FBI

U.S. Attorney Charges Seven Individuals in massive click-fraud scheme

by certifiedbug on November 10, 2011

in Internet Security

FBI Press Release
Manhattan U.S. Attorney Charges Seven Individuals for Engineering Sophisticated Internet Fraud Scheme That Infected Millions of Computers Worldwide and Manipulated Internet Advertising Business

Malware Secretly Re-Routed More Than 4 Million Computers, Generating at Least $14 Million in Fraudulent Advertising Fees for the Defendants

In conjunction with the arrests yesterday, authorities in the United States seized computers at various locations, froze the defendants’ financial accounts, and disabled their network of U.S.-based computers—including dozens of rogue DNS servers located in New York and Chicago. Additionally, authorities in the United States took steps with their foreign counterparts to freeze the defendants’ assets located in other countries. Remediation efforts were immediately undertaken to minimize any disruption of Internet service to the users of computers infected with the Malware. This remediation was necessary because the dismantling of the defendants’ rogue DNS servers—to which millions of computers worldwide had been redirected—would potentially have caused all of those computers, for all practical purposes, to lose access to websites.

The remediation effort is being carried out pursuant to the order of a Manhattan federal court judge. As part of that order, the defendant’s rogue DNS servers have been replaced with legitimate ones. Internet Systems Consortium (“ISC”), a not-for-profit entity, was appointed by the court to act as a third-party receiver for a limited period of 120 days during which time it will administer the replacement DNS servers. Although the replacement DNS servers will provide continuity of Internet service to victims, those replacement servers will not remove the Malware from the infected computers. Users who believe their computers may be infected can find additional information at FBI.gov.

http://www.fbi.gov/newyork/press-releases/2011/manhattan-u.s.-attorney-charges-seven-individuals-for-engineering-sophisticated-internet-fraud-scheme-that-infected-millions-of-computers-worldwide-and-manipulated-internet-advertising-business

{ 0 comments }

Warrants and Arrests in “Anonymous” attacks

by certifiedbug on January 28, 2011

in Internet Security

Press Releases

Search Warrants Executed in the United States as Part of Ongoing Cyber Investigation

FBI agents today executed more than 40 search warrants throughout the United States as part of an ongoing investigation into recent coordinated cyber attacks against major companies and organizations. Also today, the United Kingdom’s Metropolitan Police Service executed additional search warrants and arrested five people for their alleged role in the attacks.

These distributed denial of service attacks (DDoS) are facilitated by software tools designed to damage a computer network’s ability to function by flooding it with useless commands and information, thus denying service to legitimate users. A group calling itself “Anonymous” has claimed responsibility for the attacks, saying they conducted them in protest of the companies’ and organizations’ actions. The attacks were facilitated by the software tools the group makes available for free download on the Internet. The victims included major U.S. companies across several industries.

http://www.fbi.gov/news/pressrel/press-releases/warrants_012711

Five arrested under Computer Misuse Act

Detectives from the Metropolitan Police Service’s Police Central e-Crime Unit (PCeU) have arrested five people in connection with offences under the Computer Misuse Act 1990.

The five males aged, 15, 16, 19, 20 and 26, are being held after a series of coordinated arrests at residential addresses in the West Midlands, Northants, Herts, Surrey and London at 07:00hrs today (27 January).

The arrests are in relation to recent and ongoing ‘distributed denial of service’ attacks (DDoS) by an online group calling themselves ‘Anonymous’.

http://cms.met.police.uk/news/arrests_and_charges/five_arrested_under_computer_misuse_act

http://nakedsecurity.sophos.com/2011/01/27/met-police-arrest-five-anonymous-ddos-probe/

Update
Five arrested under Computer Misuse Act are bailed
Battle lines drawn up in cyberspace
http://www.theregister.co.uk/2011/01/28/anonymous_hacklash_warning/

{ 0 comments }

Malware aimed at employment opportunities posted on-line

by certifiedbug on January 21, 2011

in Internet Security

Internet Crime Complaint Center (IC3)

