cash

now browsing by tag

 
 

Alleged bank vault robber posed with cash on Instagram, Facebook – Naked Security

Source: National Cyber Security – Produced By Gregory Evans

Somebody really needs to write a rap about yobs who show off piles of loot in their social media feeds.

The alleged crook du jour: Arlando M. Henderson, 29, of Charlotte, North Carolina, whom the FBI has arrested and charged with supposedly stealing more than $88,000 smackers from the vaults of his employer, Wells Fargo Bank.

If he’s innocent, Henderson is going to have to explain why his Instagram rap shows him holding an AK-47 and large stacks of cash… and how in the world he found the wherewithal to pick up that Mercedes-Benz in his Facebook posts.

On Friday, the US Attorney’s Office for the Western District of North Carolina said that the FBI arrested Henderson on 4 December in San Diego and charged him with stealing cash from Wells Fargo’s bank vaults, from deposits made by its customers, and with using some of that beautiful green spray-o-cash…

 

…for a down payment on the sweet Mercedes-Benz, and then lying to get a car loan to pay the balance. He allegedly convinced the loan company that he was good for the dough by showing them bogus bank statements.

#cyberfraud | #cybercriminals | Malware That Spits Cash Out of ATMs Has Spread Across the World

Source: National Cyber Security – Produced By Gregory Evans

At 10am on a late November morning in Freiburg, Germany, a bank employee noticed something was wrong with a bank ATM.

It had been hacked with a piece of malware called “Cutlet Maker” that is designed to make ATMs eject all of the money inside them, according to a law enforcement official familiar with the case.

“Ho-ho-ho! Let’s make some cutlets today!” Cutlet Maker’s control panel reads, alongside cartoon images of a chef and a cheering piece of meat. In an apparent Russian play-on-words, a cutlet not only means a cut of meat, but a bundle of cash, too.

A joint investigation between Motherboard and the German broadcaster Bayerischer Rundfunk (BR) has uncovered new details about a spate of so-called “jackpotting” attacks on ATMs in Germany in 2017 that saw thieves make off with more than a million Euros. Jackpotting is a technique where cybercriminals use malware or a piece of hardware to trick an ATM into ejecting all of its cash, no stolen credit card required. Hackers typically install the malware onto an ATM by physically opening a panel on the machine to reveal a USB port.

In some cases, we have identified the specific bank and ATM manufacturer affected. Although a European non-profit said jackpotting attacks have decreased in the region in the first half of this year, multiple sources said the number of attacks in other parts of the world has gone up. Attacked regions include the U.S., Latin America, and Southeast Asia, and the issue impacts banks and ATM manufacturers across the financial industry.

“The U.S. is quite popular,” a source familiar with ATM attacks said. Motherboard and BR granted multiple sources, including law enforcement officials, anonymity to speak more candidly about sensitive hacking incidents.

A screenshot of the Cutlet Maker control panel. Image: Twitter account of @CryptoInsane

*

During the annual Black Hat cybersecurity conference in 2010, late researcher Barnaby Jack demonstrated live on stage his own strain of ATM malware. The audience broke into applause as the ATM displayed the word “JACKPOT” and ejected a steady stream of bank notes.

Now, similar attacks have been deployed in the wild.

In that Freiburg instance no cash was stolen, the law enforcement official said. But Christoph Hebbecker, a prosecuting attorney for the German state of North Rhine-Westphalia, said his office is investigating 10 incidents that took place between February and November 2017, including attacks in which thieves did make off with bundles of cash. In all, hackers stole 1.4 million Euro ($1.5 million), Hebbecker said.

Hebbecker added that because of the similar nature of the attacks, he believes they are all linked to the same criminal gang. In some cases, the prosecutors have video evidence, but they have no suspects so far, they added.

“The investigation is still ongoing,” Hebbecker said in an email in German.

Multiple sources said a number of the 2017 attacks in Germany impacted the bank Santander; two sources said they specifically involved the Wincor 2000xe model of ATM, made by the ATM manufacturer Diebold Nixdorf.

“In general, we do not comment on dedicated, single cases,” Bernd Redecker, director of corporate security and fraud management at Diebold Nixdorf, said in a phone call. “However, we are of course dealing with our customers on jackpotting, and we are aware of these cases.” Diebold Nixdorf has also sold these ATMs to the U.S. market.

nixdorf-atm

An overview of the 2000xe model of ATM. Image: Wincor Nixdorf.

A Santander spokesperson said in an emailed statement, “Protecting our customers’ information and the integrity of our physical network is at the core of what we do. Our experts are involved at every stage of product development and operations to protect customers and the bank from fraud and cyber threats. This focus on protecting our data and operations prevents us from commenting on specific security issues.”

Officials in Berlin said they had faced at least 36 jackpotting cases since spring 2018, resulting in several thousand Euro being stolen. They declined to name the specific malware used.

In all, authorities have recorded 82 jackpotting attacks in Germany across different states in the past several years, according to police spokespeople. However, not all of those attacks resulted in successful cash-outs.

Do you know about other jackpotting attacks? We’d love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on jfcox@jabber.ccc.de, or email joseph.cox@vice.com.

