Daily Archives: October 12, 2016

69% increase in hacked online stores stealing your credit card details from 2015

Posted on by
Reply

Online skimming is a new form of card fraud. In November 2015, the first case was reported. Upon investigating, I scanned a sample of 255K online stores globally and found 3501 stores to be skimmed. It is now ten months later. Are the culprits in jail yet? Not quite, here are the numbers of compromised stores:

November 2015 3501
March 2016 4476 +28%
September 2016 5925 +69%

Victims vary from car makers (Audi ZA) to government (NRSC, Malaysia) to fashion (Converse, Heels.com), to pop stars (Bjork) to NGOs (Science Museum, Washington Cathedral).

At least 159 hacked stores use Magento Enterprise Edition, which is used only by the largest online stores.

754 stores who are skimming today, were already skimming in 2015. Apparently you can skim cards undisturbed for months.

Source: 5900 online stores found skimming [analysis]

Dozens of suspicious court cases, with missing defendants, aim at getting web pages taken down or deindexed – The Washington Post

Posted on by
Reply

There are about 25 court cases throughout the country that have a suspicious profile:

All involve allegedly self-represented plaintiffs, yet they have similar snippets of legalese that suggest a common organization behind them. (A few others, having a slightly different profile, involve actual lawyers.)
All the ostensible defendants ostensibly agreed to injunctions being issued against them, which often leads to a very quick court order (in some cases, less than a week).
Of these 25-odd cases, 15 give the addresses of the defendants — but a private investigator (Giles Miller of Lynx Insights & Investigations) couldn’t find a single one of the ostensible defendants at the ostensible address.

Now, you might ask, what’s the point of suing a fake defendant (to the extent that some of these defendants are indeed fake)? How can anyone get any real money from a fake defendant? How can anyone order a fake defendant to obey a real injunction?

The answer is that Google and various other Internet platforms have a policy: They won’t take down material (or, in Google’s case, remove it from Google indexes) just because someone says it’s defamatory. Understandable — why would these companies want to adjudicate such factual disputes? But if they see a court order that declares that some material is defamatory, they tend to take down or deindex the material, relying on the court’s decision.

Yet the trouble is that these Internet platforms can’t really know if the injunction was issued against the actual author of the supposed defamation — or against a real person at all.

Source: Dozens of suspicious court cases, with missing defendants, aim at getting web pages taken down or deindexed – The Washington Post

‘StrongPity’ malware infects users through illegitimate WinRAR and TrueCrypt installers

Posted on by
Reply

A new strain of malware has been discovered by Kaspersky Labs, named ‘StrongPity,’ which targets users looking for two legitimate computer programs, WinRAR and TrueCrypt. WinRAR is a file archiver utility for Windows, which compresses and extracts files, while the latter is a discontinued encryption tool.

The malware contains components that not only has the ability to give attackers complete control on the victim’s computer, but also steal disk contents and download other software that the cybercriminals need. It was found that users in Italy and Belgium were affected the most, but there were also records found in Turkey, North Africa, and the Middle East.

To be able to gather victims, the attackers have built special fake websites that supposedly host the two programs. One instance that was discovered by the researchers is that the criminals transposed two letters in a domain name, in order to fool the potential victim into thinking that the program was a legitimate WinRAR installer website.

Source: ‘StrongPity’ malware infects users through illegitimate WinRAR and TrueCrypt installers