‘No such thing as anonymity in the cyber world’ says SS man
Unless your a Chinese hacker or work for the NSA
A German man has been sentenced to 50 months in prison and ordered to repay $14m after he hacked into US banks, stealing debit card data and even removed withdrawal limits. Qendrim Dobruna, 29, also known as "closEd" and "cLoz", stole card data and spread it worldwide. The stolen credentials were used to make fraudulent ATM …
.. nor should there be.
English is not a complex language, at least not at the level used in general conversation. Choice of idiom and vocabulary is another matter, that is indeed a bit harder if you don't use the language on a daily basis, but maybe this will help.
Anyway, where were we? Oh, yes, nabbing card thieves. It's all jolly well that they have been caught, but what is casually glanced over in this article is that these guys managed to gain control over internal creditor account parameters such as withdrawal limits. WTF? *That* worries me.
This post has been deleted by a moderator
Yes. Yes, it will. Being prejudiced against a specific person for ethnic reasons is one thing. Admitting a certain statistical tendency is quite another. And (as a person who had to put up with similar judgement myself for quite a while) I really don't care who's gonna think what about me for not giving up my right to the latter - things are what they are, denial will not change them.
This post has been deleted by its author
Being prejudiced against a specific person for ethnic reasons is one thing. Admitting a certain statistical tendency is quite another.
It may be worth mentioning that as a caveat then, like "based on the hacking attempts I get on my site, it appears I'm better off locking out the whole of the Ukraine".
In a US court 4 yrs is a slap on the wrist. 4 yrs for at least $14m? Hardly a deterrent and ironic in a country where shoplifting a pizza can get you life courtesy of 3 strike laws.
All for reduced incarceration for minor crimes, but large scale white collar crime is too lucrative for such leniency. Risk vs reward and all that.
I think the warning is "don't be German" (or English or any other country that has an extradition treaty with the US) The Russian and Ukrainian hackers that have stolen far more in this way are never brought to justice. Even if they were at risk of doing so, a few kickbacks to the right government officials would keep the extradition in limbo indefinitely.
In total, more than 15,000 ATM transactions were conducted in approximately 18 countries around the world using 21 compromised American Red Cross disaster relief prepaid cards, resulting in approximately $14 million in losses to the credit card processor and the American Red Cross.
Bastard should have gotten a much longer sentence like 20 to life.
Why has the ARC suffered any substantial loss ?
The thieves broke into a bank and stole some of the banks money.
The ARC would have to send out 21 replacement cards, even with the admin I can't see how it would be anymore than 200 bucks.
Are you suggesting that the card processing company is charging the customers when it is their own security that has been compromised ?
And I think it is untenable to only give 4 years for such a heinous theft. Hopefully he gets extradited to the USA after he serves three years and 9 months in Germany and gets another trial here where he should serve no less than 20 years and no time off for "good behavior".
The Netherlands' Maastricht University has managed to recoup the Bitcoin ransom it paid to ransomware scum in 2019 – and has made a tidy profit on the deal.
The University explained that in 2019 it suffered a ransomware attack that prevented staff and students from accessing research data, email, or library resources.
Faced with the prospect that ransomware scum could erase research data and disrupt students, the University reluctantly decided to cough up a €200,000 ransom and was able to resume operations.
In brief Google on Friday pledged to update its location history system so that visits to medical clinics and similarly sensitive places are automatically deleted.
In this post-Roe era of America, there is concern that cops and other law enforcement will demand the web giant hand over information about its users if they are suspected of breaking the law by seeking an abortion.
Google keeps a log of its users whereabouts, via its Location History functionality, and provides some controls to delete all or part of those records, or switch it off. Now, seemingly in response to the above concerns and a certain US Supreme Court decision, we're told Google's going to auto-delete some entries.
The choppy waters continue at OpenSea, whose security boss this week disclosed the NFT marketplace suffered an insider attack that could lead to hundreds of thousands of people fending off phishing attempts.
