Information Security News
by Dan Goodin
Security researchers have disrupted an online criminal operation they estimated drew $30 million per year pushing ransomware on unsuspecting people browsing the Internet.
The takedown was performed by investigators from Cisco Systems' Talos security unit, which was researching the Angler Exploit kit. The hack-by-numbers tool is sold in underground crime forums to people who don't want to go through the hassle of developing and testing exploits themselves. Angler is one of the most potent of the exploit kits available, with the ability to successfully infect an estimated 40 percent of the end users it targets using attack code that surreptitiously exploits vulnerabilities in browsers and browser plugins. In most cases, the security flaws have already been patched, but, in some cases, the kits exploit zero-day vulnerabilities for which there is no currently available fix.
The Talos researchers quickly noticed that a large percentage of infected end users were connecting to servers operated by service provider Limestone Networks. After getting the cooperation of Limestone and examining some of the servers responsible for carrying out the operation, the researchers found that the single operation was targeting as many as 90,000 end users per day. They estimated that if just three percent of targets paid the average ransom demand of $300, the operation would generate more than $30 million in 12 months. The estimate is consistent with log files retrieved from just one of the servers accessed by Talos researchers. It showed the operation generating more than $3 million.
by Sean Gallagher
In an announcement on the chain's website, the Trump Hotel Collection informed its customers that their credit card data may have been stolen through malware installed on its payment systems. The malware apparently was active at a number of Trump hotels for over a year.
The breach, first reported by security reporter Brian Krebs in June, affected seven hotels and resorts in the chain, according to a Trump Hotel spokesperson. But the company's executives claim that they have found "no forensic evidence" that credit card data was actually stolen, despite the fact that several banks have claimed a pattern of fraudulent charges stemming from transactions at the hotels.
"Between May 19, 2014, and June 2, 2015, we believe that there may have been unauthorized malware access to some of the computers that host our front desk terminals and payment card terminals in our restaurants, gift shops and other point-of-sale purchase locations at some hotels managed by the Trump Hotel Collection," a company spokesperson wrote in a statement on the Trump Hotel website. "For those customers that used credit or debit cards to make purchases during this time, we believe that the malware may have affected payment card data including payment card account number, card expiration date and security code." At the Trump hotels in Las Vegas and Waikiki, the data may have also included customers' first and last names.
by Cyrus Farivar
Admittedly, many of my colleagues at Ars—not to mention readers—have far more extensive knowledge of computer security than I do. But even I can recognize a ridiculous hacking scene when I see one.
And boy, Sunday night’s season opener of Homeland contained a doozy. If you’re not a Homeland fan, all you need to know for a basis is that this show is set within a fictional but modern-day CIA. (This particular season is set in Berlin.) Within the first four minutes of Season 5, Episode 1—before any recognizable characters show up on screen—two IT guys working for a Berlin-based porn site somehow manage to penetrate the CIA Berlin Station’s firewall and steal over 1,000 sensitive files. (Art imitating life, anyone?)
9 more images in gallery
Here’s how Homeland depicts an epic CIA hack:>
http://arstechnica.com/the-multiverse/2015/10/im-no-expert-but-holy-crap-the-hacking-on-homeland-was-bad/#p3">Read 5 remaining paragraphs | Comments