Spyware, Viruses, & Security forum


NEWS - December 20, 2013

by Carol~ Moderator / December 20, 2013 2:22 AM PST
Cards Stolen in Target Breach Flood Underground Markets

Credit and debit card accounts stolen in a recent data breach at retail giant Target have been flooding underground black markets in recent weeks, selling in batches of one million cards and going for anywhere from $20 to more than $100 per card, KrebsOnSecurity has learned.

Prior to breaking the story of the Target breach on Wednesday, Dec. 18, I spoke with a fraud analyst at a major bank who said his team had independently confirmed that Target had been breached after buying a huge chunk of the bank's card accounts from a well-known "card shop" — an online store advertised in cybercrime forums as a place where thieves can reliably buy stolen credit and debit cards.

There are literally hundreds of these shady stores selling stolen credit and debit cards from virtually every bank and country. But this store has earned a special reputation for selling quality "dumps," data stolen from the magnetic stripe on the backs of credit and debit cards. Armed with that information, thieves can effectively clone the cards and use them in stores. If the dumps are from debit cards and the thieves also have access to the PINs for those cards, they can use the cloned cards at ATMs to pull cash out of the victim's bank account.

Continued: http://krebsonsecurity.com/2013/12/cards-stolen-in-target-breach-flood-underground-markets/

Related: Cards stolen in massive Target breach flood underground "card shops"
Discussion is locked
You are posting a reply to: NEWS - December 20, 2013
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - December 20, 2013
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
CryptoLocker Creators Infected Nearly 250K Systems, Earned..
by Carol~ Moderator / December 20, 2013 3:03 AM PST
.. $300K Since September

UPDATE: The math in this and other reports was simply tabulated incorrectly.

New American presidents often are measured by what they accomplish in their first 100 days. By that yardstick, the crew behind the CryptoLocker ransomware have been a raging success. The unknown group of attackers have already infected between 200,000 and 250,000 systems worldwide and likely raked far greater than $300,000 in ransom to date, according to researchers at Dell SecureWorks CTU, who published a deep analysis on the malware this week.

In a blog posted Wednesday, Keith Jarvis, a Senior Security Researcher with Dell SecureWorks, discussed the history of CryptoLocker and described how the malware is able to encrypt its victims' files until they pay a ransom, usually around $300.

While all of the research is an interesting read, it's especially noteworthy that the analysis has finally given us an idea how many computers have been infected since the malware surfaced shortly after the beginning of September.

It was reported the malware was sent to "tens of millions" of online banking customers in the U.K. in November but at the time it wasn't certain just how many machines had actually opened the malicious attachment and were legitimately infected.

Continued : http://threatpost.com/cryptolocker-creators-infected-nearly-250000-systems-earned-30m-since-september/103261
Collapse -
BitTorrent serverless chat replaces usernames w/ crypto keys
by Carol~ Moderator / December 20, 2013 3:03 AM PST

"With BitTorrent Chat, your identity is a cryptographic key pair."

BitTorrent, Inc. is developing a serverless instant messaging system that relies on public key encryption to protect the privacy of communications, identifying users not with traditional usernames but with cryptographic key pairs.

The company, which develops the BitTorrent peer-to-peer protocol as well as the BitTorrent and uTorrent file sharing software, announced the forthcoming chat software in September and revealed some details on how it will work in a blog post today. It reads:

'With BitTorrent Chat, there aren't any "usernames" per se. You don't login in the classic sense. Instead, your identity is a cryptographic key pair. To everyone on the BitTorrent Chat network at large, you ARE your public key. This means that, if you want, you can use Chat without telling anyone who you are. Two users only need to exchange each other's public keys to be able to chat. .....'

Continued : http://arstechnica.com/information-technology/2013/12/bittorrent-serverless-chat-replaces-usernames-with-crypto-keys/

BitTorrent develops secure, decentralized chat program using public-key crypto
BitTorrent introduces secure, serverless messaging system
BitTorrent unveils secure messaging service to counter 'NSA dragnet surveillance'

Collapse -
Five minute fix: Keeping your kids safe online ..
by Carol~ Moderator / December 20, 2013 4:22 AM PST
.. with parental controls

When I was a young lad my parents always used to worry when I went out with my friends. "Don't talk to strangers," they would say, before adding, "don't accept a lift from anyone you don't know."

