In Passing: Dennis Hopper
May 17, 1936 – May 29, 2010
Robert McMillan writes on PC World:
The CEO of a company accused of making more than US$100 million selling harmful "scareware" antivirus products was already a fugitive from U.S. authorities, following his arrest in 2008 on criminal counterfeiting charges.More here.
Shaileshkumar "Sam" Jain is one of three men who were charged by the U.S. Department of Justice on Wednesday for allegedly operating a massive scareware distribution ring.
He's now thought to reside in Ukraine, but arrived there only after giving authorities the slip after being arrested by federal agents in 2008 on charges that his company sold counterfeit versions of Symantec antivirus products. Jain has been considered a fugitive by U.S. authorities since early 2009, when he skipped out on a $250,000 bond and failed to show up for a Jan. 12 California court appearance.
Jain ran a Ukrainian company called Innovative Marketing, which prosecutors say sold an astounding 1 million copies of fake antivirus products such as WinFixer, Antivirus 2008 and VirusRemover 2008.
Organized cyber thieves stole more than $100,000 from a small credit union in Salt Lake City last week, in a brazen online robbery that involved dozens of co-conspirators, KrebsOnSecurity has learned.More here.
In most of the e-banking robberies I’ve written about to date, the victims have been small to mid-sized businesses that had their online bank accounts cleaned out after cyber thieves compromised the organization’s computers. This incident is notable because the entity that was both compromised and robbed was a bank.
The attack began Thursday, May 20, when the unidentified perpetrators started transferring funds out of an internal account at Treasury Credit Union, a financial institution that primarily serves employees of the U.S. Treasury Department in the state of Utah and their families. Treasury Credit Union President Steve Melgar said the thieves made at least 70 transfers before the fraud was stopped.
Melgar declined to say how much money was stolen, stating only that the total amount was likely to be in the “low six-figures.”
An international cybercrime scheme caused Internet users in more than 60 countries to purchase more than one million bogus software products, causing victims to lose more than $100 million, according to a federal indictment returned here against a Cincinnati area man and two other men believed to be living abroad. The charges allege that the defendants, through fake advertisements placed on various legitimate companies' websites, deceived Internet users into falsely believing that their computers were infected with "malware" or had other critical errors to induce them to purchase "scareware" software products that had limited or no ability to remedy the purported, but nonexistent, defects. The alleged scheme is widely regarded as one of the fastest-growing and most prevalent types of Internet fraud.More here.
Two defendants, Bjorn Daniel Sundin and Shaileshkumar P. Jain, with others owned and operated Innovative Marketing Inc. (IM), a company registered in Belize that purported to sell anti-virus and computer performance/repair software through the internet and that operated a subsidiary called Innovative Marketing Ukraine, located in Kiev. The company appeared to close down last year after the U.S. Federal Trade Commission filed a federal lawsuit in Maryland seeking to end the allegedly fraudulent practices.
Jain, 40, who was IM's chief executive officer, is a U.S. citizen and is believed to be living in Ukraine. Sundin, 31, who was IM's chief technology officer and chief operating officer, is a Swedish citizen and is believed to be in Sweden.
The third defendant, James Reno, 26, of Amelia, Ohio, with others owned and operated the former Byte Hosting Internet Services, which operated call centers that provided technical and billing support to victim consumers on behalf of IM. Reno is expected to present himself for arraignment at a later date in U.S. District Court in Chicago.
Eric Chabrow writes on GovInfoSecurity.com:
The Pentagon has raised the possibility of the Defense Department becoming engaged in safeguarding nationally critical IT systems run by business.More here.
In a speech at the Strategic Command Cyber Symposium in Omaha, Neb., on Wednesday, Defense Deputy Secretary William Lynn III also outlined a major shift in DoD's approach to cybersecurity that includes drastically reducing the time to deploy IT security systems and the increased use of sophisticated technology tools to support the smaller-than-needed Defense cybersecurity workforce of the future.
Lynn said the Defense Department is mulling using the Einstein 2 intrusion detection and Einstein 3 intrusion prevention systems developed by the Department of Homeland Security to help secure critical systems such as finance and utility operated by the private sector.
"For the dot-com world, could we create a secure architecture that lets private parties opt in to the protections afforded by active defenses?" Lynn asked. "In this way protection would be voluntary. Operators of critical infrastructure could opt in to a government-sponsored security regime. Individual users who do not want to enroll could stay in the wild wild west of the unprotected Internet."