An employee of OpenSea's email delivery vendor Customer.io "misused" their access to download and share OpenSea users' and newsletter subscribers' email addresses "with an unauthorized external party," Head of Security Cory Hardman warned on Wednesday.
"If you have shared your email with OpenSea in the past, you should assume you were impacted," Hardman continued.
A former Canadian government employee has pleaded guilty in a US court to several charges related to his involvement with the NetWalker ransomware gang.
On Tuesday, 34-year-old Sebastien Vachon-Desjardins admitted he conspired to commit computer and wire fraud, intentionally damaged a protected computer, and transmitted a demand in relation to damaging a protected computer.
He will also forfeit $21.5 million and 21 laptops, mobile phones, gaming consoles, and other devices, according to his plea agreement [PDF], which described Vachon-Desjardins as "one of the most prolific NetWalker Ransomware affiliates" responsible for extorting said millions of dollars from dozens of companies worldwide.
America's Federal Trade Commission has sued Walmart, claiming it turned a blind eye to fraudsters using its money transfer services to con folks out of "hundreds of millions of dollars."
In a lawsuit [PDF] filed Tuesday, the regulator claimed the superstore giant is "well aware" of telemarketing fraudsters and other scammers convincing victims to part with their hard-earned cash via its services, with the money being funneled to domestic and international crime rings.
Walmart is accused of allowing these fraudulent money transfers to continue, failing to warn people to be on their guard, and failing to adopt policies and train employees on how to prevent these types of hustles.
The FTC is warning members of the LGBTQ+ community about online extortion via dating apps such as Grindr and Feeld.
According to the American watchdog, a common scam involves a fraudster posing as a potential romantic partner on one of the apps. The cybercriminal sends explicit of a stranger photos while posing as them, and asks for similar ones in return from the mark. If the victim sends photos, the extortionist demands a payment – usually in the form of gift cards – or threatens to share the photos on the chat to the victim's family members, friends, or employer.
China's internet regulator has launched an investigation into the security regime protecting academic journal database China National Knowledge Infrastructure (CNKI), citing national security concerns.
In its announcement of the investigation, the China Cyberspace Administration (CAC) said:
Spyware developed by Italian firm RCS Labs was used to target cellphones in Italy and Kazakhstan — in some cases with an assist from the victims' cellular network providers, according to Google's Threat Analysis Group (TAG).
RCS Labs customers include law-enforcement agencies worldwide, according to the vendor's website. It's one of more than 30 outfits Google researchers are tracking that sell exploits or surveillance capabilities to government-backed groups. And we're told this particular spyware runs on both iOS and Android phones.
We understand this particular campaign of espionage involving RCS's spyware was documented last week by Lookout, which dubbed the toolkit "Hermit." We're told it is potentially capable of spying on the victims' chat apps, camera and microphone, contacts book and calendars, browser, and clipboard, and beam that info back to base. It's said that Italian authorities have used this tool in tackling corruption cases, and the Kazakh government has had its hands on it, too.
NSO Group told European lawmakers this week that "under 50" customers use its notorious Pegasus spyware, though these customers include "more than five" European Union member states.
The surveillance-ware maker's General Counsel Chaim Gelfand refused to answer specific questions about the company's customers during a European Parliament committee meeting on Thursday.
Instead, he frequently repeated the company line that NSO exclusively sells its spyware to government agencies — not private companies or individuals — and only "for the purpose of preventing and investigating terrorism and other serious crimes."
Europol cops have arrested nine suspected members of a cybercrime ring involved in phishing, internet scams, and money laundering.
The alleged crooks are believed to have stolen "several million euros" from at least "dozens of Belgian victims," according to that nation's police, which, along with the Dutch, supported the cross-border operation.
On Tuesday, after searching 24 houses in the Netherlands, officers cuffed eight men between the ages of 25 and 36 from Amsterdam, Almere, Rotterdam, and Spijkenisse, and a 25-year-old woman from Deventer. We're told the cops seized, among other things, a firearm, designer clothing, expensive watches, and tens of thousands of euros.
Biting the hand that feeds IT © 1998–2022