Being a parent myself now, I know why they were concerned. The advent of the internet has done little to put mothers and fathers at ease. If anything, it has made matters far worse.

New technology can often be a double-edged sword. While it offers multiple opportunities to the masses, it also opens doors to the less savoury characters in our societies too.

Continued : http://nakedsecurity.sophos.com/2013/12/19/five-minute-fix-keeping-your-kids-safe-online-with-parental-controls/

Also @ Naked Security:
Five-minute fix: Setting up parental controls on Windows 7
Five-minute fix: Setting up parental controls on Windows 8
Five-minute fix: Setting up parental controls on Mac OS X Mavericks
Five-minute fix: Setting up parental controls on iOS
Five-minute fix: Setting up parental controls on Android
Collapse -
The Death of Anti-Virus: conference paper
by Carol~ Moderator / December 20, 2013 4:23 AM PST

David Harley @ ESET's "We Live Security" Blog:

Death of a Sales Force: Whatever Happened to Anti-Virus? (pdf) is a paper written by Larry Bridwell and myself for the 16th AVAR conference in Chennai, which was kindly presented by ESET's Chief Research Officer Juraj Malcho, as neither Larry nor myself were able to attend the conference in the end. The paper is also available from the ESET Threat Center Resources page here (pdf).

Here's the abstract:

Anti-Virus is, it seems, an ex-parrot. We've seen so many announcements of the death of anti-virus we've taken to carrying black ties around with us, ready for the next one. This paper probably won't have much impact on the ludicrously funereal tone of some commentary, but will take an informed look at the reasons most often given for the imminent demise of the AV industry and in the hope of achieving a balanced view of the present role and future evolution of malware analysis. Reports of the (near-) death of static signature detection may not be exaggerated, but anti-malware technology has moved far beyond simple signatures. We consider in depth the accuracy of some of the basic contentions that keep turning up ad infinitum in memoriam....

1. Conclusions based on detection testing and pseudo-testing statistics
2. Anti-virus is ok if you don't have to pay for it

Continued : http://www.welivesecurity.com/2013/12/19/the-death-of-anti-virus-conference-paper/

Collapse -
Trojan attached in fake emails regarding Adobe license key
by Carol~ Moderator / December 20, 2013 4:23 AM PST

MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with the following subjects:

Download your adobe software
Download your license key
Thank you for your order
Your order is processed

This email is send from the spoofed address "Adobe Software <soft@adobes.com>", "Adobe Software <support@adobes.com>", "Adobe <software@adobes.com>", "Adobe Software <your_order@adobes.com>" or similar and has the following body:


Thank you for buying Director 11.5 software.
Your Adobe License key is in attached document below.

Adobe Systems Incorporated.



Thank you for buying Creative Suite 6 Master Collection software.
Your Adobe License key is in attached document below.

Adobe Systems Incorporated.

Continued : http://blog.mxlab.eu/2013/12/19/trojan-attached-in-fake-emails-regarding-license-key-from-adobe/

Fake Adobe "licence key delivery" emails carry malware
Fake Adobe License-Themed Emails Carry Kuluoz Malware

Collapse -
ZeroAccess criminals wave white flag: The impact of ...
by Carol~ Moderator / December 20, 2013 4:23 AM PST
.. partnerships on cybercrime

From Richard Boscovich, Assistant General Counsel, Microsoft Digital Crimes Unit @ The Official Microsoft Blog:

Two weeks after Microsoft filed its civil case in the U.S. District Court for the Western District of Texas against the notorious Sirefef botnet, also known ZeroAccess, I am pleased to report that our disruption effort has been successful, and it appears that the criminals have abandoned their botnet. As a result, last week Microsoft requested that the court close the civil case in order to allow law enforcement to continue their investigative efforts in the matter.

