7 total posts
Former Subway sandwich franchisee cops to $40,000 gift-card
.. hack scheme
"Man used LogMeIn to access point-of-sale terminals of other shops, feds say."
A former Subway sandwich shop franchisee pled guilty to taking part in a scheme to hack point-of-sale terminals for at least 13 stores and obtaining gift cards worth $40,000.
Shahin Abdollahi, who also ran a business that sold and maintained point-of-sale terminals, sold the computerized checkout registers to the Subway shops that were illegally accessed, according to federal prosecutors in Massachusetts. He set up the terminals with software from LogMeIn, which allows people to remotely log in to PCs over the Internet. Abdollahi and other conspirators then used the software to repeatedly access the Subway terminals without authorization, usually early in the morning, when the restaurants were closed.
Continued : http://arstechnica.com/security/2014/05/former-subway-sandwich-franchisee-cops-to-40000-gift-card-hack-scheme/
Related: Former Subway franchise owner pleads guilty to POS hacking
Fake antivirus - attack of the clones
Kaspersky Lab Weblog:
Experts recently discovered a scam antivirus app on Google Play going by the name of Virus Shield. A distinct feature of this particular app was the fact that users had to pay for it - most fake AV can initially be downloaded for free. This meant its creators immediately started making money and didn't have to demand payments from users to remove "malware" that had supposedly been detected on their computers. To avoid negative reviews on Google Play all that was required was to make it look like the app was doing something useful.
Virus Shield was followed by a series of other similar fake apps. Early last week, for instance, we detected two rather interesting fake antivirus programs.
The first fake app was discovered on Windows Phone Store, which in itself was unusual - scammers tend to use Google Play. This app, which also had to be paid for up front, went by the name of Kaspersky Mobile. The fact that there is no program with that name in Kaspersky Lab's product line didn't deter the fraudsters - they obviously didn't expect anyone to notice. [Screenshot]
Continued : http://www.securelist.com/en/blog/8221/Fake_antivirus_attack_of_the_clones
Phishers Cast Wider Net, Now Asking for Multiple Email
TrendLabs Security Intelligence Blog:
From a security perspective, phishing attempts are pretty much old hat. In most cases, phishing attempts or attacks focus on getting one particular credential, such as those for credit cards or user accounts. We are now seeing cybercriminals attempt to get more credentials by using phishing pages that allow for multiple email logins.
Multiple Logins Allowed
We came across some shortened URLs that lead users are lead to phishing pages that mimic popular sites, including Facebook, Google Docs (now known as Google Drive), OneDrive, and several property websites. In order to proceed, users must log in using their email address. [Screenshot]
Continued : http://blog.trendmicro.com/trendlabs-security-intelligence/phishers-cast-wider-net-now-asking-for-multiple-emails/
Related : Phishing campaigns target diverse webmail users at once
"Police Ransomware" Expands To Android Ecosystem
F-Secure Antivirus Weblog:
Crimeware has steadily transferred Windows-based technology to Android. We've seen phishing, fake-antivirus scams, banking trojan components, and now... ransomware.
Yep. "Police ransomware" on Android. Our name for it is, Koler.
The crimeware ecosystem has long been aware of Android systems it routinely comes into contact with — it's not really much of a surprise to see ransomware attempt to make the jump.
Here's how it works:
Compromise occurs when the user visits a booby trapped (pornographic) website with his Android device. The malware then pretends to be video player and requests installation. This is dependent upon the "enable unknown sources" setting being configured.
Is That 'iCloud-Locked' iPhone on eBay Stolen? Probably!
If you've browsed eBay for an iPhone in the past few months, you've probably noticed the preponderance of auctions selling low-priced "iCloud-locked" phone. "iCloud locked?," I hear you cry. "But I thought iCloud just synced contacts!" No, dear reader, it's much more powerful than that, but in this case it means that these phones are almost certainly stolen.
Apple has provided the very useful Find My iPhone tool for years, but it got even better after iOS 7.0 introduced the "reactivation lock," or iCloud lock. This means that if your iPhone is lost or stolen and you wipe it remotely with Find My iPhone, you'll need to enter your iCloud password to reactivate it.
This feature should mean that stolen phones have little value to thieves. After all, the thief can't use it or sell it as a fully functional phone. Plus, the fact that it's locked should tip off potential buyers that the deal isn't on the level.
Continued : http://securitywatch.pcmag.com/mobile-security/323624-is-that-icloud-locked-iphone-on-ebay-stolen-probably
The Mad, Mad Dash to Update Flash
An analysis of how quickly different browser users patch Adobe Flash vulnerabilities shows a marked variation among browser makers. The data suggest that Google Chrome and Mozilla Firefox users tend to get Flash updates relatively quickly, while many users on Microsoft's Internet Explorer browser consistently lag behind.
The information comes from ThreatMetrix, a company that helps retailers and financial institutions detect and block patterns of online fraud. ThreatMetrix Chief Technology Officer Andreas Baumhof looked back over the past five months across 10,000+ sites the company serves, to see how quickly visitors were updating to the latest versions of Flash.
Baumhof measured the rates of update adoption for these six Flash patches:
Continued : http://krebsonsecurity.com/2014/05/the-mad-mad-dash-to-update-flash/