Category Archives: A Little Sunshine

Includes investigative blog posts meant to shine a light on the darker corners of the Internet.

Researchers Map Multi-Network Cybercrime Infrastructure

March 17, 2010

Last week, security experts launched a sneak attack against Troyak, an Internet service provider in Eastern Europe that served as a gateway to a nest of cyber crime activity. For the past seven days, unnamed members of the security community reportedly have been playing Whac-a-Mole with Troyak, which has bounced from one legitimate ISP to the next in a bid to reconnect to the global Internet. But experts say Troyak’s apparent hopscotching is in fact the expected behavior from a carefully architected, round-robin network of backup and redundant carriers, all designed to keep a massive organized criminal operation online should a disaster like the Troyak disconnection strike.

FBI: Online Fraud Costs Skyrocketed in 2009

March 13, 2010

19 Comments

Reported losses from online fraud more than doubled last year, from $265 million in 2008 to nearly $560 million in 2009, according to figures released Friday by the FBI. The figures come from complaints referred to the Internet Crime Complaint… Read More »

Dozens of ZeuS Botnets Knocked Offline

March 10, 2010

25 Comments

Security experts are tracking a massive drop in the global number of control servers for various ZeuS botnets that are online, suggesting that a coordinated takedown effort may have been executed by law enforcement and/or volunteers from the security research community acting in tandem.

Cyber Crooks Leave Traditional Bank Robbers in the Dust

March 9, 2010

30 Comments

Organized cyber criminals stole more than $25 million from small to mid-sized businesses in brazen e-banking heists in the 3rd quarter of 2009 alone, federal regulators said last week. In contrast, traditional stick-up artists hauled less than $9.5 million out of U.S. banks over that same time period last year.

Fiserv to Banks: Stay on Outdated Adobe Reader

March 8, 2010

19 Comments

One of the nation’s largest providers of money-transfer and online banking services to credit unions and other financial institutions is urging customers not to apply the latest security updates for Adobe Reader, the very application most targeted by criminal hackers… Read More »

Regulators Revisit E-Banking Security Guidelines

March 3, 2010

42 Comments

Prodded by incessant reports of small- to mid-sized business losing millions of dollars at the hands of organized cyber criminals, federal regulators may soon outline more stringent steps that commercial banks need to take to protect business customers from online… Read More »

Talking Bots with Japan’s ‘Cyber Clean Center’

March 1, 2010

19 Comments

I’ve grown fascinated over the years with various efforts by Internet service providers to crack down on the menace from botnets, large groupings of hacked PCs that computer criminals remotely control for a variety of purposes, from spamming to hosting… Read More »

Microsoft Ambushes Waledac Botnet, Shutters Whistleblower Site

February 25, 2010

20 Comments

Microsoft’s lawyers this week engineered a pair of important takedowns, one laudable and the other highly-charged. The software giant orchestrated a legal sneak attack against the Web servers controlling the Waledac botnet, a major distributor of junk e-mail. In an unrelated and more controversial move, Redmond convinced an ISP to shutter a popular whistleblower Web site for hosting a Microsoft surveillance compliance document.

ZeuS: ‘A Virus Known as Botnet’

February 19, 2010

39 Comments

As a journalist who for almost ten years has sought to explain complex computer security topics to a broad audience, it’s sometimes difficult to be picky when major news publications over-hype an important security story or screw up tiny details:… Read More »

‘Time Bomb’ May Have Destroyed 800 Norfolk City PCs

February 17, 2010

123 Comments

The City of Norfolk, Virginia is reeling from a massive computer meltdown in which an unidentified family of malicious code destroyed data on nearly 800 computers citywide. The incident is still under investigation, but city officials say the attack may have been the result of a computer time bomb planted in advance by an insider or employee and designed to trigger at a specific date.