cybercrime

SpyEye malware inventor pleads guilty to bank fraud

The alleged architect of the bank-hacking malware SpyEye, which is said to have infected 1.4 million computers, has pleaded guilty to conspiracy to commit wire and bank fraud. The US Department of Justice announced Tuesday that Russian national Aleksandr Andreevich Panin was the primary developer and distributor of SpyEye.

"As several recent and widely reported data breaches have shown, cyber-attacks pose a critical threat to our nation's economic security," US Attorney of the Northern District of Georgia Sally Quillian Yates said in a statement. "Today's plea is a great leap forward in our campaign … Read more

After hack, Target offers year of free credit monitoring

Tens of thousands of people likely received a conciliatory e-mail from Target on Wednesday. In an effort to temper the repercussions of its massive data breach, the big-box retailer offered to give affected customers one year of free credit monitoring from Experian -- valued at $191.

The security breach, which yielded the personal information of as many as 110 million customers, was first identified on December 15. Apparently, cybercriminals accessed customers' private information at point-of-sale terminals during check-out.

Target said the breach occurred between November 27 and December 15 and resulted in the theft of names, mailing addresses, phone numbers, … Read more

Target confirms malware used on point-of-sale terminals

Hackers infected Target's point-of-sale terminals with malware to steal the payment card information from millions of customers, the retailer's chief executive has confirmed.

The security breach, which yielded the personal information of as many as 110 million customers, was first identified on December 15, four days before the breach was publicly revealed, CEO Gregg Steinhafel told CNBC during an interview. Target revealed Friday that the security breach it suffered between November 27 and December 15 was larger than originally believed, yielding the names, mailing addresses, phone numbers, and e-mail addresses for near three times its original estimate of … Read more

More retailers reportedly victims of holiday data breaches

The scope of credit card data breaches suffered by US retailers during the holiday shopping season may be larger than previously thought.

Following disclosures by Target and Neiman Marcus, Reuters reports that at least three more well-known retailers experienced smaller breaches that have yet to be publicly revealed. The additional attacks used similar techniques as the attack on Target, sources told the news agency, adding that other attacks may have occurred earlier last year.

The Reuters report did not identify which retailers may have been affected by the security breaches.

Target revealed on Friday that a payment card data breach … Read more

Cybersecurity forces align as FireEye acquires Mandiant

Two well-known companies that deal with Internet security have joined forces.

Anti-malware firm FireEye announced Thursday that it acquired data breach responder Mandiant for roughly $1 billion, based on the current value of FireEye shares. This deal could have broad implications for competing cybersecurity firms and even for governments that have been criticized for monitoring users on the Web.

"Organizations today are faced with knitting together a patchwork of point products and services to protect their assets from advanced threats," FireEye CEO David DeWalt said in a statement. "Together, the size and global reach of FireEye and … Read more

Target data stolen in hack showing up on black market

As if the Target hack ordeal couldn't get any worse -- data from the retail chain's massive security breach stolen between November 27 and December 15 is popping up in huge quantities on the black market, The New York Times reported Friday.

After Target conceded Thursday that its in-store point-of-sale systems were indeed hacked, compromising as many as 40 million debit and credit card accounts, fraud industry experts are seeing the information flood online card-selling markets to the tune of a "ten- to twentyfold increase" in high-value cards.

The hack, which affected only shoppers who made … Read more

Researchers discover database with 2M stolen login credentials

Researchers have unearthed an online database full to the brim of stolen account information from popular services including Facebook, Yahoo, Twitter, and Google.

On Tuesday, the security team at Trustwave's SpiderLabs revealed in a blog post that the database contained 1.58 million stolen usernames and passwords. The login credentials were associated with 318,121 Facebook accounts, 21,708 Twitter accounts, 54,437 Google-based accounts, and 59,549 Yahoo accounts. The database also contained approximately 320,000 stolen email account credentials. The remaining number of compromised accounts on the server were FTP accounts, remote desktop details, and secure shells.… Read more

US charges 5 more in $45M global cybercrime scheme

Five more people have been arrested in connection with a global cybercrime ring blamed for the theft of $45 million from banks around the world in a matter of hours.

The five men join eight other men who were indicted in May with participating in a scheme to rob thousands of ATMs using bogus magnetic strip cards. One of those original named defendants -- believed to be the ringleader of the cell -- was murdered in the Dominican Republic in April.

Using data stolen during hacks into two credit card processors, the ring made more than 40,500 withdrawals in … Read more

UK gears up for cyberwarfare offensives

The UK government is planning to recruit hundreds of computer specialists to defend core infrastructure against cyberthreats, Conservative Defence Secretary Philip Hammond said Sunday.

Speaking at the annual Conservative party conference, Hammond said the United Kingdom was dedicating additional resources and funds to building a strong cyber intelligence and surveillance network, according to Reuters.

As cybercrime continues to prove a lucrative way for hackers to steal valuable data for profit or as part of state-sponsored jobs -- and many governments struggle to catch up and protect networks adequately against rising attacks -- defense budget funds now need to not only … Read more

Hacker pleads not guilty to stealing 160M credit cards

One of the five men accused of perpetrating the largest hacking scheme ever prosecuted in the U.S., which culminated with the theft of more than 160 million credit card numbers, pleaded not guilty on Monday, according to Reuters.

The charges levied against Dmitriy Smilianets, 29, include conspiracy to commit wire fraud, wire fraud, and unauthorized access to computers. If convicted, he could spend the next 65 years in prison.

Smilianets is originally from Russia but was extradited to the U.S. from the Netherlands last year. On Monday, he entered his not guilty plea in federal court in Newark, … Read more