Monthly Archives: September 2010

U.S. Charges 37 Alleged Money Mules

September 30, 2010

Troy Owen never thought he’d see the day when the cyber thieves who robbed his company of $800,000 would ever be charged with any crime. Owens said that investigators told him that the perpetrators were mostly overseas in places like Ukraine and Moldova, and that it might be tough to catch those responsible.

But on Thursday afternoon, authorities in New York announced they had charged more than 60 individuals — and arrested 20 — in connection with international cyber heists perpetrated against dozens of companies in the United States, including Owen’s.

11 Charged In ZeuS & Money Mule Ring

September 30, 2010

Authorities in the United Kingdom on Wednesday charged 11 individuals with running an international cyber crime syndicate that laundered millions of dollars stolen from consumers and businesses with the help of the help of the ultra-sophisticated ZeuS banking Trojan.

I’ll Take 2 MasterCards and a Visa, Please

September 22, 2010

When you’re shopping for stolen credit and debit cards online, there are so many choices these days. A glut of stolen data — combined with innovation and cutthroat competition among vendors — is conspiring to keep prices for stolen account numbers exceptionally low. Even so, many readers probably have no idea that their credit card information is worth only about $1.50 on the black market.

Nasty Twitter Worm Outbreak

September 21, 2010

Several new Internet worms are spreading quite rapidly via a newly-found vulnerability in While the flaw that powers these attackers will most likely be sewn shut in a matter of hours, if you’re going to frequent Twitter today you’d be wise to use a Twitter client or at least block Javascript on the site, as these worms appear to be spreading with little to no interaction on the part of users.

Google Adds 2-Factor Security to Gmail, Apps

September 20, 2010

Google said today that it will begin offering users greater security protections for signing in to Gmail and other Google Apps offerings. This “two-step verification” process — which requires participating users to input a user ID, password and six-digit code sent to their mobile phones — effectively means Google will be offering more secure authentication than many U.S. financial institutions currently provide for their online banking customers.

SpyEye Botnet’s Bogus Billing Feature

September 17, 2010

Miscreants who control large groupings of hacked PCs or “botnets” are always looking for ways to better monetize their crime machines, and competition among rival exploit kit developers is leading to several ingenious new features. The SpyEye botnet kit, for example, now not only allows botnet owners to automate the extraction of credit card and other financial data from infected systems, but it also can be configured to use those credentials to gin up bogus sales at online stores set up by the botmaster.