Spware Suspects Deported to ISrael

The Register reports that Spyware-for-hire suspects Michael and Ruth Haephrati arrived in Israel on Monday to face industrial espionage charges following their extradition from Britain. The couple, alleged masterminds behind a spyware-linked industrial espionage program, face trial in their native Israel after dropping an appeal against deportation.

Phishing Attacks Hit New Levels

ITP reports that In its latest Phishing Activity Trends Report released this month, the Anti-Phishing Working Group (APWG) said that after steadily swelling throughout the year, the number of unique e-mail-based fraud attacks detected in November 2005 peaked higher than ever at 16,882 — almost double the 8,975 attacks that were launched in November 2004.

With global e-commerce and banking institutions most regularly spoofed, the number of well-known brands targeted increased by nearly 50% over the course of last year — from 64% through January rising to an overwhelming 93% in November.

Two waves of phishing attacks hit a number of leading banks in the UAE around July and October last year, with some experts warning that the problem targeting Middle East financial institutions had become “endemic”.

At the time, the National Bank of Abu Dhabi (NBAD) said that phishers had sent e-mails to its customers, claiming to be from the bank, which linked to a fake website similar to that of the bank’s own.

Mellon on Hacking Charge

The Sunday Times reports that Matthew Mellon, heir to a £6.6 billion banking and oil fortune, will appear in court next month in connection with an investigation into an alleged phone-tapping and computer hacking gang.

The former husband of Tamara Mellon, who runs the Jimmy Choo shoe empire, will appear alongside 17 other defendants accused of involvement in the operation, which allegedly provided clients with confidential information about wealthy people and businesses.

Following a tip-off from BT, Scotland Yard has conducted a long investigation into a private detective agency run by a former policeman which it believed was bugging phone calls.

It is now alleged the group was also hacking into NHS computers to access confidential medical files to blackmail people, spying on police and bugging their phone calls to get information. There are also several charges of falsifying invoices.

One of the group is said to have taken BT overalls, a reflective jacket and tools, along with a BT works barrier and stool, and a shirt from NTL, another other telecoms company.

Toughter UK Hacking Laws

The Register reports that the UK Government plans to toughen up computer crime laws under proposals outlined in the Police and Justice Bill on Wednesday. The bill would double the maximum jail sentence for hacking into computer systems from five years to ten years, a provision that will classify hacking as a more serious offense and make it easier to extradite computer crime suspects from overseas. Denial of service attacks, something of a grey area under current regulations, would be clearly classified as a criminal offense under amendments to the 1990 Computer Misuse Act (CMA) proposed in the bill.

Industry pressed for changes along these lines even prior to the 2004 inquiry by MPs that recommended changes to the CMA to modernise UK computer crime law. Other provisions in the bill are likely to prove far more controversial. Clause 35 of the bill contains provisions to ban the development, ownership and distribution of so-called "hacker tools".

But the clause fails to draw adequate distinction between tools which might be used for legal as well as unlawful purposes. Reg readers have been quick to point out that the distinctions between, for example, a password cracker and a password recovery tool, or a utility designed to run DOS attacks and one designed to stress-test a network, are not properly covered in the proposed legislation. Taken as read, the law might even even make use of data recovery software to bypass file access permissions and gain access to deleted data, potentially illegal.

Tax credit ID theft to be Probed

Silicon reports that the UK's data protection watchdog has launched an investigation into the tax credit fraud fiasco that resulted from the theft of the identities and personal details of almost 13,000 staff at the Department for Work and Pensions (DWP) and Network Rail.

The government admitted last week that 8,800 staff identities at the DWP had been stolen in 2003/04, with 6,800 used in attempts by criminal gangs to make false tax credits claims last summer. Meanwhile 4,000 Network rail staff had personal details stolen and used by fraudsters to exploit security weaknesses on the tax credits claim website.

Although HM Revenue and Customs (HMRC) claims to have stopped many of the fraudulent claims before any money was paid, it admits to losing £2.7m from those that slipped through the net. The tax credits website was closed down in December and is still offline while the criminal investigation is ongoing.

Manchurian Candidate

.
The Register reports that Chinese hackers attacked UK government targets during the Christmas holidays using the Microsoft Windows Meta File (WMF) exploit. The attacks - initiated before Microsoft's patch against the vulnerability was released on 5 January - came in the form of contamination emails that originated in China. It's unclear if independent hackers or the Chinese government initiated the attack.

