Ramblings & ephemera

German twins commit the perfect crime

From “Twins Suspected in Spectacular Jewelry Heist Set Free” (Spiegel Online International: 19 March 2009): Saved by their indistinguishable DNA, identical twins suspected in a massive jewelry heist have been set free. Neither could be exclusively linked to the DNA evidence. German police say at least one of the identical twin brothers Hassan and Abbas […]

Criminal goods & service sold on the black market

From Ellen Messmer’s “Symantec takes cybercrime snapshot with ‘Underground Economy’ report” (Network World: 24 November 2008): The “Underground Economy” report [from Symantec] contains a snapshot of online criminal activity observed from July 2007 to June 2008 by a Symantec team monitoring activities in Internet Relay Chat (IRC) and Web-based forums where stolen goods are advertised. […]

Another huge botnet

From Kelly Jackson Higgins’ “Researchers Find Massive Botnet On Nearly 2 Million Infected Consumer, Business, Government PCs” (Dark Reading: 22 April 2009): Researchers have discovered a major botnet operating out of the Ukraine that has infected 1.9 million machines, including large corporate and government PCs mainly in the U.S. The botnet, which appears to be […]

Reasons Windows has a poor security architecture

From Daniel Eran Dilger’s “The Unavoidable Malware Myth: Why Apple Won’t Inherit Microsoft’s Malware Crown” (AppleInsider: 1 April 2008): Thanks to its extensive use of battle-hardened Unix and open source software, Mac OS X also has always had security precautions in place that Windows lacked. It has also not shared the architectural weaknesses of Windows […]

Vista & Mac OS X security features

From Prince McLean’s “Pwn2Own contest winner: Macs are safer than Windows” (AppleInsider: 26 March 2009): Once it did arrive, Vista introduced sophisticated new measures to make it more difficult for malicious crackers to inject code. One is support for the CPU’s NX bit, which allows a process to mark certain areas of memory as “Non-eXecutable” […]

$9 million stolen from 130 ATM machines in 49 cities in 30 minutes

From Catey Hill’s “Massive ATM heist! $9M stolen in only 30 minutes” (New York Daily News: 12 February 2009) With information stolen from only 100 ATM cards, thieves made off with $9 million in cash, according to published reports. It only took 30 minutes. “We’ve seen similar attempts to defraud a bank through ATM machines […]

What passwords do people use? phpBB examples

From Robert Graham’s “PHPBB Password Analysis” (Dark Reading: 6 February 2009): A popular Website, phpbb.com, was recently hacked. The hacker published approximately 20,000 user passwords from the site. … This incident is similar to one two years ago when MySpace was hacked, revealing about 30,000 passwords. … The striking different between the two incidents is […]

Crazy anti-terrorism plans that worked

From a Special Operations officer quoted in Tom Ricks’s Inbox (The Washington Post: 5 October 2008): One of the most interesting operations was the laundry mat [sic]. Having lost many troops and civilians to bombings, the Brits decided they needed to determine who was making the bombs and where they were being manufactured. One bright […]

Conficker creating a new gargantuan botneth

From Asavin Wattanajantra’s “Windows worm could create the ‘world’s biggest botnet’” (IT PRO: 19 January 2009): The Downadup or “Conficker” worm has increased to over nine million infections over the weekend – increasing from 2.4 million in a four-day period, according to F-Secure. … The worm has password cracking capabilities, which is often successful because […]

CCTV in your plane’s cabin?

From Michael Reilly’s “In-flight surveillance could foil terrorists in the sky” (New Scientist: 29 May 2008): CCTV cameras are bringing more and more public places under surveillance – and passenger aircraft could be next. A prototype European system uses multiple cameras and “Big Brother” software to try and automatically detect terrorists or other dangers caused […]

Give CLEAR your info, watch CLEAR lose your info

From “Missing SFO Laptop With Sensitive Data Found” (CBS5: 5 August 2008): The company that runs a fast-pass security prescreening program at San Francisco International Airport said Tuesday that it found a laptop containing the personal information of 33,000 people more than a week after it apparently went missing. The Transportation Security Administration announced late […]

US government makes unsafe RFID-laden passports even less safe through business practices

From Bill Gertz’s “Outsourced passports netting govt. profits, risking national security” (The Washington Times: 26 March 2008): The United States has outsourced the manufacturing of its electronic passports to overseas companies — including one in Thailand that was victimized by Chinese espionage — raising concerns that cost savings are being put ahead of national security, […]

The end of Storm

From Brian Krebs’ “Atrivo Shutdown Hastened Demise of Storm Worm” (The Washington Post: 17 October 2008): The infamous Storm worm, which powered a network of thousands of compromised PCs once responsible for sending more than 20 percent of all spam, appears to have died off. Security experts say Storm’s death knell was sounded by the […]

The end of Storm?

From “Storm Worm botnet cracked wide open” (Heise Security: 9 January 2009): A team of researchers from Bonn University and RWTH Aachen University have analysed the notorious Storm Worm botnet, and concluded it certainly isn’t as invulnerable as it once seemed. Quite the reverse, for in theory it can be rapidly eliminated using software developed […]

Three top botnets

From Kelly Jackson Higgins’ “The World’s Biggest Botnets” (Dark Reading: 9 November 2007): You know about the Storm Trojan, which is spread by the world’s largest botnet. But what you may not know is there’s now a new peer-to-peer based botnet emerging that could blow Storm away. “We’re investigating a new peer-to-peer botnet that may […]

Largest botnet as of 2006: 1.5 M machines

From Gregg Keizer’s “Dutch Botnet Bigger Than Expected” (InformationWeek: 21 October 2005): Dutch prosecutors who last month arrested a trio of young men for creating a large botnet allegedly used to extort a U.S. company, steal identities, and distribute spyware now say they bagged bigger prey: a botnet of 1.5 million machines. According to Wim […]

Why botnet operators do it: profit, politics, & prestige

From Clive Akass’ “Storm worm ‘making millions a day’” (Personal Computer World: 11 February 2008): The people behind the Storm worm are making millions of pounds a day by using it to generate revenue, according to IBM’s principal web security strategist. Joshua Corman, of IBM Internet Security Systems, said that in the past it had […]

Number of bots drops 20% on Christmas

From Robert Lemos’ “Bot-infected PCs get a refresh” (SecurityFocus: 28 December 2006): On Christmas day, the number of bots tracked by the Shadowserver group dropped nearly 20 percent. The dramatic decrease in weekly totals–from more than 500,000 infected systems to less than 400,000 computers–puzzled researchers. The Internet Storm Center, a threat monitoring group managed by […]

1/4 of all Internet computers part of a botnet?

From Nate Anderson’s “Vint Cerf: one quarter of all computers part of a botnet” (Ars Technica: 25 January 2007): The BBC’s Tim Weber, who was in the audience of an Internet panel featuring Vint Cerf, Michael Dell, John Markoff of the New York Times, and Jon Zittrain of Oxford, came away most impressed by the […]

Prices for various services and software in the underground

From Tom Espiner’s “Cracking open the cybercrime economy” (CNET News: 14 December 2007): “Over the years, the criminal elements, the ones who are making money, making millions out of all this online crime, are just getting stronger and stronger. I don’t think we are really winning this war.” As director of antivirus research for F-Secure, […]