As stated at the outset of this disruption effort, Microsoft and its partners did not expect to fully eliminate the ZeroAccess botnet because of the complexity of the threat. Rather, our focus was to protect people by cleaning the computers infected with the malware so they could no longer be used for harm. As we expected, less than 24 hours after our disruptive action, the cybercriminals pushed out new instructions to the ZeroAccess-infected computers in order to continue their fraud schemes. ...

Continued : http://blogs.technet.com/b/microsoft_blog/archive/2013/12/19/zeroaccess-criminals-wave-white-flag-the-impact-of-partnerships-on-cybercrime.aspx
Collapse -
A buffet of 2014 security and privacy predictions
by Carol~ Moderator / December 20, 2013 4:24 AM PST

Stephen Cobb posted @ ESET's "We Live Security" Blog:

Have you been wondering what trends in security and privacy ESET researchers are predicting for 2014? The following is a sampling, a year-end snack plate if you will. (Later in the month we will also be serving a main course of 2014 predictions in the form of a whitepaper from our colleagues in Latin America.)

Perennial readers of the ESET blog will know researchers do not relish making predictions, and yet each year we make them. Why? Because some people ask nicely, and because there is some practical value in looking ahead at where future attacks on information systems might come from, and in what form. Sometimes we name trends that are already in motion, like Bring Your Own Device, which has been a trend for several years. But we only draw attention to an ongoing trend if we think its persistence has implications for security and privacy (for example, one of researchers sees the increasing diversity of cheap smartphones adding to the BYOD challenge).

2014 predictions

Continued: http://www.welivesecurity.com/2013/12/10/a-buffet-of-2014-security-and-privacy-predictions/

Also by Stephen Cobb: The massive lie about anti-virus technology

Collapse -
Browser Ransomware hides behind CloudFlare, smartens payment
by Carol~ Moderator / December 20, 2013 5:30 AM PST
.. system

"Malwarebytes Unloaded" Blog:

We've covered the browser-based ransomware several times before on this blog, ever since it appeared back in July and again each time it evolved.

FBI Ransomware Now Targeting Apple's Mac OS X Users
Ransomware demands additional payment to delete 'criminal records'
"Buy $500 antivirus from us," say cyber-criminals


A tip from security researcher Malekal today got us to look at it again. The main novelty with this one is that instead of using the typical algorithmically generated domain names (i.e. http: //fbi.gov.id396126511-5382106440[dot]r0172.com, http: //fbi.gov.id517256300-7218768350.z6629.com), it is now hiding behind the anonymous CloudFlare service.

This is not the first time cyber-criminals abuse CloudFlare. The free service not only offers better loading times for websites but also masks their actual IP address, thus making them harder to block.

Continued : http://blog.malwarebytes.org/cyber-crime/2013/12/browser-ransomware-hides-behind-cloudflare-smartens-payment-system/
Collapse -
Gamers Must Level Up To Beat Malware Baddies
by Carol~ Moderator / December 20, 2013 5:30 AM PST

The world of gaming is never safe. Whether it's those evil minions waiting around the corner for you, or sneaky malware creeping in to infect your device, you've got to watch your back. Kaspersky Lab revealed that PC gamers around the world have been attacked this year.

Nearly five million pieces of malware focus on gaming alone. Gamers face almost 12 million attacks, and on average users are hit by 34,000 attacks from gaming malware every day.

Gamers everywhere are at risk, but those in Russia are the ones most in danger for getting hacked with over eight million attempts on them this year. Over half a million attacks were targeted at Vietnam followed by roughly four hundred thousand on China. Other countries in the top ten most frequently attacked list includes India, Spain, and Poland with Turkey, Taiwan, Thailand, and Italy bringing up the rear.

Where Are They Hiding and What Are They Doing?

Continued : http://securitywatch.pcmag.com/security/319058-gamers-must-level-up-to-beat-malware-baddies

Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions

Does BMW or Volvo do it best?

Pint-size luxury and funky style

Shopping for a new car this weekend? See how the BMW X2 stacks up against the Volvo XC40 in our side-by-side comparison.