Contaminated messages posed as information about a secret rendezvous are were sent to around 70 people in parliament and elsewhere in the UK government.

The WMF-themed attacks are the latest twist in an armada of specially crafted Trojan horse attacks dating back over a year. Last June the UK's National Infrastructure Security Co-ordination Centre (NISCC) warned that approximately 300 UK government departments and businesses critical to the country's infrastructure have been the subject of Trojan horse attacks, many reportedly originating in the Far East. "The attackers' aim appears to be covert gathering or transmitting of commercially or economically valuable information," NISCC warned.

the MBAM Gang - Phished Out

Eight people who allegedly ran online scams to pilfer personal information from internet users worldwide were arrested in Bulgaria last week.

Bulgarian law enforcement agents conducted raids in three cities and dismantled what is believed to be an international phishing operation, Microsoft said in a statement on Friday. The software giant helped investigate the alleged cyber crimes, which played off its MSN web property, it said.

The phishing group allegedly crafted emails to make them appear as if they were sent by MSN customer service representatives and created dozens of fake internet web pages that mimicked the design, logo and trademark of official MSN pages, Microsoft said.

Dubbed the "MBAM Gang", for "Microsoft Billing Account Management", by Microsoft investigators, the group of eight allegedly launched 46 phishing attacks using 43 hacked web servers located in 11 countries around the world, the software giant said.

Zombie Leader Faces Jail

Silicon reports that a US man has pleaded guilty to leasing out networks of compromised computers to criminals so they can carry out denial of service and spam attacks.

Twenty-year old Californian Jeanson James Ancheta faces up to six years in prison for felony charges that include making more than $61,000 from renting the illegal networks and infecting US military computers.

Reports suggest this could be the first case to take aim at people who profit from 'botnets' - networks of virus-infected computers used by hackers to launch attacks.

Last year Ancheta was charged with 17 counts of conspiracy fraud and a 14-month hacking spree that lasted for more than a year.

Russian Antivirus Expert Explodes Security Myths

Russian antivirus guru Eugene Kaspersky has hit out at some of the myths which cloud what he sees as the real issues facing the IT security industry.

Speaking to silicon.com in Moscow, the eponymous head of Kaspersky Labs said companies' own agendas and some well-worn stereotypes about cyber crime stand in the way of reasoned discussion. He also criticised those who put too much faith in stats which, taken out of context, are often dangerously misleading.

He said: "Hackers now want systems which work. They want to use these systems and there are instances now when corporate networks are badly impacted but they still work and there is no damage."

To say that kind of attack therefore has no economic value is highly dangerous, said Kaspersky, given the unquantifiable impact that data loss could have on a business.

Another issue close to his heart, which Kaspersky said needs to be addressed, is the idea that cyber crime is predominantly a Russian issue and he points the finger of blame at an old adversary in the propaganda wars. "There has been this stereotype thanks to the American press," said Kaspersky, who believes such notions have held back the fight against malware and hackers.

Kaspersky said the data he sees suggests there is more malicious code coming out of China and Latin America than Russia currently and said he finds it disappointing to see Russia the subject of so many negative headlines.

Online Banking Security Criticised

Silicon reports the government financial services watchdog has hit out at consumers for failing to bank "responsibly" on the internet - and said banks must do more to help them learn safer online banking habits.

The remarks come as research from the Financial Services Authority (FSA) found consumer confidence in online banking is "fragile".

Half of the 1500 respondents surveyed by the FSA said they were "very" or "extremely" concerned about the potential fraud that could occur through an online transaction.

Most respondents who bank online said they had installed some security software on their computers but more than a quarter could not say when they last updated it.

Nearly all users (95 per cent) surveyed said at least some security responsibility should lie with the bank, while 45 per cent said banks should take sole responsibility.

Parliamentary Smash & Grab

The Guardian reports that last year, parliament nearly fell victim to a sophisticated hacking fraud, which is ironic, given my earlier report, circulated to MPs which warned of just this eventuality.. Experts are convinced that such attacks have the support of Chinese authorities

The hi-tech industrial espionage involved a series of innocuous-looking emails targeted at secretaries, researchers, parliamentary staff and even MPs themselves. Each one was specifically tailored to the individual who would receive it.

Once opened, these emails tried to download sophisticated spyware that hunts through the recipient's computer and network for potentially valuable documents, which would be automatically sent back to the hackers without the user's knowledge.

