instruments. Electronic monitoring and physical surveillance of the gang showed it had advanced computer knowledge. Its activities include: • Use of specialised software for phishing attacks against banks abroad. • Collection of identification data from electronic payment instruments (names of holders, credit cards, pin code, etc.) Fraudulent use of data and creation of cloned credit cards. Financial transfers via the Western Union payment system and physical withdrawals from ATMs. • Collection of identification data from credit cards through skimming. On November 13, 21 simultaneous searches were performed at locations in Bucharest and Constanta, Romania, resulting in the identification of computer systems used to commit the crimes, electronic equipment, false ATM faces, card reading and writing devices, blank cards, etc. Losses estimated so far by police run to about US$130 000. The dismantling of the organised crime network was the result of close cooperation with the US Department of Justice and FBI through its Legal Attache in Bucharest, together with police officers of the General
Directorate for Combating Organised Crime and the Constanta Brigade for Combating Organised Crime, supported by the fighters of Romanian Gendarmerie. Website: www.cybercrime.gov
China presents serious cyber attack: US review commission
A
US Government review has warned that China is likely planning cyber attacks against the US.
The US China Economic and Security Review Commission says the attacks could target US regional bases in Japan and South Korea. Electronic attacks on the US financial, economic, energy and communications infrastructure are also possible. The commission believes the tactics may be used if the US intervenes in a possible war between China and Taiwan. According to the testimony of LTC (Ret.) Cortez Cooper of Science Applications International Corporation, China’s weapons acquisitions and training are guided by an overall strategy of preparation to win “informationised wars” – or wars that are heavily reliant on computers and information systems. China’s preparation for war is described as “a serious form of irregular warfare preparation.” And the report says it believes China is adopting such diverse methods because it couldn’t contend with the US in a traditional force-on-force match up. Website: www.uscc.gov/annual_ report/2007/annual_report_07.pdf
UK Foreign Office exposed data of visa applicants
T
he Foreign and Commonwealth Office (FCO) has breached the Data Protection Act (DPA) after its website showed the personal data of 50 000 people applying for visas.
The Information Commissioner’s Office (ICO) found the FCO had breached the DPA after investigating its online applications for UK visas. It was alerted to the breach on the VFS online visa application facility in May.
December 2007
IT worker charged with harvesting bots to commit ID theft
A
zombie master pleaded guilty to using armies of bots to steal the identities of people in the US.
Jonathan Schiefer, 26, from Los Angeles, extracted information from peoples’ computers and wiretapped their communications. It is the first case of its kind where a person has been charged with harvesting bot computers. Schiefer and co-conspirators used malignant code to harvest armies of up to 250 000 computers to steal identities. He worked at 3G Communications while the fraud was ongoing between 2005 and early 2006. Schiefer is also accused of hacking into the computers to defraud a Dutch advertising company. As victims were unaware that their computers were under control, they continued to conduct transactions. Schiefer used malware – which he called spybot – to intercept electronic communications being sent over the Internet from the zombie PCs to www.paypal. com and other websites. Schiefer and his accomplices, who have not been identified, then sifted through data to find usernames and passwords. The gang then accessed bank accounts with the usernames and passwords and bought goods. Another scheme saw Schiefer installing malware on zombie computers running Microsoft operating systems, which caused them to disgorge user names and passwords from secure area – Pstore. The computers then sent the account access data to computers controlled by the gang. Again Schiefer used the information to access bank accounts. He also signed up as a consultant with a Dutch Internet advertising company to install the company’s programs on computers whose users granted permission. Schiefer and two co-schemers installed the program on approximately 150 000 computers that they infected with malware without permission. To avoid detection by the advertising company, Schiefer instructed his associates to moderate the number of installations so it appeared that 4
Computer Fraud & Security
the installations were legitimate and not the result of a malicious computer program that was propagating itself. Schiefer was ultimately paid more than US$19 000 by the advertising company. He could receive a maximum fine of 60 years and a fine of US$1.75 million. Website: www.cybercrime.gov
Romanian bank fraudsters smashed
P
olice have smashed an organised cybercrime gang operating in Romania.
Nine members of the 22-strong group have been arrested. Massive fraudulent transactions using stolen credits on the Western Union system in Romania came to light in March 2007. In April, a bank reported that it had suffered phishing attacks which investigators tied to the gang. The suspects have been charged with producing and maintaining equipment used to counterfeit electronic payment instruments. Electronic monitoring and physical surveillance of the gang showed it had advanced computer knowledge. Its activities include: • Use of specialised software for phishing attacks against banks abroad. • Collection of identification data from electronic payment instruments (names of holders, credit cards, pin code, etc.) Fraudulent use of data and creation of cloned credit cards. Financial transfers via the Western Union payment system and physical withdrawals from ATMs. • Collection of identification data from credit cards through skimming. On November 13, 21 simultaneous searches were performed at locations in Bucharest and Constanta, Romania, resulting in the identification of computer systems used to commit the crimes, electronic equipment, false ATM faces, card reading and writing devices, blank cards, etc. Losses estimated so far by police run to about US$130 000. The dismantling of the organised crime network was the result of close cooperation with the US Department of Justice and FBI through its Legal Attache in Bucharest, together with police officers of the General
Directorate for Combating Organised Crime and the Constanta Brigade for Combating Organised Crime, supported by the fighters of Romanian Gendarmerie. Website: www.cybercrime.gov
China presents serious cyber attack: US review commission
A
US Government review has warned that China is likely planning cyber attacks against the US.
The US China Economic and Security Review Commission says the attacks could target US regional bases in Japan and South Korea. Electronic attacks on the US financial, economic, energy and communications infrastructure are also possible. The commission believes the tactics may be used if the US intervenes in a possible war between China and Taiwan. According to the testimony of LTC (Ret.) Cortez Cooper of Science Applications International Corporation, China’s weapons acquisitions and training are guided by an overall strategy of preparation to win “informationised wars” – or wars that are heavily reliant on computers and information systems. China’s preparation for war is described as “a serious form of irregular warfare preparation.” And the report says it believes China is adopting such diverse methods because it couldn’t contend with the US in a traditional force-on-force match up. Website: www.uscc.gov/annual_ report/2007/annual_report_07.pdf
UK Foreign Office exposed data of visa applicants
T
he Foreign and Commonwealth Office (FCO) has breached the Data Protection Act (DPA) after its website showed the personal data of 50 000 people applying for visas.
The Information Commissioner’s Office (ICO) found the FCO had breached the DPA after investigating its online applications for UK visas. It was alerted to the breach on the VFS online visa application facility in May.
December 2007