Yearly Archives: 2011

Fake Antivirus Industry Down, But Not Out

August 3, 2011

A majority of the largest fake AV affiliate programs that pay hackers to foist junk security software have closed up shop in recent weeks. The wave of closures comes amid heightened scrutiny of the industry from security experts and a host of international law enforcement officials.

Over the past several weeks, many of the Web sites for the top fake AV promotion programs disappeared or complained of difficulty in processing credit card transactions for would-be scwareware victims: Fake AV brands such as Gagarincash, Best AV, Blacksoftware.cc and a Sevantivir.com ceased operating or alerted peddlers who were hired to install these programs that they might not get paid for current and future installations.

New Tool Keeps Censors in the Dark

August 2, 2011

10 Comments

A new approach to overcoming state-level Internet censorship relies, ironically enough, on a technique that security experts have frequently associated with government surveillance. Current anti-censorship technologies, including the services Tor and Dynaweb, direct connections to restricted websites through a network… Read More »

Digital Hit Men for Hire

August 1, 2011

6 Comments

Cyber attacks designed to knock Web sites off line happen every day, yet shopping for a virtual hit man to launch one of these assaults has traditionally been a dicey affair. That’s starting to change: Hackers are openly competing to… Read More »

Trojan Tricks Victims Into Transferring Funds

July 28, 2011

60 Comments

It’s horrifying enough when a computer crook breaks into your PC, steals your passwords and empties your bank account. Now, a new malware variant uses a devilish scheme to trick people into voluntarily transferring money from their accounts to a cyber thief’s account.

The German Federal Criminal Police (the “Bundeskriminalant” or BKA for short) recently warned consumers about a new Windows malware strain that waits until the victim logs in to his bank account. The malware then presents the customer with a message stating that a credit has been made to his account by mistake, and that the account has been frozen until the errant payment is transferred back.

Spam & Fake AV: Like Ham & Eggs

July 26, 2011

6 Comments

An explosion of online fraud tools and services online makes it easier than ever for novices to get started in computer crime. At the same time, a growing body of evidence suggests that much of the world’s cybercrime activity may be the work of a core group of miscreants who’ve been at it for many years.

I recently highlighted the financial links among the organizations responsible for promoting fake antivirus products and spam-advertised pharmacies; all were relying on a few banks in Azerbaijan to process credit card payments.

Calif. Co. Sues Bank Over $465k eBanking Heist

July 25, 2011

44 Comments

A California real estate escrow company that lost more than $465,000 in an online banking heist last year is suing its former financial institution, alleging that the bank was negligent and that it failed to live up to the terms of its own online banking contract.

The plight of Redondo Beach, Calif. based Village View Escrow, first publicized by KrebsOnSecurity last summer, began in March 2010. That’s when organized crooks broke into the firm’s computers and bank accounts, and sent 26 consecutive wire transfers to 20 individuals around the world who had no legitimate business with the firm.

Comcast Hijacks Firefox Homepage: “We’ll Fix”

July 21, 2011

40 Comments

Comcast says it is revamping the software that new customers need to install to start service with the ISP. The software is not terribly friendly to Mac users running Firefox: It changes the browser’s homepage to comcast.net, and blocks users from changing it to anything else.

Google: Your Computer Appears to Be Infected

July 19, 2011

84 Comments

Google today began warning more than a million Internet users that their computers are infected with a malicious program that hijacks search results and tries to scare users into purchasing fake antivirus software. Google security engineer Damian Menscher said he… Read More »

eBanking Theft Costs Town of Eliot, Me. $28k

July 19, 2011

26 Comments

Organized cyber thieves stole more than $28,000 from a small New England town last week. The case once again highlights the mismatch between the sophistication of today’s attackers and the weak security measures protecting many commercial online banking accounts. On… Read More »

Microsoft Offers $250K Bounty for Rustock Author

July 18, 2011

6 Comments

Microsoft said today that it is offering a $250,000 reward for new information leading to the arrest and conviction of the individual(s) responsible for the Rustock botnet, a now-defunct crime machine that was once responsible for sending 40 percent of… Read More »