Fortunately, the attack, which took place earlier in 2005, was thwarted by parliament's sophisticated internet security system; no sensitive data is thought to have been lost.

Thousands Left Out of Pocket

The Guardian reports that a website that appeared to be based in central London was actually run from the US, where authorities have closed it

Billed as "The UK's best source for digital video equipment" has been shut down by US authorities - but not before thousands of British internet shoppers paid for Christmas presents which have failed to arrive.

The website, mydv.co.uk, appeared to be a British-based operator, and offered a London-based 0207 phone number. But calls were routed through to a call centre abroad. In reality the site was owned and run out of Waltham, Massachusetts by Nepco.

While some UK-based customers received their goods, others didn't. Some that arrived were built to US specifications and wouldn't work in the UK. Most buyers were charged more than the original quoted prices, and had sought refunds.

$67.2 bn Cost of eCrime in USA

CNET Reports that dealing with viruses, Spyware, PC theft and other computer-related crimes costs US businesses a staggering $67.2bn per year, according to the FBI.

The FBI calculated the price tag by extrapolating results from a survey of 2,066 organisations. The survey, released on Thursday, found that 1,324 respondents, or 64 per cent, suffered a financial loss from computer security incidents over a 12-month period.

The average cost per company was more than $24,000, with the total cost reaching $32m for those surveyed.

Often survey results can be skewed, because poll respondents are more likely to answer when they have experienced a problem. So, when extrapolating the survey results to estimate the national cost, the FBI reduced the estimated number of affected organisations from 64 per cent to a more conservative 20 per cent.

According to the 2005 FBI Computer Crime Survey: "This would be 2.8 million US organisations experiencing at least one computer security incident. With each of these 2.8 million organisations incurring a $24,000 average loss, this would total $67.2bn per year."

By comparison, telecommunication fraud losses are about only $1bn per year, according to the US Secret Service. Also, the overall cost to US citizens of identity fraud reached $52.6bn in 2004, according to Javelin Strategy & Research.

The FBI's next fiscal year, for which budgets must be reviewed and approved, begins 1 October. Protecting the US against high-technology crimes is third on the agency's list of priorities.

8,000 Identities 'Nicked'

The Register reports that the government has admitted losing £2.7m to fraudulent claims through a hole in the tax credits system as details emerge of further employee identity theft.

Her Majesty's Revenue and Customs (HMRC) was forced to close down the tax credits website at the start of December last year, after a spate of fraudulent claims came to light which exploited the stolen identities of Department for Work and Pensions staff.

Paymaster general Dawn Primarolo has revealed more details of the fraud.

Primarolo said: "It is now established that some 8,800 staff identities may have been stolen in 2003-04 and that of these, 6,800 have been used in an attempt to defraud the tax credits system in Autumn 2005.

"Of the 6,800 fraudulent claims, around 4,100 were fully intercepted by HMRC before any payment, so that no payment was made.

"Of the remaining 2,700 claims where tax credit payments were made into multiple bank accounts using the stolen identities, payments were suspended immediately they were discovered, and all payments were suspended by 16 December 2005."

Primarolo divulged the information after it was also revealed that 4,000 Network Rail employees had their personal details stolen and bank accounts set up under false pretences.

Million Dollar Site DDOSd

The Register reports that http://www.milliondollarhomepage.com/ has been pummelled over the past week by extortionists looking to cash-in on the success of the pixel-flogging site.

The site has received worldwide media attention after generating more than $1m in advertising revenue by selling pixels.

But earlier this month, Alex Tew, the UK student behind the site, received an email demanding he cough up $5,000 ($2,830) or risk facing a Distributed Denial of Service (DDoS) attack. He received other ransom demands of up to $50,000 (£28,300) but ignored them.

Last Thursday, the site became the victim of a DDoS attack making milliondollarhomepage.com difficult to access. The site is still unsteady on its feet today.

Off the Rails - ID Fraud

The Times reveals that the identities of thousands of rail workers have been stolen by criminal gangs and used to steal millions of pounds from the Treasury.

One in seven staff at Network Rail has been caught up in the tax credit fraud that has plunged the tax system into chaos and could turn out to be Britain’s biggest benefit scam.

Last month it emerged that 13,000 Jobcentre workers had had their identities stolen and there are fears that other leading companies have also been targeted by the gangs. Suspicions are mounting that HM Revenue and Customs insiders are involved in the fraud.

