A security firm revealed today that mysql.com, the central repository for widely-used Web database software, was hacked and booby-trapped to serve visitors with malicious software. The disclosure caught my eye because just a few days ago I saw evidence that administrative access to mysql.com was being sold on the hacker underground for just $3,000.
Computer crooks and spammers are abusing a little-known encoding method that makes it easy to disguise malicious executable files (.exe) as relatively harmless documents, such as text or Microsoft Word files.
A 23-year-old Arizona man arrested on Thursday in connection with the hack of Sony Pictures Entertainment last May was a model student who saw himself one day defending networks at the Department of Defense and the National Security Agency.
An ATM skimmer gang stole more than $400,000 using skimming devices built with the help of high-tech 3D printers, federal prosecutors say.
Before I get to the gang, let me explain briefly how ATM skimmers work, and why 3D printing is a noteworthy development in this type of fraud.
CAPTCHAs, those squiggly and frustrating puzzles that many Web sites require users to solve before registering or leaving comments, are designed to block automated activity and deter spammers. But for some Russian-language forums that cater to spammers and other miscreants, CAPTCHAs may also be part of a vetting process designed to frustrate foreign newbie hackers and investigators.
In June 2011, Russian authorities arrested Pavel Vrublevsky, co-founder of ChronoPay, Russia’s largest processor of online payments, for allegedly hiring a hacker to attack his company’s rivals. New evidence suggests that Vrublevsky’s arrest was the product of a bribe paid… Read More »
Yesterday I wrote about the public storefront where anyone can rent access to computers infected with TDSS, widely considered one of the largest and most complex botnets on the planet. Today, I’ll take a closer look at a Russian individual who appears to have close ties to the TDSS operation.
Criminals who operate large groupings of hacked PCs tend to be a secretive lot, and jealously guard their assets against hijacking by other crooks. But one of the world’s largest and most sophisticated botnets is openly renting its infected PCs to any and all comers, and has even created a Firefox add-on to assist customers.
Leaked online chats between the co-owners of the world’s largest pharmacy spam operation reveal the extent to which illicit organizations in Russia purchase political protection, and bribe public officials into initiating or stalling law enforcement investigations.
An international cybercrime gang stole $13 million from a Florida-based financial institution earlier this year, by executing a highly-coordinated heist in which thieves used ATMs around the globe to cash out stolen prepaid debit cards, KrebsOnSecurity has learned.