Jaikumar Vijayan writes on ComputerWorld:
Five people were indicted this week on wire fraud and other criminal charges stemming from a 2007 cybertheft in which nearly $450,000 was stolen from the bank accounts of the city of Carson, Calif.More here.
The federal indictment, handed down in the U.S. District Court for the Eastern District of North Carolina, charges John Quinn and Anthony Bobbitt of allowing their bank accounts in North Carolina to be used as conduits for accepting stolen money and for sending it to bank accounts belonging to three other suspects, Jennifer Woodward, Deago Smith and Lance Holt.
Karen Avilla, treasurer for Carson said the money was siphoned out of the city's coffers via two unauthorized money transfers in May 2007.
The first transfer, from the city's bank account at the City National Bank (CNB) of Carson, was for an amount of $90,500, which was sent to Quinn's account at Branch Banking & Trust in Wilson, NC.
The second transfer, a day later from the same CNB account, involved $358,500 that was sent directly to a National City Bank account in Detroit belonging to a company called Broadbase Financial that was owned by Holt.
David Kravets writes on Threat Level:
A consortium of independent film producers is hitting a stumbling block in its plan to simultaneously sue thousands of BitTorrent users for allegedly downloading pirated movies. Time Warner Cable is refusing to look up and turn over the identities of about a thousand of its customers targeted in the lawsuits, on the grounds that the effort would require three months of full-time work by its staff.More here.
The brouhaha dates to March, when the U.S. Copyright Group launched its mass-litigation campaign, suing thousands of BitTorrent users by the IP addresses they used when feeding and seeding films like Steam Experiment, Far Cry, Uncross the Stars, Gray Man and Call of the Wild 3D. Unlike the similar music-industry lawsuit campaign, which spread its lawsuits out over years, the filmmakers hit ISPs around the country with subpoenas for hundreds of customers at a time, demanding Time Warner Cable comb through its records to identify past users by IP address.
Court filings suggest that none of the broadband providers is happy about servicing the mass subpoenas, but Time Warner Cable is fighting them in court, arguing that serious law enforcement requests for information could fall by the wayside if the company is forced into becoming the research arm of the independent film producers.
Elinor Mills writes on C|Net News:
Media Temple, Web hosting provider for Adobe, ABC, Sony, NBC, Time, Volkswagen, and Starbucks, was hit with a sophisticated distributed denial-of-service (DDoS) attack Tuesday.More here.
The outage began about 3:50 p.m. PDT, when Media Temple's domain name servers were deluged by a flood of traffic coming from outside the U.S., and lasted less than an hour, according to the Los Angeles-based company's blog.
"Due to the sophistication of the attack, our normal DDoS firewall prevention techniques didn't block the attack adequately, as the traffic appears to be legitimate," the company reported at around 5:40 p.m. PDT.
The company said it had initially blocked all traffic from Asia, South America, and Mexico to reduce strain on the network, but later removed the blocks. As of 6:10 p.m. PDT the network was reported stable.
Victoria Fletcher writes on the Express.co.uk:
Blood samples from millions of newborn babies are being stored without their parents’ knowledge, it emerged yesterday.More here.
The massive DNA files can be consulted by a range of organisations including the police, coroners and medical researchers, without having to ask the children’s families.
In a sinister example of Britain’s slide into a Big Brother society, hospitals have admitted storing the blood samples of four million newborns during routine heel-prick tests.
Official guidance says the samples should be kept for at least five years, but some hospitals have been storing them since 1984. The disclosure of the secret database’s existence prompted calls for an official inquiry into why the information is being stored in such a covert way.
Nicole Lewis writes on InformationWeek:
At a congressional hearing last week, Roger Baker, assistant secretary for information and technology at the Department of Veterans Affairs, said during the past 14 months more than 122 medical devices have been compromised by malware.More here.
Baker, who testified before the House Committee on Veterans' Affairs Subcommittee on Oversight and Investigations, said one of the "critical challenges" facing the department is protecting its medical devices from cyber threats.
"The major challenge with securing medical devices is that, because their operation must be certified, the application of operating system patches and malware protection updates is tightly restricted," Baker said. "This inherent vulnerability can increase the potential for cyber attacks on the VA trusted network by creating risk to patient safety," Baker added.
The VA defines a medical device as any device used in patient healthcare for diagnoses, treatment, or monitoring, or that has gone through the Food and Drug Administration's premarket review process. The VA is the federal government's largest medical care provider and has more than 50,000 networked medical devices.
If you haven't seen it, you should.
And you should be angry, very angry.
- ferg
p.s. More stuff here.