Saturday, November 28, 2009

ATM Fraud: New Skimming Scheme Hits Banks

Skimming continues to be an emerging threat

A series of skimming crimes that hit the Nashville, TN area recently is but one of many ATM fraud schemes preying upon financial institutions and their customers.

Nashville police reported last week that they were investigating an ATM card skimming scheme where at least 600 individuals were potential victims. Investigators say five Bank of America ATMs were hit, as well as an unknown number of US Bank machines. A total of 60 people had fraudulent withdrawals from their accounts for anywhere between $100 to $5,000 dollars. Investigators suspect that the skimming schemers have now moved on to other cities.

Among recent incidents:

In Las Vegas, 75 skimming attacks were reported over a three-month period, as compared to previous rates of 2-3 incidents per year.

In Sydney Australia, the New South Wales Fraud Squad reported 60 skimming attacks in the first four months of 2009, with a spokesman saying the devices used are "becoming smaller, more sophisticated and capable of storing more data."

In California, investigators reported that skimmers and card duplicators could be bought from overseas sellers on the Internet for a few thousand dollars.

Card skimming is not new. Early forms of skimming device and even dummy ATMs installed in empty shop fronts were used to capture card information in the 1990s.

The ATMIA recommends these steps to help prevent ATM fraud:

Build awareness among customers, branch employees and ATM service teams to help detect devices added to ATM exteriors. Visual clues include tape residue near or on a card reader that would show a skimming device had been placed on the ATM.

Chip-based cards house data on microchips instead of magnetic stripes, making data more difficult to steal and cards more difficult to reproduce.

Contactless cards, out-of-band authentication using cell phones and biometric readers are all new authentication technologies that can be used as alternate methods for conducting secure ATM transactions.

Alert systems monitor routine patterns of withdrawals and notify operators or financial institutions in the event of suspicious activity.

Wednesday, November 25, 2009

Second Windows 7 activation hack appears

Bypass Activate” Windows 7 and Server 2008 R2 Forever

Windows 7 has been available on Bittorrent sites pretty much from the get go. Most of the torrent ISOS available right now are already cracked, bypassing entirely the need to enter a Windows 7 key. But that method involves using a script to hack in an OEM key, which allows Windows 7 — barring any surreptitious Microsoft updates — to run on any machine.

That’s working well enough for now, but hackers are always interested in trying to beat the same game from a different position, so a new Windows 7 activation hack has just shown up. It doesn’t require an OEM key at all. Instead, it simply bypasses the verification DLL completely.

It works by nuking the verifying sppcompai.dll from orbit, and even goes so far as to decativate any reminder popups that might otherwise annoy, reminding you indefinitely to activate your copy of Windows 7.

This is probably a short-lived hack, though. A similar activation hack came out for Vista a couple of years ago, and Microsoft was able to patch it up without much problems. According to My Digital Life, the reason the Windows 7 hack might work right now is “due to leniency… on the part of Microsoft on [the] activation mechanism to avoid getting too many false-positives.”

In other words, Microsoft’s just biding its time right now before dropping the hammer on this activation hack. The only question is, when they finally decide to do so, whether that’ll drop the hammer on the OEM hack as well.

Refer here for more details.

Saturday, November 21, 2009

Spam targets financial transfers

Social Engineering, Spam and Phishing attacks altogether targeting financial transfers

Experts have spotted a new spam attack that targets a financial transfer system handling trillions of dollars in transactions annually; it turns out it's yet another case of fake emails.

The spam messages pretend to come from the National Automated Clearing House Association (NACHA), a U.S. nonprofit association that oversees the Automated Clearing House system (ACH). ACH is a widely used by system used by financial institutions for exchanging details of direct deposits, checks and cash transfers.

In the last few months, countless businesses have lost money through ACH fraud. It happens when the hackers obtain the authentication credentials required to transfer money. Although NACHA has no direct involvement in the processing of the payments, spammers have launched a campaign with messages purporting to be from the organization saying that an ACH payment has been rejected.

