TweakTown NewsRefine News by Category:
Two former agents have been charged with stealing money while conducting an undercover investigation against Silk Road.
Carl Mark Force IV was a Drug Enforcement Administration (DEA) agent and Shaun Bridges worked for the US Secret Service - accused of taking bitcoins and converting them into cash, and then depositing it into their own accounts. Bridges allegedly ended up stealing more than $800,000 in bitcoins.
Force has been charged with wire fraud, money laundering and theft of government property, while Bridges has been charged with wire fraud and money laundering. Both men were part of a task force in Baltimore assigned with investigating Silk Road - and both men have resigned from their respective agencies, with additional details expected in the future.
Cybercriminals were able to gain access to thousands of British Airways Executive Club frequent-flyer accounts. It doesn't appear any personal information was viewed or taken during the breach, and British Airways has frozen accounts while an investigation is underway.
"British Airways has become aware of some unauthorized activity in relation to a small number of frequent-flyer executive club accounts," a British Airways spokesperson confirmed to The Guardian.
It remains unknown who is responsible for the Executive Club system intrusion.
The GitHub coding website has suffered from a distributed denial-of-service (DDoS) cyberattack onslaught that lasted more than four days. It appears China could be behind the attack, as search traffic for Baidu, the top search engine in China, was rerouted and meant to take aim at GitHub.
Specifically, all of the Baidu traffic went to GitHub pages that had copies of websites currently banned in China. Baidu noted that its networks weren't compromised in the attack, and claims it wasn't involved in the DDoS siege of GitHub, though cybersecurity researchers say Chinese government officials have to be involved.
Since the attackers were able to direct high volumes of traffic tied to the Chinese Internet infrastructure to GitHub, "it had to be someone who had the ability to tamper with all the Internet traffic coming into China," F-Secure chief research officer Mikko Hyponen told the Wall Street Journal.
A single Command and Control server could be responsible for running a botnet using a number of different malware programs to infect users. It appears the cybercriminals are infecting as many machines as possible, and the botnet can be sold or rented to clients - spreading via manipulated Word documents attached to emails.
Security firm G DATA found a fake rail card invoice is one tactic criminals are using to help infect new victims. Instead of being an actual rail card invoice, however, the installed malware builds up a botnet, as criminals are able to remotely hijack infected PCs.
"The malware behaves like a matryoshka doll on the system," said Ralf Benzmuller, head of G DATA SecurityLabs. "It gradually reveals its potential and actual aim. We suspect that the infected systems are intended for use as zombie PCs in the Andromeda/Gamarue botnet."
Having trouble trying to access GitHub, a website known for hosting and sharing programming code and other specialized content? The site is facing a major distributed denial-of-service (DDoS) attack that started on Thursday and has continued to evolve and pose problems throughout the weekend.
The site seems to be working better now, but the company has confirmed problems starting on Thursday - and continuing until early afternoon on the east coast: "87 hours in, our mitigation is deflecting most attack traffic," GitHub said in a public post. "We're aware of intermittent issues and continue to adapt our response."
It's unknown what perpetrators are behind the attack, but it appears a reflection attack - which pulls traffic from other sites to overwhelm GitHub's server - could be to blame, according to Arbor Networks.
Electronic filing of federal tax returns has become even more complicated, as fallout from a number of high-profile data breaches continues. The Social Security numbers and other stolen personal information from these issues has led to more fraudulent tax returns - and the IRS is informing unknowing victims that someone else filed their tax return for them.
Tax refund fraud is the most prevalent form of identity fraud the Federal Trade Commission (FTC) has received since 2012, according to the National Consumers League. To make matters worse, it's extremely difficult to avoid, so it will remain an appealing crime for cybercriminals.
"Tax fraud this year is very prevalent, primarily because of these recent high-profile data breaches," said Julie Miller, spokesperson for Intuit, in a statement published by the San Jose Mercury News. "We are seeing tax refund fraud being driven by identity theft. That has implications for people who use TurboTax online or any online tax preparation."
The Xtube adult entertainment porn website, a top 800-ranked website in the United States, appears to have recently suffered a malware infection. Hackers have injected malicious code directly into Xtube, and visitors are being redirected with rotating domains towards an exploit landing page.
"Contrary to a malvertising issue where the problem is external, XTube admins need to look at their own server to identify the issue," said Jerome Segura, senior security researcher at Malwarebytes, in a statement to SCMagazine.com. "Based on what we saw, this [is] a dynamic infection that injects [a] malicious iFrame 'on-demand.' In other words this is not hardcoded in the page's source code, but added on-the-fly."
Porn websites are popular targets for cybercriminals due to high amounts of Web traffic, with RedTube recently suffering an issue earlier in 2015. Towards the end of 2015, another popular adult website, xHamster, also suffered a successful malvertising campaign.
The business communication platform Slack confirmed a data breach which left users vulnerable - with usernames, email addresses, passwords, phone numbers, Skype logins, and other information compromised.
It's unknown if the cybercriminals actually decrypted any of the passwords, with no payment information accessed. "We are very aware that our service is essential to many teams," Slack said in a blog post. "We deeply regret this incident and apologize to you, and to everyone who relies on Slack, for the inconvenience."
Slack has added two-factor authentication today, and users will need to enter a verification code along with their traditional password. It's recommended all users begin using it immediately.
Despite South Korea blaming North Korea for hacking its nuclear power operator, officials in Pyongyang have denied their involvement. In a data breach in late 2014, hackers were able to steal employee personal information, physical designs and manuals of the Korea Hydro and Nuclear Power Co.
The Korean Central News Agency said Seoul fabricated evidence saying Internet protocol addresses were linked to the north - even though the recent data breaches were "believed to have been caused by an [unidentified] group of North Korean hackers."
North Korea is believed to have a budding cyberespionage program, with most of its efforts targeted at South Korean banks and other critical infrastructure.
The US government wants additional help from private sector companies in a growing effort to fight cyberattacks.
Financial institutions and healthcare firms face a significant threat, and there needs to be a better strategy to incorporate cybersecurity to keep employees and users safe. Cyberattacks are a global problem that can create legal headaches for businesses once they have been breached by cybercriminals.
"Each of us must recognize this risk is perhaps the most pressing operational risk of our time," said US Deputy Treasury Secretary Sarah Bloom Raskin, when speaking at the CityWeek conference in London. "We now need to develop consensus around ways to respond to this threat."