Network Rail was alerted to the problem by Revenue officials last week and a criminal investigation is now under way. John Armitt, chief executive of Network Rail, yesterday sent a letter to all 30,000 staff at the company to allay fears over the fraud and its potential impact on legitimate tax credit payments and credit ratings.

20,000 False Tax Credit Claims

Silicon reports that more than half of the 40,000 suspicious tax credit applications detected by HM Revenue and Customs (HMRC) during a six-month period last year are believed to have been made by organised criminal gangs, new government figures have revealed.

The huge rise in fraud attempts forced HMRC to close the online tax credits portal at the beginning of December last year after it discovered personal details of 13,000 civil servants working at the Department for Work and Pensions (DWP) had been stolen and used by criminals to make false claims.

HMRC admits it still does not know the full extent of the fraud.

The tax credits portal remains closed and HMRC admits it still does not know the full extent of the fraud. But the department has now revealed it intervened in 38,924 suspicious claims between April and November last year before they got to payment stage.

Dodgy Spam Scam

Silicon reports that spammers appear to have found a new target of choice for 2006 - bombarding internet message boards with unprecedented ferocity.

The amount of message board spam has been escalating dramatically since mid-2005, according to experts and a search of Google shows a number of frequently recurring domains are appearing in bogus comments on message boards all over the internet.

Among the most common domains appearing on message boards as spam, there is a definite trend.

Domains such as 888.typo7.com, e-casinoroom.com, HobbyWorkshop.com, onlinepokerment.com, TopSitesRanking.com and g4h5.com all appear in bogus postings which reference online gaming. Many of the actual sites link through to more than one established poker site.

MessageLabs believes individuals and companies are abusing the system to increase their Google ranking, or increase the resale value of a domain name by raising its prominence.

Atlantis ID Theft

Silicon reports that the identities of more than 50,000 customers of major Bahamas resort Atlantis have been exposed to possible identity fraud following the theft of personal information from the hotel, the owners said.

Information stolen included names, addresses, credit card details, Social Security numbers, driver's licence numbers and bank account data, the filing said.

The information appears to have gone missing from the hotel's computer database and was the work of either an insider or an outside hacker.

The Atlantis hotel management is notifying affected customers in writing so they can take steps to protect themselves from possible identify fraud.

Atlantis is one of the world's landmark resort destinations. Thousands of tourists - mainly Americans - flock there every week to enjoy its casino and beachfront attractions.

It employs more than 5,000 Bahamians and is a major player in the country's economy.

Windows Vs Linux - A Cert

The Register reports that Linux and UNIX experienced more than three times as many reported security vulnerabilities than Windows, according to the mighty US Computer Emergency Readiness Team (CERT) annual year-end security index.

Windows experienced 812 reported operating system vulnerabilities for the period between January and December 2005, compared to 2,328 for Linux and Unix.

CERT found more than 500 multiple vendor vulnerabilities in Linux and Unix CERT recorded 88 Windows-specific holes and 44 in Internet Explorer (IE).

The annual poll does not include the Windows MetaFile (WMF) vulnerability, which has become the most widely reported attack on Windows according to security and antivirus specialist McAfee since being reported on December 28.

99% of PCs @ Risk

Silicon reports that a flaw in Microsoft's Windows Meta File (WMF) has spawned dozens of attacks since its discovery last week, security experts warned on Tuesday.

The attacks so far have been wide-ranging, the experts said, citing everything from an MSN Messenger worm to spam that attempts to lure people to click on malicious websites.

Microsoft plans to release a fix for the WMF vulnerability as part of its monthly security update cycle on 10 January, according to the company's security advisory.

Phishing Over Christmas in Oz

New Phishing websites involved in an email banking scam have started springing up in Australia in place of sites already shut down.

Three major Australian banks earlier this week reported that customers had been targeted with bogus bank emails from websites in Asia and Europe.

Often bearing what looked like an official letterheads, the emails asked for banking details, for either security or software upgrades.

The scam's aim is to steal bank customers' personal information by capturing their passwords and log-on details when they click on an email link.

Mideast Offers New Opportunities for Cyber Criminals

More than a hundred Egyptian nationals gathered in front of a Kuwait airline office requesting a meeting with the manager of the airline and seeking a refund of their money,

Complaints were filed and it is reported that two “hackers” - a Lebanese and an Egyptian - had access to the secret codes of those who had reserved tickets via the internet. These two persons allegedly cancelled the reservations and sold the “victims” tickets to others. The daily did not state whether or not the hackers have been arrested. Source ArabTimes