A college student in Nigeria has been sentenced to 19 years in prison for scamming an Australian woman out of $47,000 online by pretending to be a widowed white businessman desperately in love with her, CNN reports.
Interesting article about BBC’s own little investigation into botnets and spamming and how easy it is to spam (the larger subject of course was cyber crime).
They basically set up a small botnet and asked the zombied PCs to spam two email accounts they had set up on Gmail and Hotmail.
The UK Prime Minister’s medical records have been breached in a series of high profile ‘data violations’ involving UK politicians and others, the Sunday mail reports. Last week UK cabinet minister Jack Straw’s hotmail account was pwned by criminals trying to hoodwink the minister’s ‘friends’ into sending them money.
UK Justice Secretary Jack Straw’s hotmail account was compromised and hundreds of mails sent to his contacts in a bold attempt to get unsuspecting recipients to send money to the fraudsters, BBC reports.
This is how the scheme works
F-Secure has published the IT Security Threat summary for the second half of 2008.
Summary:
Growth in amounts of malicious software
Growth in infections
Growth in the number of botnets
Growth in criminal profits
Call for growth in punishment
Highlights:
On Botnets infections
During 2008 our Response Lab conducted a small research project focusing on approximately 60 orphaned botnets. Listening to the communication attempts [...]
The Register has reported that an online payment service mycheckfree.com has lost control of at least two of its domains to a crime gang believed to be based in Eastern Europe.
Possible explanation?
It’s also unclear how the culprits managed to hijack the domains. While security experts say DNS poisoning wasn’t out of the question, the more [...]
SANS Internet Storm Center is currently developing a web honeypot project much like the Dshield project.
Volunteer researchers are needed for the next 3 months. Request is made for 70 hours per volunteer for the next 3 months.
Skills needed (up to 4 from the list is welcome):
PHP coding
SQL
Apache
Understanding of HTTP
IIS
Technical writing (documentation)
Experience with various open source [...]
An article by Zdnet’s Zero Day blog discusses the current spread of malware via the Windows Autorun functionality - USB being the main transport agent.Talking about the malware, it notes:
Their functionality varies. It started out with online games password-stealers targeting World of Warcraft, LineAge and others. But over the last months, we’re seeing malware being [...]
Aiming to take the fight to the bot herders, a company - SRI International - has released a tool called BotHunter. It is free. The software works by monitoring the communication between compromised hosts on a corporate network and bot-herding computers also known as command & control centres.
BotHunter uses what sounds more like heuristic methods and processes (where detection is based on patterns) or than signatures (where detection is based on known attacks). This is how it works:
Symantec has published a survey - Underground Economy - detailing the activities of cyber criminals who through astute business models have managed to rake in hundreds of millions of dollars in a year. The cost to victims of these activities easily runs into billions of dollars. What do they sell?
