US man stole 130m credit card numbers

18/08/2009

US prosecutors have charged a man with stealing data relating to 130 million credit and debit cards. Officials say it is the biggest case of identity theft in American history.

They say Albert Gonzales, 28, and two unnamed Russian co-conspirators hacked into the payment systems of retailers, including the 7-Eleven chain.

Prosecutors say they aimed to sell the data on. If convicted, Mr Gonzales faces up to 20 years in jail for wire fraud and five years for conspiracy. He would also have to pay a fine of $250,000 (£150,000) for each of the two charges.

Gonzales used a complicated technique known as an “SQL injection attack” to penetrate networks’ firewalls and steal information, the US Department of Justice said.

According to the indictment, the group researched the credit and debit card systems used by their victims, attacked their networks and sent the data to computer servers they operated in California, Illinois, Latvia, the Netherlands and Ukraine. The data could then be sold on, enabling others to make fraudulent purchases, it said.

Read the full story on the BBC News website.


Smartphones open to SMS attacks

31/07/2009

Mobile handsets including iPhones and those using Windows Mobile or Google’s Android operating system are vulnerable to text-based attacks, say experts.

Software code that arrives in a text message can hijack the phones, said Charlie Miller and Collin Mulliner at the Black Hat conference in Las Vegas. The malware could knock phones off the network or access data and programs.

The team say that hackers could develop programs to exploit the weakness in as little as two weeks. The pair said that publicising the means of attack was necessary to ensure the problem was addressed.

“If we don’t talk about it, somebody is going to do it silently. The bad guys are going to do it no matter what,” Mr Mulliner, an independent security expert, said.

The hack works by slightly modifying the data that arrives with an SMS message. The system that processes such messages is similar across different operating systems and can, once compromised, gain access across a range of applications including a phone’s address book or camera.

The approach is particularly dangerous because messages are delivered automatically, and users cannot tell that they have received the malicious code.

Read the full story on the BBC News website.


GhostNets in the machine

16/04/2009

It wasn’t until last Sunday that Scott Henderson knew he’d been duped. The former US army intelligence officer, along with his colleague “Jumper” had been tracking an alleged Chinese hacker, nicknamed Lost33, who had promised him an interview. “Lost33 did not make contact with Jumper last night.

In fact, it seems he spent the night changing his QQ number” – QQ is a popular Chinese instant messaging service – “and deleting all info from his blog. The website is now completely empty, except for a change to his personal data,” said Henderson on his blog.

Henderson had been tracking Lost33 after his email address – losttemp33@hotmail.com – turned up in an investigation called GhostNet. GhostNet started when Information Warfare Monitor (IWF), a team of cyberwarfare researchers created by Toronto University and the Canadian security thinktank SecDev, had been asked to conduct a security audit for the Tibetan government in exile. It had found malicious software on the Dalai Lama’s most sensitive computers.

The investigation found links back to command and control servers located mainly in China. From there, the IWF found infected computers under the control of those servers in 103 countries.

Read the full story on the Guardian website.


Major cyber spy network uncovered

29/03/2009

An electronic spy network, based mainly in China, has infiltrated computers from government offices around the world, Canadian researchers say.

They said the network had infiltrated 1,295 computers in 103 countries. They included computers belonging to foreign ministries and embassies and those linked with the Dalai Lama – Tibet’s spiritual leader.

There is no conclusive evidence China’s government was behind it, researchers say. Beijing also denied involvement.

The report comes after a 10-month investigation by the Information Warfare Monitor (IWM), which comprises researchers from Ottawa-based think tank SecDev Group and the University of Toronto’s Munk Centre for International Studies.

They were acting on a request from the Tibetan spiritual leader’s office to check whether the computers of his Tibetan exile network had been infiltrated.

Read the full story on the BBC News website.