Author Archives: Patrick Howell O'Neill

International law effort takes down long-running Andromeda botnet

Posted on by

One of the oldest and widespread botnets in history was shut down last week in an international law enforcement operation led by the FBI. The malware’s infrastructure behind Andromeda was dismantled and one unidentified suspected hacker was arrested in Belarus, according to Europol. First launched in 2011, Andromeda was detected on an average of one million machines every month in the last six months, according to Microsoft. The malware was behind one of the top spam campaigns of 2016, associated with as many as 80 malware families and frequently found on compromised websites and advertising networks. Most notably, Andromeda was used by the Avalanche criminal hacking and fraud network, a global operation illegally bringing in millions of dollars per year until a bust last year. “Andromeda malware has very long history,” researchers at the cybersecurity firm Avast wrote last year. “The authors are skilled programmers and operators, recently updating plugins, maintaining entire systems and looking for new […]

The post International law effort takes down long-running Andromeda botnet appeared first on Cyberscoop.

Continue reading International law effort takes down long-running Andromeda botnet

Former NSA employee pleads guilty to taking classified information home

Posted on by

Former National Security Agency employee Nghia H. Pho, 67, pleaded guilty on Friday to one count of removal and retention of national defense information. Prosecutors agreed to ask for no more than an eight year prison sentence. Pho worked for NSA’s Tailored Access Operations (TAO), the offensive hacking unit of the agency. The classified documents the former NSA software developer illegally took home between 2010 and 2015 were reportedly subsequently stolen by Russian intelligence. “In connection with his employment, Pho held various security clearances and had access to national defense and classified information,” according to a Justice Department statement. “Pho also worked on highly classified, specialized projects.” Pho was born in Vietnam and lives in Ellicott City, Md. He is a United States citizen. Pho remains free until sentencing, but his passport has been revoked. The case marks the third instance in the past two years in which a NSA employee has been charged with mishandling classified information. […]

The post Former NSA employee pleads guilty to taking classified information home appeared first on Cyberscoop.

Continue reading Former NSA employee pleads guilty to taking classified information home

National data breach notification law introduced by Senate Commerce Committee members

Posted on by

Three Democratic senators introduced legislation on Thursday requiring companies to notify customers of data breaches within thirty days of their discovery and imposing a five year prison sentence on organizations caught concealing data breaches. The new bill, called the Data Security and Breach Notification Act, was introduced in the wake of reports that Uber paid $100,000 to cover up a 2016 data breach that affected 57 million users. “We need a strong federal law in place to hold companies truly accountable for failing to safeguard data or inform consumers when that information has been stolen by hackers,” Sen. Bill Nelson, D-Fla., said in a statement. “Congress can either take action now to pass this long overdue bill or continue to kowtow to special interests who stand in the way of this commonsense proposal.  When it comes to doing what’s best for consumers, the choice is clear.” The scope of what kind of data […]

The post National data breach notification law introduced by Senate Commerce Committee members appeared first on Cyberscoop.

Continue reading National data breach notification law introduced by Senate Commerce Committee members

Famed Russian hacker gets 14 years in prison for $50 million cyberfraud ring

Posted on by

The prolific Russian hacker Roman Seleznev was sentenced to 14 years in prison Thursday for his role in a $50 million cyberfraud ring. This latest sentence follows a 27-year-prison sentence Seleznev received in April on charges of hacking point-of-sale computers that he then sold to the criminal underground. That scheme generated nearly $170 million in fraudulent charges, prosecutors said. Both sentences will run concurrently. Seleznev pleaded guilty and admitted that, as an associate with the Carder.su fraud ring, he trafficked in stolen financial and identity data. He also pleaded guilty to hacking and bank fraud charges. Seleznev is also known by his handle Track2. Before his 2011 arrest, Seleznev lived “an extravagant lifestyle,” American prosecutors said, including owning beachfront properties in Bali, Indonesia and his home in Vladivostok. In a previous jury trial, Seleznev was photographed next to muscle cars with bundles of money at expensive resorts. He was arrested in the Maldives […]

The post Famed Russian hacker gets 14 years in prison for $50 million cyberfraud ring appeared first on Cyberscoop.

Continue reading Famed Russian hacker gets 14 years in prison for $50 million cyberfraud ring

Western allies consider offensive cyber warfare agreement as Russia launches plan for ‘independent internet’

Posted on by

Several Western nations are considering an offensive-minded cyberwarfare initiative meant to fundamentally change the way the countries react to attacks from adversary nations, Reuters reports. The accord would guide the deployment of offensive cyberweapons. The agreement, being hammered out by the Denmark, Germany, Norway, Spain, The Netherlands, United Kingdom and United States, may be solidified by 2019. While all the nations involved are members of NATO, a NATO spokesperson speaking to CyberScoop was careful to point out that this is definitively not a NATO-backed initiative. NATO itself recently announced it will establish new command centers to incorporate the cyber domain into operational planning. The alliance has seen an increasing number of attacks against members and institutions and NATO Secretary-General Jens Stoltenberg recently said cyber-operations are a potential response any kind of attack against member countries. Irina Novakova, a NATO official, detailed for CyberScoop the alliance’s increasing focus on cyberattacks including the decision that a severe cyberattack could […]

The post Western allies consider offensive cyber warfare agreement as Russia launches plan for ‘independent internet’ appeared first on Cyberscoop.