It’s important to remember ATM jackpotting is not limited to a single bank or ATM manufacturer, though. It is likely the other attacks impacted banks other than Santander; those are simply the attacks our investigation identified.

“You will see this across all vendors; this is not dedicated towards a specific machine, nor towards a specific brand, and definitely not a region,” Redecker said.

Part of the security issue for ATMs is that many of them are, in essence, aged Windows computers.

“These are very old, slow machines,” the source familiar with ATM attacks said.

ATM manufacturers have made security improvements to their devices, Redecker from Diebold Nixdorf stressed. But that doesn’t necessarily mean all ATMs across the industry will be up to the same standard.

And responsibility on securing access to the ATMs falls on the banks too.

“In order to execute a jackpotting attack, you have to have access to the internal components of the ATM. So, preventing that first physical attack on the ATM goes a long way toward preventing the jackpotting attack,” David N. Tente, executive director of USA, Canada & Americas at the ATM Industry Association (ATMIA), said in an email.

Redecker said he’s been seeing attacks across the globe since 2012, with Germany suffering its first jackpotting attacks in Berlin in 2014.

Around the time of the 2017 attacks, researchers at cybersecurity firm Kaspersky published research showing Cutlet Maker for sale on hacking forums since May of that year. It seemed anyone with a few thousand dollars could buy the malware, and have a go at jackpotting ATMs themselves.

“The bad guys are selling these developments [malware] to just anybody,” David Sancho, senior threat researcher at cybersecurity firm Trend Micro, and who works with Europol on jackpotting research, said. That has enabled smaller outfits or enterprising criminals to start targeting ATMs, he added.

“Potentially this can affect any country in the world,” Sancho said.

Motherboard spoke to one cybercriminal claiming to sell the Cutlet Maker malware.

“Yes I’m selling. It costs $1000,” they wrote in an email, adding that they can offer support on how to use the tool as well. The seller provided screenshots of an instruction manual in Russian and English, which steps potential users through how to empty an ATM. Sections of the manual include how to check how many banknotes are inside the ATM, and installing the malware itself.

The European Association for Secure Transactions (EAST), a non-profit that tracks financial fraud, said jackpotting attacks decreased 43 percent over the previous year, in a report published this month. But it’s worth stressing that EAST’s report only covers Europe.

“It happens in parts of the world where they don’t have to tell anybody about it,” the source familiar with ATM attacks added. “It’s increasing, but, again, the biggest problem we’ve got is that nobody wants to report this.”

That lowering of the barrier of entry to ATM malware has arguably driven to some of the spike in jackpotting attacks. In January 2018, the Secret Service began warning financial institutions of the first jackpotting attacks in the U.S., although those used another piece of ATM malware called Ploutus.D.

“Globally, our 2019 survey indicates that jackpotting attacks are increasing,” Tente from ATMIA wrote in an email.

As the source familiar with ATM attacks said, “There are attacks happening, but a lot of the time it’s not publicized.”

Subscribe to our new cybersecurity podcast, CYBER.

Source link

The post #cyberfraud | #cybercriminals | Malware That Spits Cash Out of ATMs Has Spread Across the World appeared first on National Cyber Security.

View full post on National Cyber Security

Cash #Converters is #HACKED: Cyber #criminals hold UK #customer #credit card numbers, addresses and #passwords to #ransom after major #security breach

Source: National Cyber Security – Produced By Gregory Evans

Hackers who attacked the now defunct website of second hand goods store Cash Converters may have access to the account details of thousands of customers.

Usernames, passwords, delivery addresses and potentially partial credit card numbers are among the data believed to have been stolen.

The culprits are said to be holding the information to ransom while the firm works with law enforcement authorities to investigate the incident.

It is not known exactly how many customers were impacted in the hack or when it happened.

 

Cash Converters operates high street stores where customers can trade items like jewellery and electronics for money.

The affected website, which was put out of action in September 2017 and replaced with an updated version, lets people purchase these products online.

As well as cash trade ins, the company offers small financial loans to its customers.

The data breech is only believed to affect customers of the Perth-founded firm who are based in the UK.

In a breach notification email sent to customers, a Cash Converters spokesman said: ‘Please be reassured that, alongside the relevant authorities, we are investigating this as a matter of urgency and priority.

‘We are also actively implementing measures to ensure that this cannot happen again.

‘Although some details relating to the cybersecurity breach remain confidential while Cash Converters works with the relevant authorities, we will continue to provide as much detail as possible as it becomes available.

‘The current webshop site was independently and thoroughly security tested as part of its development process.

‘We have no reason to believe it has any vulnerability, however additional testing is being completed to get assurance of this.

‘Our customers truly are at the heart of everything we do and we are both disappointed and saddened that you have been affected.

‘We apologise for this situation.’

Cash Converts reportedly received an email from hackers who claiming to have gained access to the data.

They threatened to release the data if they were not paid, which means anyone who used the old site before September 22 could be at risk.

Customers have been to advised to change their passwords and the firm has forced a reset for all UK webshop users.

