Malware

Operation Phish Phry reels in 100 in U.S. and Egypt

The largest number of defendants ever charged in a cyber crime case have been indicted in a multinational investigation conducted in the United States and Egypt that uncovered a sophisticated “phishing” operation that fraudulently collected personal information from thousands of victims that was used to defraud American banks. This morning, authorities in several United...

Gmail, AOL and Yahoo logins posted online; weak passwords

Charles Arthur of The Guardian suggests that the leaked email passwords may affect even more people than previously suggested: More than a quarter of a million email accounts on the biggest webmail services are believed to be at risk from online criminals after thousands of passwords belonging to users of the Yahoo, AOL and...

Confirmed: Thousands of Hotmail passwords leaked online (updated)

Tom Warren reports: Neowin has received information regarding a possible Windows Live Hotmail “hack” or phishing scheme where password details of thousands of Hotmail accounts have been posted online. An anonymous user posted details of the accounts on October 1 at pastebin.com, a site commonly used by developers to share code snippets. The details...

URLZone touted as most sophisticated banking trojan yet

Angela Moscaritolo reports: A new banking trojan called URLZone enabled cybercriminals to steal roughly $439,000 from German bank accounts during a recent 22-day crime spree, according to researchers at web security firm Finjan. “So far, this is the most sophisticated bank trojan that we have seen,” Yuval Ben-Itzhak, CTO of Finjan, told SCMagazineUS.com on...

Man on trial over £600k NatWest phishing scam

John Leyden reports: Fraudsters used a sophisticated Trojan to steal online bank login credentials from the compromised PCs of their victims, London’s Southwark Crown Court heard on Tuesday. The malware redirected surfers to a counterfeit NatWest bank website that attempted to trick prospective marks into handing over telephone numbers, passwords, and bank card PINs...

Hackers Breach Payroll Giant, Target Customers

Brian Krebs reports: Hackers last week apparently used stolen account information from a New Jersey company that provides online payroll services to target the firm’s customers in a scheme to steal passwords and other information. Unlike typical so-called “phishing” scams — which are sent indiscriminately to large numbers of people in the hopes...

FBI: Virus suspected in school thefts

Brett Rowland and Kate Schott report: As much as $350,000 reported stolen from Crystal Lake District 47 bank accounts earlier this summer could be linked to cyberthefts at other suburban schools. The FBI’s Chicago office is investigating the cases, at least one of which involves a hard-to-detect computer virus. No arrests have been made...

Commerce Bank replaces cards compromised in Heartland breach

Dan Margolies reports that Commerce Bank in Kansas City is first replacing credit cards after a recent small wave of fraudulent activity was reported. The compromised cards were involved in the Heartland Payment Systems breach disclosed in January 2009. “We are now beginning to reissue some cards that were part of the block of...

Misdirected Spyware Infects Ohio Hospital

Bob McMillan reports: It was a bad idea from the start, but even as bad ideas go, this one went horribly wrong. A a 38-year-old Avon Lake, Ohio, man is set to plead guilty to federal charges after spyware he allegedly meant to install on the computer of a woman he’d had a relationship...

Trial set in botnet hacking conspiracy

Thomas James Frederick Smith, 21, and David Anthony Edwards, 20, have been charged in a federal indictment with conspiring to intentionally cause damage to a protected computer and commit computer fraud. The indictment was announced U.S. Attorney James T. Jacks of the Northern District of Texas. Edwards, of Mesquite, Texas, and Smith, most recently...