Son of Stuxnet Found in the Wild

Kim Zetter Diagram of the Duqu malware, courtesy of Symantec. A little more than one year after the infrastructure-destroying Stuxnet worm was discovered on computer systems in Iran, a new piece of malware using some of the same techniques has been found infecting systems in Europe, according to researchers at security firm Symantec. The new … Continue reading

Impressed by FBI trojan, Germans write their own—and national scandal ensues

Matthew Lasar It has been pretty chaotic in German Chancellor Angela Merkel’s cabinet ever since the Chaos Computer Club dumped some alarming technology news in her lap. Turns out that the German government’s "lawful interception" application, supposedly designed only to monitor IP telephone calls, is just a little more powerful than the police let on. … Continue reading

FBI Arrests Man Who Allegedly Hacked Celebrities to Steal Nude Photos

Ryan Singel Federal authorities have arrested and charged a 35-year old Florida man for allegedly hacking dozens of Hollywood celebrities, including breaking into Scarlett Johansson’s phone and leaking nude pictures of her to the internet. Christopher Chaney of Jacksonville, Florida, was charged with 26 counts of accessing protected computers without authorization, identity theft, damaging protected … Continue reading

Pentagon largest-ever cyber theft victim

The Pentagon on Thursday revealed that in the spring it suffered one of its largest losses ever of sensitive data in a cyberattack by a foreign government. It’s a dramatic example of why the military is pursuing a new strategy emphasizing deeper defenses of its computer networks, collaboration with private industry and new steps to … Continue reading

US military halting hackers with "cyber hygiene"

Nate Anderson The US military really likes the Internet—and wants to keep it clean. The Department of Defense yesterday released its “Strategy for Operating in Cyberspace" (PDF), which opens by noting that “it is difficult to overstate this reliance” on the Internet. But to keep the Internet both useful and secure, the Department of Defense … Continue reading

Why Cyber Attacks Are So Difficult to Trace Back to Hackers

Sony, Google, RSA and now Citigroup are just some of the prominent victims of cyber attacks as defenses at large organizations prove porous and attackers elude detection Larry Greenemeier  PHISH AND CHIPS: Cyber attackers are known to break into poorly secured computers and use those hijacked systems as proxies through which they can launch and … Continue reading

Google Disrupts Chinese Spear-Phishing Attack

Kevin Poulsen Google says it’s shut down a well-crafted social engineering attack on Gmail users that targeted the personal accounts of “senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.” The attackers spoofed e-mail to their targets that appeared to come from a friend or … Continue reading

Former Teen Stock Swindler Sentenced to Three Years on New Hack

By Kevin Poulsen A former teenage hacker who once served time for an online stock-trading scheme was sentenced in New York this week to three years in prison on new charges of cracking a New York-based currency exchange service and gifting himself more than $100,000. Van T. Dinh leaves a federal courthouse in Philadelphia in … Continue reading

How a Remote Town in Romania Has Become Cybercrime Central

By Yudhijit Bhattacharjee Râmnicu Vâlcea has only about 120,000 residents, but among law enforcement experts around the world, it has a nickname: Hackerville. The town is full of online crooks who cruise the streets in expensive European cars. Photo: Nick Waplington Three hours outside Bucharest, Romanian National Road 7 begins a gentle ascent into the … Continue reading

Spy games: Inside the convoluted plot to bring down WikiLeaks

By Nate Anderson When Aaron Barr was finalizing a recent computer security presentation for the US Transportation Security Administration, a colleague had a bit of good-natured advice for him: "Scare the sh*t out of them!" In retrospect, this may not have been the advice Barr needed. As CEO of the government-focused infosec company HBGary Federal, … Continue reading

Porn worm extorts money from 2,500 victims

A fast-spreading Russian ransom worm that locks people out of their files has found at least 2,500 victims willing to pay up to get back control of their PCs, researchers have discovered. John E Dunn   A fast-spreading Russian ransom worm that locks people out of their files has found at least 2,500 victims willing to … Continue reading

Security Researcher, CyberCrime Foe Goes Missing

By Kim Zetter A well-known security researcher and cybercrime foe appears to have gone missing in Bulgaria and is feared harmed, according to a news organization that hosts a blog the researcher co-writes. Bulgarian researcher Dancho Danchev, who writes for ZDNet’s Zero Day blog, is an independent security consultant who’s garnered the enmity of cybercriminals … Continue reading

New national cybersecurity plan? Zeus trojan says bring it on

By Matthew Lasar Following a quick trip to the Consumer Electronics Show in Las Vegas, United States Secretary of Commerce Gary Locke is headed for the Stanford Institute on Policy Research on Friday. He’s there to talk up the Obama administration’s efforts to "enhance online security and privacy," plus the "next steps in meeting the … Continue reading

The Hackers Who Broke Gawker

As Gawker Media users scramble to change their passwords in the wake of a massive security breach, members of Gnosis say they’re not planning any more big hacks—but their power has increased exponentially, says Brian Ries. by Brian Ries  Members of the hacking group Gnosis are quick to point out they’re not all that malicious. … Continue reading

First arrest made in WikiLeaks revenge attacks

By Jacqui Cheng 4chan vigilante group Anonymous is used to getting away with its DDoS attacks and other  Internet shenanigans, but that’s not going to be the case this time around. An arrest has been made in 4chan’s revenge attacks on PayPal, Visa, and MasterCard, begun after the companies stopped providing services to WikiLeaks. The … Continue reading

Sting Lures Alleged Malaysian Hacker to U.S. for Arrest

Kim Zetter A Malaysian man has been arrested after Secret Service agents caught him in a sting operation and found 400,000 bank card numbers on his computer. The man allegedly gained access to computer systems belonging to FedComp (a data processor for various credit unions around the country), the Federal Reserve Bank in Cleveland, Ohio, … Continue reading

Stuxnet attacks could move beyond Iranian nuclear plants

Peter Bright The Stuxnet worm, a complicated piece of malware apparently engineered to disrupt Iranian uranium enrichment, could be modified to attack more industries, according to experts speaking to the Senate Homeland Security and Governmental Affairs Committee. The widespread interconnection of corporate networks and use of SCADA systems means that industrial infrastructure is increasingly vulnerable … Continue reading

Does The Girl Who Kicked the Hornet’s Nest Know What She’s Doing?

by Michael Hogan  Michael Nyqvist and Noomi Rapace in The Girl Who Kicked the Hornet’s Nest, opening tomorrow. Anyone who has read the late Stieg Larsson’s vastly entertaining Girl With … novels knows that the titular character, Lisbeth Salander, is a hero for our Internet-addicted era: a virtuoso hacker who uses her near-omnipotent mastery of … Continue reading

‘Spear-Phishing’ Attacks Keep on Giving

By Kim Zetter The number of targeted phishing attacks against individuals has risen dramatically in the last five years from one or two a week in 2005 to more than 70 a day this month, according to a new report from computer security firm Symantec. The industry most recently hardest hit by so-called spear-phishing attacks … Continue reading

Japan has national botnet warriors; why don’t we?

By Matthew Lasar October is Cybersecurity Awareness Month here in the United States, which is a good thing, because we come down with more PC botnet infections than any other country in the world. Microsoft reports 2.2 million US PCs hijacked for cybercrime or distributed denial of service (DDOS) attacks on websites in the first … Continue reading

5 Key Players Nabbed in Ukraine in $70-Million Bank Fraud Ring

By Kim Zetter Ukrainian authorities have arrested five key suspects in a massive international bank fraud ring that used malware to steal at least $70 million from small businesses, municipalities, churches and others in the U.S. The five are alleged to be part of a multi-national ring that includes about 60 other suspects who were … Continue reading