New York (NY) – Myspace appears to be a popular new vehicle for spreading malware, as professional artists find their profile pages being hacked. Exploit Prevention Labs has released a report, claiming that hackers have gained access to the Myspace pages of French funk band Freements of Fortune, Irish rock band Dykeenies, and US R&B singer Alicia Keys.
A Los Angeles man is facing up to 60 years in prison and fines of up to $1.75m (ÂŁ839,000) after admitting to infecting at least 250,000 PCs with information-stealing malware. By day, 26-year-old John Kenneth Schiefer worked as a security consultant for the company 3G Communications. By night he operated a 250,000 PC botnet, which US federal prosecutors are claiming he used to steal information and money from users of eBay’s online banking service, PayPal.
A strain of malware disguised as anti-spyware has become the latest double-agent in multi-step “convergence” crime online. The scam, which prompts users to download malware by posing as an anti-spyware demo, has proliferated dramatically. Reported incidences of its distribution have increased by 1,000 percent in the last month, according to Don Jackson, senior analyst at SecureWorks.
A convicted AOL junk mailer, who tried to strike a spam business deal over instant messenger with a confidential informant, was sentenced on Friday to 27 months in prison. Todd Moeller, 28, of New Jersey was found guilty of helping to send spam to more than 1.2 million AOL subscribers. His accomplice, 26-year-old Adam Vitale of Brooklyn, pleaded guilty in June and faces up to 11 years in prison when he is sentenced next week. The two men delivered spam to more than 1.27 million AOL subscribers between Aug. 17 and Aug. 23, 2005, authorities said.
Symantec has plunged into the data-loss protection (DLP) market via the acquisition route, announcing on Monday that it has agreed to purchase partner Vontu for $350 million. The acquisition, rumored for several weeks, further validates the hot DLP sector, where a number of large players, including EMC and Websense, already have snatched up similar companies. Symantec took a similar approach. “The big guys are gulping these companies up, basically,” Chenxi Wang, the principal security and risk management analyst for Forrester Research, told SCMagazineUS.com today.
UK IT professionals are more concerned about internal system failures than hacker attacks, according to new research. The study by training company Firebrand Training asked 601 UK IT workers to rank their greatest concerns. System failure ranked the highest with 63 per cent of those questioned more concerned about interrupted IT services than the 24 per cent who ranked external threats as their key worry.
Two students have been charged with hacking into the California State University database and changing their grades. John Escalera worked at the university helpdesk and is alleged to have gained access to administrative controls in the PeopleSoft student database by setting up false accounts in the names of the registrar and academic records co-ordinator. Escalera is accused of changing his own grades and those of his friend Gustavo Razo Jr in exchange for cash.
The US Federal Trade Commission is warning businesses to be on the lookout for spam that contains a trojan-laden attachment claiming to be a legal complaint against recipient. The bogus emails appear to come from frauddep[at]ftc[dot] gov, a spoofed address, and contain the actual logo for the FTC to establish legitimacy. The text says that “a complaint has been filed against you and the company you’re affiliated with,” a social engineering tactic used to dupe victims into opening the attachment.
The Chinese state is behind almost daily internet espionage attacks on German companies and government bodies, a top German intelligence official said on Monday. “In our view, state Chinese interests stand behind these digital attacks,” said Hans Elmar Remberg, vice president of the Federal Office for the Protection of the Constitution, the country’s domestic intelligence agency.
Recently, Robert Graham, CEO of Errata Security, posted a blog in which he stated that “today’s CPUs can ‘crack’ passwords eight times fast than they can ‘check’ the passwords.” And we’re not even talking about dual-core machines, just your plain vanilla PC desktop. Graham, who last summer hacked someone’s Gmail account before a live Black Hat audience, is used to making provocative statements. And, as with the Gmail hack, Graham’s not afraid to back these statements up with data.