Skip navigation
Help

Cybercrime

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.

A man who has won about $1.5 million in poker tournaments has been arrested and charged with running an operation that combined spam, Android malware, and a fake dating website to scam victims out of $3.9 million, according to Symantec.

Symantec worked with investigators from the Chiba Prefectural Police in Japan, who earlier this week "arrested nine individuals for distributing spam that included e-mails with links to download Android.Enesoluty—a malware used to collect contact details stored on the owner’s device," Symantec wrote in its blog.

Android.Enesoluty is a Trojan distributed as an Android application file. It steals information and sends it to computers run by hackers. It was discovered by security researchers in September 2012.

The suspect flagged as the "main player running the operation" is 50-year-old Masaaki Kagawa of Tokyo, president of an IT firm named Koei Planning and a poker player with success in high-stakes tournaments around the world.

Masaaki Kagawa wins a big pot in the Aussie Millions Cash Game Invitational a few years ago.

Kagawa has reportedly won about $1.5 million in tournaments dating back to 2008 (minus entry fees). His most recent score was a third place finish in the 2013 Aussie Millions Poker Championship in February, which netted him $320,000.

Kagawa was already under investigation while playing in that tournament. Symantec explains:

From our observations, the operation began around September 2012 and ended in April 2013 when authorities raided the company office. We confirmed around 150 domains were registered to host the malicious apps during this time span. According to media reports, the group was able to collect approximately 37 million e-mail addresses from around 810,000 Android devices. The company earned over 390 million yen (approximately 3.9 million US dollars) by running a fake online dating service called Sakura in the last five months of the spam operation. Spam used to lure victims to the dating site was sent to the addresses collected by the malware.

The malware allegedly used in this operation appears to share source code with Android.Uracto, a Trojan that steals contacts and sends spam text messages to those contacts. Scammers maintaining Android.Uracto have not yet been identified.

0
Your rating: None
Original author: 
Sean Gallagher

Over a year after the arrest of eight of its members in Russia, the alleged leader of the original Carberp botnet ring that stole millions from bank accounts worldwide has been arrested, along with about 20 other members of the ring who served as its malware development team. The arrests, reported by the news site Kommersant Ukraine, were a collaboration between Russian and Ukrainian security forces. The alleged ringleader, an unnamed 28-year-old Russian citizen, and the others were living throughout Ukraine.

Initially launched in 2010, Carberp primarily targeted the customers of Russian and Ukrainian banks and was novel in the way it doctored Java code used in banking apps to commit its fraud. Spread by the ring through malware planted on popular Russian websites, the Carberp trojan was used to distribute targeted malware that modifies the bytecode in BIFIT's iBank 2 e-banking application, a popular online banking tool used by over 800 Russian banks, according to Aleksandr Matrosov, senior malware researcher at ESET. The botnet that spread the malware, which was a variant of the Zeus botnet framework, also was used to launch distributed denial of service attacks.

In February of 2011 the group put its malware on the market, selling it to would-be cybercriminals for $10,000 per kit—but it pulled the kit a few months later.

Read 1 remaining paragraphs | Comments

0
Your rating: None

chinese hacker

For the past four months the New York Times has been under attack by Chinese hackers, the newspaper says.

The hackers were able to "infiltrate its computer systems" and get passwords from reporters and other employees. The Times says it hired an outside firm to study the hacks and block them for good. It also says that no customer information was leaked by these attacks.

The Times thinks the motivation was an investigation into the relatives of China's prime minister, Wen Jiabao, and how their business dealings turned them into billionaires.

The hackers were tricky about hiding their tracks. They used a technique called "spearphishing" where they sent emails laced with malicious links. Once opened, malware was secretly downloaded onto the recipients computers. The email was routed through U.S. universities to disguise their origin. These were the same U.S. universities used to disguise Chinese hacker attacks on the U.S. military, the Times says.

Chinese officials deny that the government or military were involved in the attacks.

These type of super targeted attacks, where hackers work to break into a specific company, are particularly hard to defend against. The industry calls them "advanced persistent threats." But there are some U.S. security startups with technology that can thwart them including FireEye, which earlier this month landed a $50 million round of financing and a big name new CEO, Dave DeWalt.

Don't miss: The 15 Most Important Security Startups Of 2013

Please follow SAI: Enterprise on Twitter and Facebook.

Join the conversation about this story »

0
Your rating: None

Hackers-darkness_thumb

Last week, Leon Panetta stoked some fears and drew bloggy jeers when he warned of an incoming “cyber Pearl Harbor.” The gloomy song and dance, which we’ve heard played out so many a time now, made a chorus of hackers’ alleged ability to disrupt transit lines and shut down the power grid. As Motherboard’s Mr. Estes pointed out, the faux-somber debacle was mostly designed to scare folks into supporting the Obama administration’s drive for internet security legislation.

And it might work. After all, we’re innately terrified of a world without electricity at this point; so much so that we’ve created an entire subgenere of fiction, the unplugged dystopia, to imagine its terrors. There’s been a steady drumbeat of forceful warnings of cyber attacks that could “cripple” the US grid: from Obama himself, from the NSA general who said over the summer that the probability of a crisis is mounting, and from the military, who says that Anonymous, the hacker group, would soon be capable of shutting down the entire U.S. electrical grid.

0
Your rating: None


Google I/O 101: Q&A on Introduction to Dart with Gilad Bracha

Question and answers for the Google I/O 101 session introducing Dart, with Dart language spec lead Gilad Bracha and Seth Ladd and JJ Behrens of Google Developer Relations.
From:
GoogleDevelopers
Views:
1721

23
ratings
Time:
11:50
More in
Science & Technology

0
Your rating: None



One spring day in 2010, a hacker named Kevin Finisterre knew he had hit the jackpot. A network he had been casing finally broadcast the live video and audio feed of a police cruiser belonging to a US-based municipal government. His jaw dropped as a computer in his home office in Columbus, Ohio showed the vehicle—with flashing blue lights on and siren blaring—charging down a road of the unnamed city.

A burly 31-year-old with glasses and pork-chop sideburns, Finisterre has spent more than a decade applying his combination of street smarts and technical skills to pierce digital fortresses. For instance, he once accessed the work account of an engineer for a large utility company. Finisterre used a pilfered profile from Hotjewishgirls.com to trick the engineer into thinking he was interacting with a flirtatious 26-year-old woman, until the engineer finally coughed up enough personal information to make an attack on his corporate account successful.

It's not a bad way to earn a living.

Read the rest of this article...

Read the comments on this post

0
Your rating: None