Speaking about the breach, Jon Topper, CEO of UK webhosting firm The Scale Factory, said: ‘When migrating away from old solutions it’s important to bear in mind that old digital assets will still be running and available online until such time as they are fully decommissioned.

‘As a result they should still be treated as ‘live” which means maintaining a good security posture around them, keeping up with patching and so forth.

‘In their customer notification, Cash Converters were quick to point out that the old site was operated by a third party, possibly intending to deflect responsibility for this breach.

‘This definitely won’t fly under General Data Protection Regulation regulations coming into force next year.

‘Companies running server infrastructure that handles customer data should be engaging with experts to review their security posture ahead of that, in order to avoid being slapped with a large fine.’

The post Cash #Converters is #HACKED: Cyber #criminals hold UK #customer #credit card numbers, addresses and #passwords to #ransom after major #security breach appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Basic #Payment #cash raises #computer #hacker #threat

Source: National Cyber Security – Produced By Gregory Evans

Basic #Payment #cash raises #computer #hacker #threat

EASY access to information about Scottish farmers’ Basic Payments has made them prime targets for cyber crime, the Scottish Business Resilience Centre has warned.

At the end of October, payments worth £254million were issued to farmers and crofters across the country, and SBRC advised farmers to be “extra vigilant” regarding their internet safety, including being aware of suspicious emails or phone calls.

Chief ‘ethical hacker’ with the SBRC, Gerry Grant, said: “I know how vital these payments are to the livelihood of farmers and crofters. This makes it even more important that they’re fully aware that it can make them an easy target for criminals to try and scam them.

“Criminals can easily work out an accurate estimation of what a farmer is likely to receive in CAP payments and armed with this information, they can try and steal the money. They can send various emails to try and get passwords for bank accounts or even try and trick unsuspecting farmers into making payments to the wrong account.”

The types of emails and calls farmers may receive will generally consist of them being asked to take urgent action regarding their finances/bank accounts. SBRC said that any unusual emails or phone calls should be investigated fully, and the contact details should be verified before any action is taken.

Things to look out for include:

• Emails from suppliers asking for funds to be transferred to a different bank account;

• Emails claiming that there is a problem with an account;

• Phone calls from banks saying that there appears to be unusual activity on their account.

The post Basic #Payment #cash raises #computer #hacker #threat appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

6 charged with stealing checks from Anchorage mail and vehicles to get cash

Source: National Cyber Security – Produced By Gregory Evans

Six Anchorage residents have been charged with stealing checks from the mail and vehicles and using them to get cash at banks and stores across the city over a 10-month period, the U.S. Attorney’s Office said Thursday. Acting U.S. Attorney Bryan Schroder said in a prepared statement that Sara James,…

The post 6 charged with stealing checks from Anchorage mail and vehicles to get cash appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Beware the conmen trying to part you from your cash

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ In Norfolk it’s dating, in Wales it’s IT issues, while in Northampton it’s online shopping. And in London it’s just about every type of fraudulent activity you can imagine. Reported fraud …

The post Beware the conmen trying to part you from your cash appeared first on Become007.com.

View full post on Become007.com

INTERNET GIANTS DUPED Google and Facebook lose ‘£77million after falling for phishing scam sending cash to Lithuanian conman’

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ GOOGLE and Facebook have admitted they were conned out of an alleged $100million (£77million) in a phishing scam. The two world’s biggest companies fell victim after a Lithuanian man allegedly tricked …

The post INTERNET GIANTS DUPED Google and Facebook lose ‘£77million after falling for phishing scam sending cash to Lithuanian conman’ appeared first on Become007.com.

View full post on Become007.com

Tinder scammers pose as flight attendants to trick victims into sending cash

Tinder is a pretty good way to find new people to meet, and eventually find a new partner to be with in life (if these things actually happen to work for you). It’s a different story, however, if you come to Tinder hoping for romance, but end up being catfished for money along the way. This has been the fate of a number of Tinder hopefuls in Thailand, with scammers posing as pretty women and draining them of “millions of baht,” in a rather sneaky deceit. Read More…. View full post on Dating Scams 101

Man accused of possessing child pornography held on $50K cash bond

SIOUX FALLS, S.D. (KSFY) – A man accused of possessing child pornography made a court appearance Monday.

Mark Ullrich turned himself in after an investigation by the Internet Crimes Against Children task force led police to his address.

Police found over 30,000 images on his computer, resulting in 25 counts of child pornography.

Police said the images included children between the ages of one and 10 years old.

Ullrich is being held on a $50,000 cash bond.

Source:http://www.ksfy.com/content/news/Man-accused-of-possessing-child-pornography-held-on-50K-cash-bond-415503173.html

Read More

The post Man accused of possessing child pornography held on $50K cash bond appeared first on Parent Security Online.

View full post on Parent Security Online

How to keep that cash card safe

second-age

Source: National Cyber Security – Produced By Gregory Evans

How to keep that cash card safe

Ten days before India’s festive season, during which we spend a third of our annual festive shopping needs, came the shocking disclosure that data of some 32 lakh bank cards had been hacked and compromised. This puts a large number

The post How to keep that cash card safe appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures