It is never dull in The Industry. Here are some of the more interesting stories/happenings from this week.
When you are shopping online it is always a good idea to keep your wits about you. If a deal seems to good to be true, it most likely is. Brian Krebs wrote this week about a scheme that sells name brand products at 30% off, only, they don’t. Sure, they take your credit card information and charge you, but if you receive anything at all, it is a cheap knock off.
In other news, AT&T has confirmed that they were the victim of malicious insiders during a two week period in April. AT&T has stated that three employees of one of their service providers were accessing customer information without permission, including Social Security numbers and DOBs. The perpetrators were apparently trying to obtain unlock codes to remove devices from AT&T’s network.
It is interesting the number of breaches that are coming from vendors/service providers. The Target breach last December, and now AT&T. Enterprises may want to start really vetting who is allowed to connect to their networks because it is an obvious route for compromise.
Surprising no one in The Industry, an Android phone has been shipped that contains malware by default. The malware, disguised as the Google Play Store, gives the criminals full access to the phone and all of the personal information on it. The malware cannot be removed as it is integrated into the devices firmware.
Where does the purloined data go you ask? Why, to an anonymous server in China of course. The only surprise in this story is that it took this long to happen and that the devices are still for sale at large online retailers.
All of you world cup fans need to make sure you are being very careful, whether you are there in person or you are trying to stream the games. From fake wifi hotspots, malicious downloads, or compromised ATMs, criminals are as excited for the games as you are.
For those in Brazil, there are protests going on throughout the country in both the physical and digital world. Keep your wits about you and stay safe.
The FBI has arrested a 20 year old man, Timothy Justin French, also known as Orbit or crisis, for his alleged hacking attacks as part of the NullCrew team. Timothy was tracked down using the same technique the FBI has used to capture other hackers, a snitch. If we have learned anything from the case. It is that snitches don’t get stitches. They get time served.
Some of the other members of the NullCrew team are not sympathetic to Timothy’s arrest. Calling out his poor Opsec and inability to shed old identities. The saying goes, there is no honor among thieves, and apparently that is true for hackers as well.
Illegal Bitcoin mining is becoming more profitable. One enterprising hacker has earned a cool $620,000 by compromising Synology machines. This is not the first time a non-standard system had been used to mine digital currency and it won’t be the last. Remember to look for updates for your systems, even the ones that “just sit there”.
Code Spaces was forced to close their doors after a hacker gained access to their Amazon EC2 control panel. The hacker, in a growing trend of extortion, left Code Spaces a message asking for a large sum of money to fix the issue. When Code Spaces tried to regain access the hacker started deleting data, backups and offsite backups. The cost, both financial and to reputation, is more than Code Spaces could recover from, making them another small business taken out by hackers.
These are just a few of the hacks, breaches and attacks that caught my eye this week.