Published on UnsafeBits

01/08/2010

Banking in a Time of Cybercrime

Any small business, educational organization or local government needs to be wary these days. In the past year, cybercriminals have increasingly targeted these less-than-security-savvy groups with malicious software tailored to facilitate bank fraud.

In one case, which I documented for an article in Technology Review, online thieves targeted the accountant at a small California firm with a banking trojan. When the worker signed into the company’s bank account, the thieves initiated 27 fraudulent transactions totaling approximately $447,000. Former Washington Post reporter Brian Krebs has reported on over two dozen such cases. In total, the government estimates that businesses have lost more than $100 million as of early November.

Now, financial institutions and the government are preparing to advise businesses and other organizations on how to better bank online in these treacherous times.

UnsafeBits

Posted at 05:06 PM in Articles, Cybercrime, Law and Policy, Published on UnsafeBits, Security | | Comments (0) | TrackBack (0)

|

01/06/2010

Zeus Attracts Developer Ecosystem

For the entry-level cybercriminal, the Zeus do-it-yourself botnet creation kit has become the go-to program for getting a modest botnet up and running.

An entire business ecosystem has evolved to serve the needs of would-be cybercriminals. Their draw to Zeus: Ease of use, a competitive marketplace, and lots of customization. The result is that cybercriminal networks based on the Zeus kits account for about one-in-ten botnets, according to security firm Damballa.

And the demand is feeding more development and competition, says Gunter Ollmann, Damballa’s vice president of research.

UnsafeBits

Posted at 12:10 PM in Articles, Cybercrime, Malicious Code, Published on UnsafeBits | | Comments (0) | TrackBack (0)

|

01/04/2010

Broken Exploit? Not so Fast

Attackers don’t always get it right. Many times, their attempts to exploit a program or a computer system go awry. The result: A crash.

So, when Bojan Zdrnja, a Croatia-based handler for SANS Internet Storm Center, looked at a PDF document submitted to the volunteer group of security experts, he didn’t think it odd that it merely seemed to crash Adobe’s Acrobat Reader. To Zdrnja, the document clearly had been altered, but not in a way that could have exploited Acrobat or the operating system.

UnsafeBits

Posted at 12:08 PM in Articles, Cybercrime, Hacking, Published on UnsafeBits, Research, Security | | Comments (0) | TrackBack (0)

|