Continue reading Western allies consider offensive cyber warfare agreement as Russia launches plan for ‘independent internet’

Europol busts global ATM skimmer network

Posted on by

Europol arrested four members of a global criminal network allegedly responsible for placing ATM skimmers around European cities and then cashing out on the other side of the world, the international law enforcement agency announced on Thursday. The arrests mark the end of a two-year investigation that spanned the entire European continent as well as South America and Asia. All four arrested men are Bulgarian nationals, Europol said. ATM skimmers are a common tool used by criminals to steal bank account information from unwitting ATM users. The devices are essentially man-in-the middle attacks that catch account information when people dip their cards. Skimmers are often invisible to the eye and extremely easy to make and use. “Years ago it took someone with knowledge and skills to build a credit card skimmer,” Nate Seidle, CEO of the open source electronics firm SparkFun, explained earlier this year. “Now criminals are buying these off the […]

The post Europol busts global ATM skimmer network appeared first on Cyberscoop.

Continue reading Europol busts global ATM skimmer network

Florida-based credit firm left 111GB of sensitive customer data exposed on AWS server

Posted on by

A Florida-based credit repair company left 111 gigabytes of extremely sensitive customer information and internal company data publicly accessible on the internet possibly for up to two years. The National Credit Federation publicly exposed 47,000 files that included customer names, addresses, dates of birth, driver’s licenses, Social Security cards, credit reports, financial histories, credit card numbers and bank account numbers, according to Chris Vickery, a researcher at the cybersecurity firm UpGuard. File upload dates suggest the public exposure extends back to June 2015. Vickery discovered the data after finding an Amazon Web Services S3 cloud storage bucket used by the company was configured for public access. NCF’s exposure is the latest in a string of organizations leaving sensitive data accessible by the public via an S3 instance. There have been similar incidents impacting the National Security Agency, Department of Defense, Viacom and Verizon, all of which have been discovered by Vickery “This wasn’t secure whatsoever,” Vickery said of […]

The post Florida-based credit firm left 111GB of sensitive customer data exposed on AWS server appeared first on Cyberscoop.

Continue reading Florida-based credit firm left 111GB of sensitive customer data exposed on AWS server

Dark web intelligence firm Terbium Labs raises $6 million

Posted on by

Dark web intelligence firm Terbium Labs raised a $6 million investment round led by Glasswing Ventures, the company announced Wednesday. Founded in 2013, Terbium Labs has raised a total of $15 million off of their product Matchlight, the company’s dark web automated data monitoring system. Dark web intelligence firms are attracting millions of dollars. Flashpoint, another dark web intelligence firm, took in a $28 million round of funding in July. Dark OWL, another company in the space, says it will be announcing a new round of investments in the near future. The company has seen increased investor interest since the dark web market takedowns earlier this year. “Regardless of your politics, when [Attorney General] Jeff Sessions stands up and says ‘the dark net is a concern,’ that gets a lot of attention,” Dark OWL vice president Andrew Lewman said in July. “We’ve had all these people we’ve talked to in the past saying […]

The post Dark web intelligence firm Terbium Labs raises $6 million appeared first on Cyberscoop.

Continue reading Dark web intelligence firm Terbium Labs raises $6 million

Guilty plea for Canadian charged in 2014 Yahoo hacking case

Posted on by

A man pleaded guilty in federal court in San Francisco on Tuesday for his role in helping Russian spies hack into email accounts. Karim Baratov, a 22-year-old Kazakhstan-born Canadian citizen, was arrested in Toronto in March before waiving his right to fight extradition to the U.S. earlier this year. Baratov is charged, along with three other men including two intelligence agents from Russia’s Federal Security Service (FSB), for a role in the 2014 data breach where information tied to 500 million Yahoo accounts was stolen. Baratov pleaded guilty to eight criminal counts including conspiracy to commit computer fraud and abuse and aggravated identity theft. American prosecutors say Baratov worked under the order and pay of the FSB officers Dmitry Dokuchaev and Igor Sushchin. When FSB targets had non-Yahoo emails, the agency allegedly paid Baratov to break into at least 80 accounts. At least 50 of the targets Baratov allegedly hacked used Gmail. The defendant’s lawyers […]

The post Guilty plea for Canadian charged in 2014 Yahoo hacking case appeared first on Cyberscoop.

Continue reading Guilty plea for Canadian charged in 2014 Yahoo hacking case

The company known for cracking iPhones is making tons of money

Posted on by

Cellebrite, the Israeli company known for hacking into smartphones on behalf of governments, is making more money than ever. On the back of newly achieved breakthroughs against Samsung Galaxy S phones and LG products, the company announced record-high revenue for 2017 at a 38 percent jump over the same time last period. Cellebrite’s customers’ commitment to spending money — known as “booking” — grew 65 percent over 2016, an indication that the company will continue to grow. Cellebrite has a few different lines of business, but all fall under the auspices of “digital intelligence.” Most famously, the company specializes is cracking open smartphones and extracting every last byte of data. They sell that to corporations, militaries and governments with interests in gathering and understanding mobile data. In a statement on Monday, CEO Yossi Carmil announced Cellebrite added 100 new employees in the last quarter, established a new operation in Australia and began offering forensics tools […]

The post The company known for cracking iPhones is making tons of money appeared first on Cyberscoop.

Continue reading The company known for cracking iPhones is making tons of money