The spam messages have a link to a fake website that looks like NACHA's. The site asks the victim to download a PDF file, but it is actually an executable. If launched, the file will install Zbot, also known as Zeus, an advanced piece of banking malware that can harvest the authentication details required to initiate an ACH transaction, according to M86 Security.

NACHA has put an advisory on its website, warning: "NACHA does not send communications to individuals or organizations about individual ACH transactions that they originate or receive."

With this kind of sophisticated trickery, the question becomes: How do you stop it? For starters, make sure you publicize the scheme and keep ACH clients well-trained to refuse emails even if they look real. And even if you are working in another business sector, pay attention to this story because spam could be targeting you next.

For more on this fraudulent scam, refer here.

Wednesday, November 18, 2009

8 Hackers Indicted in $9 Million ATM Theft

It's likely they got in through malware or SQL Injection attacks

Eight members a hacker ring that made off with more than $9 million in a massive ATM fraud scheme last November were indicted in an Atlanta, GA courtroom this week.

The eight men, all from eastern European counties, are accused of hacking into a computer system at RBS WorldPay, the U.S. payment-processing division of Royal Bank of Scotland Group. They then allegedly cloned prepaid ATM cards, which they used to draw out cash from 2,100 ATMs in 280 cities around the world within a couple of hours.

The 16-count indictment charges Tsurikov, Pleshchuk, Covelin and "Hacker 3" with conspiracy to commit wire fraud, wire fraud, conspiracy to commit computer fraud, computer fraud, access device fraud and aggravated identity theft. The indictment states the accused group used sophisticated hacking techniques to compromise the data encryption used by RBS WorldPay to protect customer data on payroll debit cards.

Igor Grudijev, 31, Ronald Tsoi, 31, Evelin Tsoi, 20, and Mihhail Jevgenov, 33, each of Tallinn, Estonia, were indicted for access device fraud.

Please refer here to read the interesting case.

Sunday, November 15, 2009

Firefox Tops Vulnerability List

New study places Firefox at the top of vulnerability list for for the first half of 2009

Application security vendor Cenzic today released its security trends report for the first half of 2009 application. In it, Cenzic claims that the Mozilla's Firefox browser led the field of Web browsers in terms of total vulnerabilities.

According to Cenzic, Firefox accounted for 44 percent of all browser vulnerabilities reported in the first half of 2009. In contrast, Apple's Safari had 35 percent of all reported browser vulnerability, Microsoft's Internet Explorer was third at 15 percent and Opera had just six percent share.

The 2009 figures stand in contrast to Cenzic's Q3/Q4 2008 report, where IE accounted for 43 percent of all reported Web browser vulnerabilities and Firefox followed closely at 39 percent.

Refer here to read more details.

Friday, November 13, 2009

AES - Cracked or Broken?

Is AES Encryption Crackable?

The Advanced Encryption Standard (AES) system was long believed to be invulnerable to attack, but a group of researchers recently demonstrated that there may be an inherent flaw in AES, at least theoretically.

The study was conducted by the University of Luxembourg's Alex Biryukov and Dmitry Khovratovich, France's Orr Dunkelman, Hebrew University's Nathan Keller, and the Weizmann Institute's Adi Shamir.

In their report, "Key Recovery Attacks of Practical Complexity on AES Variants With Up to 10 Rounds," the researchers challenged the structural integrity of the AES protocol. The researchers suggest that AES may not be invulnerable and raise the question of how far is AES from becoming insecure. "The findings discussed in [in the report] are academic in nature and do not threaten the security of systems today," says AppRiver's Fred Touchette. "But because most people depend on the encryption standard to keep sensitive information secure, the findings are nonetheless significant."

AirPatrol CEO Ozzie Diaz believes that wireless systems will be the most vulnerable because many investments in network media are wireless, and there is no physical barrier to entry. Diaz says that exposing the vulnerability of the AES system could lead to innovations for filling those gaps.

Touchette says that AES cryptography is not broken, and notes that the latest attack techniques on AES-192 and AES-256 are impractical outside of a theoretical setting.

Refer here to read more details about the research.

