Author Archives: BrianKrebs

How Much is That Phished PayPal Account?

October 5, 2011
65 Comments

Compromised PayPal accounts are a valuable commodity in the criminal underground, and crooks frequently trade them in shadowy online forums. But it wasn’t until recently that I finally encountered a proper Web site dedicated to selling hacked PayPal accounts.

Many of the PayPal accounts for sale at iProfit.su have a zero balance, but according to the proprietor of this shop these are all “verified.” PayPal “verifies” an account when a customer agrees to attach a bank account to it; PayPal then sends a micropayment the bank account, and asks the user the value of that mini deposit. A bonus feather: all the hacked PayPal profiles currently for sale at iProfit.su are advertised as having a credit card attached to them, which is another way PayPal accounts can be verified.

The creator of iProfit.su also advertises private, bulk sales of unverified PayPal accounts; currently he is selling these at $50 per 100 accounts – a bargain at only 50 cents apiece.

ZeuS Trojan Gang Faces Justice

October 4, 2011
5 Comments

Authorities in the United Kingdom have convicted the 13th and final defendant from a group arrested last year and accused of running an international cybercrime syndicate that laundered millions of dollars stolen from consumers and businesses with the help of the help of the ZeuS banking Trojan. The news comes days after U.S. authorities announced the guilty plea of the 27th and final individual arrested last year in New York in a related international money-laundering scheme.

Monster Spam Campaigns Lead to Cyberheists

October 3, 2011
27 Comments

Phishers and cyber thieves have been casting an unusually wide net lately, blasting out huge volumes of fraudulent email designed to spread password-stealing banking Trojans. Judging from the number of victims who reported costly cyber heist in the past two weeks, many small to medium sized organizations took the bait.

Inside a Modern Mac Trojan

September 28, 2011
31 Comments

Mac malware is back in the news again. Last week, security firm F-Secure warned that it had discovered a Trojan built for OS X that was disguised as a PDF document. It’s not clear whether this malware is a present threat — it was apparently created sometime last year — but the mechanics of how it infects Mac systems is worth a closer look because it challenges a widely-held belief among Mac users that malicious software cannot install without explicit user permission.

MySQL.com Sold for $3k, Serves Malware

September 26, 2011
41 Comments

A security firm revealed today that mysql.com, the central repository for widely-used Web database software, was hacked and booby-trapped to serve visitors with malicious software. The disclosure caught my eye because just a few days ago I saw evidence that administrative access to mysql.com was being sold on the hacker underground for just $3,000.

Gang Used 3D Printers for ATM Skimmers

September 20, 2011
87 Comments

An ATM skimmer gang stole more than $400,000 using skimming devices built with the help of high-tech 3D printers, federal prosecutors say.

Before I get to the gang, let me explain briefly how ATM skimmers work, and why 3D printing is a noteworthy development in this type of fraud.

Cultural CAPTCHAs

September 19, 2011
32 Comments

CAPTCHAs, those squiggly and frustrating puzzles that many Web sites require users to solve before registering or leaving comments, are designed to block automated activity and deter spammers. But for some Russian-language forums that cater to spammers and other miscreants, CAPTCHAs may also be part of a vetting process designed to frustrate foreign newbie hackers and investigators.