Cybercrime

How Target detected hack but failed to act -- Bloomberg

The November data breach that affected as many as 110 million Target customers could have been stopped in its tracks, according to a story published Thursday by Bloomberg.

Speaking with more than ten former Target employees and eight people with knowledge of the hack, Bloomberg said that Target already had in place a sophisticated malware detection system designed by security firm FireEye. The $1.6 million system was set up specifically to identify hacks and cyberattacks before they had a chance to do real damage.

Highlighting the ingenuity of FireEye's detection system, Bloomberg explained that it creates a parallel … Read more

Bitcoin losses spur Mt. Gox to bankruptcy filing

Mt. Gox, the embattled Bitcoin exchange, has filed for bankruptcy protection after falling into a state of disarray earlier this month in the wake of a security lapse that led to fraudulent withdrawals.

The exchange's CEO, Mark Karpeles, announced the news in Tokyo on Friday, saying that Mt. Gox lost nearly 750,000 customer bitcoins, as well as 100,000 of the exchange's own bitcoins. The total number of lost bitcoins translates to nearly $500 million at the current exchange rate, the Wall Street Journal reported Friday.

At the Tokyo press conference, Karpeles expressed contrition about Mt. Gox'… Read more

Bitcoin exchanges reportedly served with subpoenas

Mt. Gox and other Bitcoin exchanges have reportedly received subpoenas from a US Attorney investigating their handling of the recent cyberattacks launched against them.

Citing "a source familiar with the probe," Reuters said on Thursday that the subpoenas from Manhattan U.S. Attorney Preet Bharara were sent to Mt. Gox, other Bitcoin exchanges, and businesses that deal in the virtual currency. The investigation is focused on the recent distributed denial of service attacks that forced Mt. Gox and other exchanges to suspend withdrawals.

A spokesman for Bharara declined to comment to Reuters. A spokeswoman for the attorney's … Read more

Kickstarter hacked, user data stolen

Hackers hit crowd-funding site Kickstarter and made off with user information, the site said Saturday.

Though no credit card information was taken, the site said, attackers made off with usernames, e-mail addresses, mailing addresses, phone numbers, and encrypted passwords.

"Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one," the site said in a blog post, adding that "as a precaution, we strongly recommend that you create a new password for your Kickstarter account, and other accounts … Read more

Sochi visitors entering hacking 'minefield' by firing up electronics

If you've read anything about the Sochi Olympics over the last few days, there's as much a chance that it was about broken and unfinished infrastructure as actual athletics. And now comes word that hackers are having a field day with unsuspecting Sochi visitors.

According to an NBC News report, unprepared Olympics attendees are being hacked the second they fire up their electronic devices.

NBC reporter Richard Engel worked with a security expert to set up two test computers in order to see just how quickly he'd be attacked when logging onto Russian networks. But, he reported, … Read more

Has a jealous lover hired hackers to get into your e-mail?

On seeing a happy, loving couple my first reaction is always one of teary admiration. My second, which arrives very quickly, is sniffy suspicion.

"Can they really be this happy?" I wonder. "How is it possible after 18 months? Aren't they bored of each other yet? She's a lot better-looking than he is, so, well, at least one of her eyes must wander." These are just some of the life-addled thoughts that pass into my consideration.

I was moved, therefore, to hear that last week federal prosecutors charged two Arkansas men for allegedly helping … Read more

Justice Department looking into Target data breach

The Target data breach that has affected up to 110 million people is now under scrutiny by the US Justice Department.

Speaking before the Senate Committee on the Judiciary on Wednesday, US Attorney General Eric Holder said his office is evaluating and enforcing "privacy protections and other safeguards concerning data possessed by government as well as the private sector." More specifically, Holder said that his office is trying to find the criminals who are behind the Target data breach and anyone who might be using the stolen information for gain.

"While we generally do not discuss specific … Read more

SpyEye malware inventor pleads guilty to bank fraud

The alleged architect of the bank-hacking malware SpyEye, which is said to have infected 1.4 million computers, has pleaded guilty to conspiracy to commit wire and bank fraud. The US Department of Justice announced Tuesday that Russian national Aleksandr Andreevich Panin was the primary developer and distributor of SpyEye.

"As several recent and widely reported data breaches have shown, cyber-attacks pose a critical threat to our nation's economic security," US Attorney of the Northern District of Georgia Sally Quillian Yates said in a statement. "Today's plea is a great leap forward in our campaign … Read more

Arts and crafts chain Michaels says credit card data may've been nicked

If you plopped down the plastic at arts and crafts store Michaels recently, you might want to check your statement.

The company said Saturday that it was investigating a potential payment-card security breach, a la those that affected Target and Neiman Marcus.

"Although the investigation is ongoing, based on the information we have received and in light of the widely reported criminal efforts to penetrate the data systems of US retailers, we believe it is appropriate to notify our customers that a potential issue may have occurred," the company said in a post on its Web site Saturday. … Read more

13 indicted in $2M gas station card-skimming scheme

Prosecutors have charged 13 defendants with using card skimmers installed at gas stations to steal more than $2 million from customers throughout the southern US.

The ring allegedly used card readers installed inside gas pumps to record payment card data and PINs from customers. The skimmers were installed internally and used a Bluetooth chip that allowed the thieves to retrieve the data without having to physically connect to the devices, according to an indictment unsealed Tuesday by Manhattan District Attorney Cyrus R. Vance Jr.

Between March 2012 and March 2013, the defendants used the stolen information to forge payment cards … Read more