Category Archives: A Little Sunshine

Includes investigative blog posts meant to shine a light on the darker corners of the Internet.

Who Else Was Hit by the RSA Attackers?

October 24, 2011

The data breach disclosed in March by security firm RSA received worldwide attention because it highlighted the challenges that organizations face in detecting and blocking intrusions from targeted cyber attacks. What’s more, the subtext of the intrusion was that if this could happen to one of the largest security firms, what hope was there for organizations that aren’t focused on security?

Security experts have said that RSA wasn’t the only corporation victimized in the attack, and that dozens of other multinational companies were infiltrated using many of the same tools and Internet infrastructure. But so far, no one has been willing to say publicly which additional companies may have been hit. Today’s post features a never-before-published list of those victim organizations. The information suggests that more than 760 other organizations had networks that were compromised with some of the same resources used to hit RSA. Almost 20 percent of the current Fortune 100 companies are on this list.

Software Pirate Cracks Cybercriminal Wares

October 17, 2011

25 Comments

Make enough contacts in the Internet security community and you will probably learn that many of the folks involved in defending computers and networks against criminals got started in security by engaging in online illegal activity of one sort or another. These personal shifts are sometimes motivated by ethical and personal safety reasons, but just as often grey- and black hat hackers gravitate toward the defensive side simply because it is more intellectually challenging.

ATM Skimmer Powered by MP3 Player

October 13, 2011

7 Comments

Almost a year ago, I wrote about ATM skimmers made of parts cannibalized from old MP3 players. Since then, I’ve noticed quite a few more ads for these MP3-powered skimmers in the criminal underground, perhaps because audio skimmers allow fraudsters to sell lucrative service contracts along with their theft devices.

Using audio to capture credit and debit card data is not a new technique, but it is becoming vogue: Square, an increasingly popular credit card reader built for the iPhone, works by plugging into the headphone jack on the iPhone and converting credit card data stored on the card into audio files.

Shady Reshipping Centers Exposed, Part I

October 12, 2011

50 Comments

Last week, authorities in New York indicted more than 100 people suspected of being part of a crime ring that used forged credit cards to buy and resell an estimated $13 million worth of Apple products and other electronics overseas.… Read More »

Identity Theft More Profitable Than Car Theft

October 10, 2011

20 Comments

Buying a car or making any other expensive purchase can be a hassle. And when it’s necessary to finance a purchase, there’s one more hurdle. If you want merchant financing, you’ll often be required to fill out a credit application… Read More »

Inside a Modern Mac Trojan

September 28, 2011

31 Comments

Mac malware is back in the news again. Last week, security firm F-Secure warned that it had discovered a Trojan built for OS X that was disguised as a PDF document. It’s not clear whether this malware is a present threat — it was apparently created sometime last year — but the mechanics of how it infects Mac systems is worth a closer look because it challenges a widely-held belief among Mac users that malicious software cannot install without explicit user permission.

MySQL.com Sold for $3k, Serves Malware

September 26, 2011

41 Comments

A security firm revealed today that mysql.com, the central repository for widely-used Web database software, was hacked and booby-trapped to serve visitors with malicious software. The disclosure caught my eye because just a few days ago I saw evidence that administrative access to mysql.com was being sold on the hacker underground for just $3,000.

‘Right-to-Left Override’ Aids Email Attacks

September 26, 2011

18 Comments

Computer crooks and spammers are abusing a little-known encoding method that makes it easy to disguise malicious executable files (.exe) as relatively harmless documents, such as text or Microsoft Word files.

Arrested LulzSec Suspect Pined for Job at DoD

September 23, 2011

54 Comments

A 23-year-old Arizona man arrested on Thursday in connection with the hack of Sony Pictures Entertainment last May was a model student who saw himself one day defending networks at the Department of Defense and the National Security Agency.

Gang Used 3D Printers for ATM Skimmers

September 20, 2011

87 Comments

An ATM skimmer gang stole more than $400,000 using skimming devices built with the help of high-tech 3D printers, federal prosecutors say.

Before I get to the gang, let me explain briefly how ATM skimmers work, and why 3D printing is a noteworthy development in this type of fraud.