Tuesday, November 10, 2009

Jailbroken iPhones fall victim to Australian virus

21-year-old hacker claims responsibility

iPhone users who have jailbroken their handset to install third-party apps have fallen victim to a virus created by an Australian hacker that alters the phone's wallpaper to a picture of singer Rick Astley.

The hacker, Ashley Towns, a 21-year-old from Wollongong, south of Sydney, claimed the virus was a "harmless" practical joke.

The virus had spread to hundreds of iPhones nationwide by early yesterday and has since gone global.

It followed a similar virus in Germany where a hacker demanded users pay a fee of five dollars for its removal. But Towns was not demanding money from his version.

iPhone users flooded online forums including Whirlpool reporting the virus as early as Friday.

Refer here to read more details.

Sunday, November 8, 2009

Smishing Attack is New Variation of Classic Fraud

Chase Bank Customers Targeted Via Texting

Chase Bank customers in the New York metro area have been receiving bogus text messages claiming to be from the bank, asking for account information. A local New York television station reported the phishing attack last week, claiming that "tens of millions of dollars" have already been stolen by fraudsters.

Chase media relations spokesman Tom Kelly downplays the report, saying, "As you might expect, TV is a little breathless on an issue that has been around via email and now texts for a number of years." Kelly says this attack is a variation of phishing known as "smishing." He says the amount of money taken in the attacks or the number of customers receiving the text messages is unknown.

Lesson learnt:

The new variation of phishing knows as smishing. Don't trust any sms from unknown sources regardless - period.

Refer here for more details.

Thursday, November 5, 2009

Rogue Security Software Still Top Threat

Microsoft reports scareware decline, praise from hackers

Microsoft this week disclosed new evidence that the good guys may be getting the upper hand on cybercriminals -- at least some of the time.

Microsoft says it is seeing decreases in scareware, those obnoxious online promotions that try to frighten you into paying for worthless antivirus protection, along with a decline in those faked Flash player updates that actually download viral coding that allows the bad guys to take full control of your PC.

During the first six months of 2009, Microsoft's Malicious Software Removal Tool cleansed scareware infections from 13.4 million Windows PCs, down from 16.8 million in the last six months of 2008.

Additionally, Microsoft in the first six months of 2009 disinfected copies of the Zlob Trojan found on 2.3 million PCs, down from 21.1 million PCs cleansed of Zlob in the last six months of 2008 -- a 10-fold decrease.

And self replicating worms, like Conficker and Taterf continue to steadily infect more and more PCs. Both Taterf and Conficker spread via tainted USB flash drives.

The main way a PC gets infected is when a viral flash drive gets inserted into its USB port. The virus launches a program that looks for computers nearby sharing the internal network, and spreads the infection to those machines. As part of this loop, it corrupts all of the USB ports on each newly infected machine. So each freshly-infected PC gets primed to taint any clean flash drive that subsequently gets plugged into any of its USB ports. And the cycle repeats exponentially.

We need to ensure, we keep our anti-virus upto date, don't click on any links unless we are really sure, don't install untrusted softwares / applications and don't open any attachments. And we will continue to stay ahead of bad guys out there.

Monday, November 2, 2009

The pros and cons of switching to Windows 7

Top eight reasons to jump in with both feet to upgrade to Windows 7

I'll also tell you three possible reasons for keeping the new OS on the shelf — for a while, at least.

I find a solid core of real improvements in the new release. There are many aspects of Windows 7 that cry out for adopting it and just a few that suggest sticking with Vista or XP.
  1. Windows 7 is easier on the eyes

    Windows 7's a stunner. From wallpaper that changes itself to the tightly controlled group of icons in the area near the clock, Win7 puts the things you need most where you need them. The OS also moves the flotsam out of the way.

    Since there's no Sidebar in Windows 7 — good riddance, I say — Win7's gadgets move to the high-rent district of the desktop, where you can move, resize, and snap them together neatly.

  2. The Action Center puts all the nags in one place

    Windows XP and Vista are notorious for scattering important information all over creation. At the same time — and quite perversely — every two-bit application you install on an XP or Vista PC can pop up annoying messages, distracting your attention while you're trying to get some work done.

