Author Archives: BrianKrebs

POS Providers Feel Brunt of PoSeidon Malware

April 15, 2015

“PoSeidon,” a new strain of malicious software designed to steal credit and debit card data from hacked point-of-sale (POS) devices, has been implicated in a number of recent breaches involving companies that provide POS services primarily to restaurants, bars and hotels. The shift by the card thieves away from targeting major retailers like Target and Home Depot to attacking countless, smaller users of POS systems is giving financial institutions a run for their money as they struggle to figure out which merchants are responsible for card fraud.

Critical Updates for Windows, Flash, Java

April 14, 2015

51 Comments

Get your patch chops on people, because chances are you’re running software from Microsoft, Adobe or Oracle that received critical security updates today. Adobe released a Flash Player update to fix at least 22 flaws, including one flaw that is being actively exploited. Microsoft pushed out 11 update bundles to fix more than two dozen bugs in Windows and associated software, including one that was publicly disclosed this month. And Oracle has an update for its Java software that addresses at least 15 flaws, all of which are exploitable remotely without any authentication.

White Lodging Confirms Second Breach

April 13, 2015

22 Comments

In February 2015, KrebsOnSecurity reported that for the second time in a year, multiple financial institutions were complaining of fraud on customer credit and debit cards that were all recently used at a string of hotel properties run by hotel franchise firm White Lodging Services Corporation. The company said at the time that it had no evidence of a new breach, but last week White Lodging finally acknowledged a “suspected” breach of point-of-sale systems at 10 locations.

Don’t Be Fodder for China’s ‘Great Cannon’

April 10, 2015

57 Comments

China has been actively diverting unencrypted Web traffic destined for its top online search service — Baidu.com — so that some visitors from outside of the country were unwittingly enlisted in a novel and unsettling series of denial-of-service attacks aimed at sidelining sites that distribute anti-censorship tools, according to research released this week.

FBI Warns of Fake Govt Sites, ISIS Defacements

April 7, 2015

28 Comments

The Federal Bureau of Investigation (FBI) is warning that individuals sympathetic to the Islamic State of Iraq and al-Shams (ISIS) are mass-defacing Websites using known vulnerabilities in WordPress. The FBI also issued an alert advising that criminals are hosting fraudulent… Read More »

Hacking ATMs, Literally

April 6, 2015

58 Comments

Most of the ATM skimming attacks written about on this blog conclude with security personnel intervening before the thieves manage to recover their skimmers along with the stolen card data and PINs. However, an increasingly common form of ATM fraud — physical destruction — costs banks plenty, even when crooks walk away with nothing but bruised egos and sore limbs.

‘Revolution’ Crimeware & EMV Replay Attacks

April 1, 2015

63 Comments

In October 2014, KrebsOnSecurity examined a novel “replay” attack that sought to exploit implementation weaknesses at U.S. financial institutions that were in the process of transitioning to more secure chip-based credit and debit cards. Today’s post looks at one service offered in the cybercrime underground to help thieves perpetrate this type of fraud.

Sign Up at irs.gov Before Crooks Do It For You

March 30, 2015

286 Comments

If you’re an American and haven’t yet created an account at irs.gov, you may want to take care of that before tax fraudsters create an account in your name and steal your personal and tax data in the process. Recently, KrebsOnSecurity… Read More »

Who Is the Antidetect Author?

March 26, 2015

49 Comments

Earlier this month I wrote about Antidetect, a commercial tool designed to help thieves evade fraud detection schemes employed by many e-commerce companies. That piece walked readers through a sales video produced by the author of Antidetect showing the software being used to buy products online with stolen credit cards. Today, we’ll take a closer look at clues to a possible real-life identity of this tool’s creator.

Tax Fraud Advice, Straight from the Scammers

March 25, 2015

41 Comments

Some of the most frank and useful information about how to fight fraud comes directly from the mouths of the crooks themselves. Online cybercrime forums play a critical role here, allowing thieves to compare notes about how to evade new security roadblocks and steer clear of fraud tripwires. Few topics so reliably generate discussion on crime forums around this time of year as tax return fraud, as we’ll see in the conversations highlighted in this post.