CyberheistNews vol 2, #4



CyberheistNews Vol 2, #4







Editor's Corner



KnowBe4


[caption id="attachment_1367" align="alignleft" width="150" caption="Stu"]cybercrime[/caption]

Wow, a $6.7 Million Cyberheist...



It happened the first three days of January, with the

offices closed for the New Year Holiday. Cybercriminals

used stolen login details for just two people: a teller

and a call center agent. With those credentials they

transferred around $6.7 Million out of Postbank accounts to

their own accounts that were opened earlier toward the end of

last year. The thieves were able to take record amounts from

ATMs, because the stolen credentials allowed much larger than

normal withdrawals. Ouch.







This was a well-planned, professional cyberheist by a

syndicate that knew what they were doing and were skilled

enough to stay under the radar for quite a long time.







Obviously, there are pointed questions in a case like this:


1) How did they get the credentials? Social engineering?


2) Password policies available but not practiced?


3) How come low-level employees have such high privileges?








If they hire the right forensics team, they might find

out how it happened, but it is likely that the cybercriminals

are going to get away with this heist. Another lesson that

shows us we need to have our defense-in-depth tested on a

regular basis, before the bad guys 'do it for us'. So, even

though your industry might not have government regulation that

requires you to do this for compliance: 1) Schedule regular

penetration testing, 2) Give all staff security awareness

training. By the way, we can do both for you at very competitive

prices, so call us toll free at 855-KNOWBE4 (566-9234)







Here is the story in the South African Times. Don't let this

happen to you (takes about 30 sec. to load):


http://www.timeslive.co.za/local/2012/01/15/it-was-a-happy-new-year-s-day-for-gang-who-pulled-off...r42m-postbank-heist









Real-Time Cyber Crime











I report via Twitter when hacks occur, from dozens of different

sources. If you want to know what goes on real-time, and get a Fave

Link thrown in now and then, follow me on twitter: @stuallard







Quotes of the Week









"I'm a big fan of dreams. Unfortunately, dreams are our first casualty

in life - people seem to give them up, quicker than anything, for a

'reality."
- Kevin Costner







"Although it's easy to forget sometimes, a share is not a lottery

ticket...it's part-ownership of a business."
- Peter Lynch







Please tell your friends about CyberheistNews! They can subscribe here:


http://www.knowbe4.com/about-us/cyberheist-news/



KnowBe4






"We Discovered A Serious Human Vulnerability"







"I'm a system administrator and we regularly get user's workstations

infected with malware. Then Microsoft reported that 45% of the infections

are caused by the users being 'social engineered', so we decided to test it

out for ourselves."







"First we did the Email Exposure Check. Out of our 197 users, 87 email

addresses were found on the Internet. Then we did the Phishing Security

Test, and sent these 87 a relatively simple simulated phishing attack,

that could have been sent by any bad guy."







"We were shocked to see that our spam filters and antivirus did not

catch the phishing email, and that 24 of these 87 clicked on the link.

We discovered a serious human vulnerability." -- P.H. System Admin







Find out for yourself how big this human security hole is in your

organization. Fill out this form, you will get the results for free:


http://www.knowbe4.com/eec/





KnowBe4






The Koobface Malware Gang - Exposed!







Finally, you can have a look at the criminals behind the malware.

I found a great blog by security company Sophos that shows all the

ugly detail. Very interesting reading. They start off with this:

"On 17 January 2012, The New York Times revealed that Facebook plans to

name five men as being involved in the Koobface gang. As a result of

the announcement, we have decided to publish the following research,

which explains how we uncovered the same names." Here is the story:


http://nakedsecurity.sophos.com/koobface/





KnowBe4






Now There Is 'Search' For The Criminal Ecosystem







Brian Krebs on his blog revealed 'MegaSearch' which aims to index

fraud site wares.





A new service in the cyber underground aims to be the Google search of

underground Web sites, connecting buyers to a vast sea of shops that

offer an array of dodgy goods and services, from stolen credit card

numbers to identity information and anonymity tools.





A glut of stolen card data has spawned dozens of stores that sell

the information. The trouble is that each store requires users to create

accounts and sign in before they can search for cards.





Enter MegaSearch.cc, which aims to let fraudsters discover which fraud

shops hold the cards they're looking for, without having to first create

accounts at each shop. This underground search engine aggregates data

about compromised payment cards, and points searchers to various fraud

shops selling them. More:


http://krebsonsecurity.com/2012/01/megasearch-aims-to-index-fraud-site-wares/





KnowBe4






Symantec Backtracks, Admits Own Network Hacked





Uh oh. That's the 'crown jewels' that were stolen! Symantec backed away

from earlier statements regarding the theft of source code of some of

its flagship security products, now admitting that its own network

was compromised, but a few years ago.





In a statement provided to the Reuters news service, the security software

giant acknowledged that hackers had broken into its network when they stole

source code of some of the company's software. More at ComputerWorld:


http://www.computerworld.com/s/article/9223495/

Symantec_backtracks_admits_own_network_hacked?




KnowBe4






A Fresh Cyberheist In Salem County





"SALEM — Computer hackers have broken in and stolen approximately $19,000

by way of an illegal wire transfer from a Salem County bank account that

held over $13 million in funds. The illegal transaction happened in

mid-December and as of late last week Salem County Chief Finance Officer

Douglas C. Wright said the county has yet to recoup the money that was

stolen. Wright said the county is working with law enforcement officials,

who believe the county system was attacked by a computer virus called

a “Zeus Bot.” According to online data from Prevx Security, the virus

that helped hackers get access to Salem County’s account has allegedly

compromised over 74,000 accounts of such companies as the Bank of

America, NASA, Monster.com, ABC, Oracle, Play.com, Cisco, Amazon and

BusinessWeek." More:


http://www.nj.com/salem/index.ssf/2012/01/computer_hackers_tap_into_sale.html



KnowBe4






Cyberheist 'FAVE' LINKS:







* This Week's Links We Like. Tips, Hints And Fun Stuff.





Super Fave: Amazing magic performance at the Consumer Electronics Show

2012 in Las Vegas:


http://www.flixxy.com/magic-at-ces.htm





Diary: The difference between men and women. Quite funny:


http://i.imgur.com/9H13E.jpg





"The Day The LOLcats Died" - a protest song against legislation that would

destroy the Internet to the tune of ‘American Pie':
http://www.flixxy.com/the-day-the-lol-cats-died.htm





Motorcyclist grabs tail of a double-decker airplane flying "inverted":
http://www.flixxy.com/inverted-airplane-tail-grab.htm





"Hello" by Lionel Ritchie re-created with movie clips:
http://www.flixxy.com/hello.htm





Crows are smart and like to have fun. Like sledding!
http://www.flixxy.com/snowboarding-crow.htm





A canine chorus barks the ‘Imperial March’ tune. It seems that people at

Volkswagen thought everyone would love another Star Wars themed ad.

They were right!
http://www.flixxy.com/vw-the-bark-side.htm





For the nerds among us that grew up with slide rules instead of

calculators. Blast from the past:
http://sliderulemuseum.com/





An Indian motorbike can hold 6 people, 2 dogs and lots of luggage:
http://www.flixxy.com/6-man-indian-bike-6-people-2-dogs-and-lots-of-luggage.htm





Rail bridge replacement in Reading, England, filmed by 3 time lapse cameras:
http://www.flixxy.com/rail-bridge-replacement-timelapse.htm




Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews