Oct 152018
 

There’s an update to a case previously reported in February that I missed last month.  From the U.S. Attorney’s Office, District of Minnesota:

A Latvian man was sentenced today in Minneapolis for participating in a lucrative “scareware” hacking scheme that targeted visitors to the Minneapolis Star Tribune’s website. Assistant Attorney General Brian A. Benczkowski of the Justice Department’s Criminal Division, U.S. Attorney Erica H. MacDonald of the District of Minnesota and Special Agent in Charge Jill Sanborn of the FBI’s Minneapolis Field Office made the announcement.

PETERIS SAHUROVS aka “Piotrek” and “Sagade,” 29, was sentenced to 33 months in prison for conspiracy to commit wire fraud. District Judge Ann D. Montgomery of the District of Minnesota imposed the sentence. SAHUROVS will be removed from the United States to Latvia following his prison sentence.  SAHUROVS was arrested in Latvia on a District of Minnesota indictment in June 2011, but was released by a Latvian court and later fled. In November 2016, SAHUROVS was located in Poland, apprehended by Polish law enforcement, and extradited to the United States in June 2017. SAHUROVS was once the FBI’s fifth most wanted cybercriminal and a reward of up to $50,000 had been offered for information leading to his arrest and conviction. He pleaded guilty before Judge Montgomery on February 7, 2018.

According to admissions made in connection with his plea, from at least May 2009 to June 2011, SAHUROVS operated a “bullet-proof” web hosting service in Latvia, through which he leased server space to customers seeking to carry out criminal schemes without being identified or taken offline. The defendant admitted that he knew his customers were using his servers to perpetrate criminal schemes, including the transmission of malware, fake anti-virus software, spam, and botnets to unwitting victims, and he received notices from Internet governance entities (such as Spamhaus) that his servers were hosting malicious activity. Nonetheless, SAHUROVS took steps to protect the criminal schemes from being discovered or disrupted, and hosted them on his servers for financial gain.

SAHUROVS admitted that from in or about February 2010 to in or about September 2010, he registered domain names, provided bullet-proof hosting services, and gave technical support to a “scareware” scheme targeting visitors to the Minneapolis Star Tribune’s website. On February 19, 2010, the Minneapolis Star Tribune began hosting an online advertisement, purporting to be for Best Western hotels, on its website, startribune.com. Two days later, however, the advertisement began causing the computers of visitors to the website to be infected with malware. This malware, also known as “scareware,” caused visitors to experience slow system performance, unwanted pop-ups and total system failure. Website visitors also received a fake “Windows Security Alert” pop-up informing them that their computer had been infected with a virus and another pop-up that falsely represented that they needed to purchase the “Antivirus Soft” computer program to fix their security issues, at a price of $49.95.

Website visitors who clicked the “Antivirus Soft” window were presented with an online order form to purchase a purported security program called “Antivirus Soft.” Users who purchased “Antivirus Soft” received a file download that “unfroze” their computers and stopped the pop-ups and security notifications. However, the defendant admitted, the file was not a real anti-virus product, did not perform legitimate computer security functions, and merely caused the malware that members of the conspiracy had previously installed to cease operating. Meanwhile, the defendant admitted, victim users who did not choose to purchase “Antivirus Soft” became immediately inundated with so many pop-ups containing fraudulent “security alerts” that all information, data, and files on their computers were rendered inaccessible. Members of the conspiracy defrauded victims out of substantial amounts of money as a result of the scheme. The defendant admitted that as a result of his participation, he made between $150,000 and $250,000 U.S. dollars.

This case was investigated by the FBI’s Minneapolis Field Office. The Criminal Division’s Office of International Affairs secured the extradition from Poland and the Polish National Police, the National Prosecutor’s Office, and the Ministry of Justice provided substantial assistance in this matter.

Assistant U.S. Attorney Timothy C. Rank of the District of Minnesota and Trial Attorney Aaron R. Cooper of the Criminal Division’s Computer Crime and Intellectual Property Section prosecuted the case.

Defendant Information:

PETERIS SAHUROVS, 29

Rezekne, Latvia

Convicted:

  • Conspiracy to commit wire fraud, 1 count

Sentenced:

  • 33 months in prison
  • Removal from the United States to Latvia following the defendant’s prison sentence

Related: Bad News for Hacker

Oct 152018
 

Rachel Eddie reports:

Kitchenware brand Neoflam Australia has mistakenly published its internal warranty records, exposing the private information of more than 7500 of its customers, The New Daily can reveal.

A page under the brand’s website revealed the full name, age or age bracket, gender, phone number, home address and email of customers from between 2010 and 2015.

Read more on The New Daily.

Oct 132018
 

Lindsay Dodgson reports:

If you sign up to Ashley Madison, you don’t have to think about what you’re doing as cheating, but “outsourcing your sex life.”

“In 2018 we expect our life partners are going to be everything to us — they’ve got to be my best friend, they’ve got to be sexually compatible, they have to be great at coparenting,” Ruben Buell, Ashley Madison’s president and chief technology officer, told Business Insider.

“We have to have the same vision of finances, we have to have the same hobbies, the same interests… There’s so much pressure on that one relationship, everything has to be right.

“And sometimes, the vast majority of it is right, but maybe there’s something that’s not.”

This is one of the reasons Ashley Madison currently sees 20,000 new sign ups a day, and over 40,000 affairs happen on the site every day.

Even after the data leak back in 2015, people came back to Ashley Madison.

Read more on Business Insider.

Oct 122018
 

Donnie O’Sullivan reports:

Almost 30 million Facebook users’ phone numbers and email addresses were accessed by hackers in the biggest security breach in the company’s history, Facebook said Friday. The attackers accessed even more details on 14 million of those users, including the area where they live, their relationship status, their religion, and part of their search history.

Read more on CNN.

In related news, Business Insider shows you how to check to see if your account was affected  and it also shows you how to delete your Facebook account.

Oct 122018
 

Zack Whittaker reports:

FitMetrix, a fitness technology and performance tracking company owned by gym booking giant Mindbody, has exposed millions of user records because it left several of its servers without a password.

The company builds fitness tracking software for gyms and group classes that displays heart rate and other fitness metric information for interactive workouts. FitMetrix was acquired by gym and wellness scheduling service Mindbody earlier this year for $15.3 million, according to a government filing.

Last week, a security researcher found three FitMetrix unprotected servers leaking customer data.

Read more on TechCrunch.