Recent FBI analysis reveals that cyber criminals engaging in ACH/wire transfer fraud have targeted businesses by responding via e-mail to employment opportunities posted online. Recently, more than $150,000 was stolen from a US business via unauthorized wire transfer as a result of an e-mail the business received that contained malware. The malware was embedded in an e-mail response to a job posting the business placed on an employment website and allowed the attacker to obtain the online banking credentials of the person who was authorized to conduct financial transactions within the company. The malicious actor changed the account settings to allow the sending of wire transfers, one to the Ukraine and two to domestic accounts. The malware was identified as aBredolab variant, svrwsc.exe. This malware was connected to the ZeuS/Zbot Trojan, which is commonly used by cyber criminals to defraud US businesses.

The FBI recommends that potential employers remain vigilant in opening the e-mails of perspective employees. Running a virus scan prior to opening any e-mail attachments may provide an added layer of security against this type of attack. The FBI also recommends that businesses use separate computer systems to conduct financial transactions.

http://www.ic3.gov/media/2011/110119.aspx

{ 0 comments }

Manhattan U.S. Attorney charges 37 in ZeuS Banking Fraud

by certifiedbug on October 4, 2010

in Internet Security

FBI Press Release September 30, 2010

According to Complaints unsealed today in Manhattan federal court, the cyber-attacks began in Eastern Europe, and included the use of a malware known as the “Zeus Trojan,” which was typically sent as an apparently-benign e-mail to computers at small businesses and municipalities in the United States. Once the email was opened, the malware embedded itself in the victims’ computers, and recorded their keystrokes—including their account numbers, passwords, and other vital security codes—as they logged into their bank accounts online. The hackers responsible for the malware then used the stolen account information to take over the victims’ bank accounts, and made unauthorized transfers of thousands of dollars at a time to receiving accounts controlled by the co-conspirators.

These receiving accounts were set up by a “money mule organization” responsible for retrieving the proceeds of the malware attacks and transporting or transferring the stolen money overseas. To carry out the scheme, the money mule organization recruited individuals who had entered the United States on student visas, providing them with fake foreign passports, and instructing them to open false-name accounts at U.S. banks. Once these false-name accounts were successfully opened and received the stolen funds from the accounts compromised by the malware attacks, the “mules” were instructed to transfer the proceeds to other accounts, most of which were overseas, or to withdraw the proceeds and transport them overseas as smuggled bulk cash.

The defendants charged in Manhattan federal court include managers of and recruiters for the money mule organization, an individual who obtained the false foreign passports for the mules, and money mules.

As part of the coordinated takedown earlier today, federal and local law enforcement officers arrested 10 of the defendants. Another 10 were previously arrested. The defendants taken into custody in New York today are expected to be presented in Manhattan federal court later this afternoon. Seventeen defendants are still being sought here and abroad.

Wanted poster of fugitives

Charges against each defendant and corresponding maximum potential penalties,
http://newyork.fbi.gov/dojpressrel/pressrel10/nyfo093010.htm

CyberCrime & Doing Time Blog: FBI’s Operation ACHing Mule

{ 0 comments }

FBI Statement on Crime, Terrorism and Homeland Security

July 29, 2010

Before the House Judiciary Subcommittee. Gordon M. Snow, Assistant Director, Federal Bureau of Investigation July 28, 2010 Good morning, Chairman Scott, Ranking Member Gohmert and Members of the Subcommittee. I appreciate the opportunity to testify before you today regarding the FBI’s efforts to combat cyber crime as it relates to social networking sites. Let me [...]

Read the full article →

FBI warns consumers about rogue security programs

December 16, 2009

Press Release December 11, 2009. The FBI warned consumers today about an ongoing threat involving pop-up security messages that appear while they are on the Internet. The messages may contain a virus that could harm your computer, cause costly repairs or, even worse, lead to identity theft. The messages contain scareware, fake or rogue anti-virus [...]

Read the full article →