    Win7 reduces the shrill impositions to a minimum by funneling almost all interactions through the Action Center. Yes, the Action Center has its roots in the old Security Center, but it's all grown up now.

    The Action Center serves as traffic cop for announcements that inform, warn, and often annoy. But rather than a pop-up window, the only alert you'll see is a flag in the notification area (near the clock) that turns yellow or red as needs dictate.

  3. Win7's security is stronger and less intrusive

    Security stuff gets complicated very quickly. Suffice it to say that Windows 7 is significantly more difficult to crack than Vista, which in turn was an order or magnitude tougher to break into than XP. (Internet Explorer and the .NET Framework are noteworthy exceptions.)

    Compared to Vista's User Account Control (UAC), the equivalent in Windows 7 is clipped and reined in. You can get to the settings easily. For most people, security won't be nearly so difficult in Win7 as it was in Vista.

  4. You can make a movie of what ails your PC

    If you haven't seen Windows 7's new Problem Steps Recorder (PSR), you owe it to yourself to try it. Click Start, type psr, and hit Enter. This little utility lets you record everything on the screen — except the stuff you type — as it happens. When you're done, PSR spits out an MHTML file that can be opened and played back in Internet Explorer

    Like the Snipping Tool in Vista (also available in Win7), once you try PSR, you won't know how you ever lived without it.

  5. Search works — finally!

    Windows XP's built-in search feature is a slow, painful, buggy joke. In Vista, search is a little less labored, occasionally usable, but still unreliable.

    In Windows 7, Microsoft has, at long last, woven search into the operating system itself. There's no noticeable system overhead, searches proceed fairly quickly, and — most important of all — the results are accurate.

  6. You get better control of your devices

    Windows 7 centralizes control of all devices: printers, MP3 players, phones, keyboards, mice, fax machines, and anything else you plug into your computer. The controls all appear in a place called Device Stage.

    If you're tired of having 10 different programs in 10 different places to control your attached hardware, those days are rapidly drawing to a close. The junky little programs that go with the devices will disappear, too. At least I hope they will. So long, commercial driver-update utilities!

  7. Win7 Libraries beat out My Documents any day

    While Libraries don't do away with the need to organize your files, they make it much, much simpler to track files and put them in the right locations.

    "A place for everything, and everything in its place," With Windows 7 Libraries, file management is easier than ever.

  8. HomeGroup makes sharing safe, fast, and fun

    A stroke of pure design genius, Windows 7 HomeGroup bundles all the sharing options you'd likely want in order to make files, printers, and media accessible to any other Windows 7 PC on your network.
Three reasons why Windows 7 isn't for everybody

Despite these and other Win7 positives, there are at least three good reasons for Windows XP and Vista users to stick with their current OS:
  1. If your PC isn't up to snuff, fuhgeddaboutit!

    While Windows 7's hardware demands are less stringent than Vista's, there are zillions of PCs that simply can't handle Win7. However, if you have a desktop machine or laptop that's more than a few years old, upgrading its hardware to support Windows 7 is likely more trouble than it's worth. Don't bother.

  2. If your hardware or software demands XP, stick with that OS

    The XP Mode built into Windows 7 Professional and Ultimate is a Virtual PC–based implementation of XP. XP Mode makes sense for large companies that want to get the benefits of Windows 7 but have to put up with hardware or software that runs only under Windows XP.

  3. Don't try to fix what ain't broke

    By far the most-compelling argument for staying with Windows XP or Vista is this: The Windows you have now does everything you need, and you aren't overly concerned about rootkits or other nearly invisible malware hosing your machine. In this case, there's no compelling reason to go out on a limb with Win7.
Replacing your operating system is slightly simpler than performing a self-administered brain transplant, but it's still no walk in the park. In the vast majority of cases, upgrades to Windows 7 go in smoothly, with a few minor irritations — maybe you can't find the install CD for an old program, for example, or you forgot to write down a password.

But in a small percentage of cases, the Windows 7 installation doesn't go well at all. As they say, stuff happens. Any upgrade could potentially become calamitous, and Windows 7 isn't immune.