money
now browsing by tag
Bitcoin money trail leads cops to ‘world’s largest’ child abuse site – Naked Security
Source: National Cyber Security – Produced By Gregory Evans
US, British and South Korean police announced on Wednesday that they have taken down Welcome To Video: a Darknet market that had what the US Department of Justice (DOJ) says is the world’s most voluminous offerings of child abuse imagery.
The DOJ called this the largest market for child sexual abuse videos, and that this is one of the largest seizures of this type of contraband. The 8 terabytes worth of child sexual abuse videos, which are now being analyzed by the National Center for Missing and Exploited Children (NCMEC), comprise over 250,000 unique videos, 45% of which contain new images that weren’t previously known to exist.
The global crackdown, which has so far led to the arrest of 337 alleged users and the indictment of the website’s admin, has led to the rescue of at least 23 victims living in the US, Spain and the UK. The DOJ says that the minors were actively being abused by site users.
The admin of Welcome to Video, who was indicted on Wednesday, is Jong Woo Son, 23, a South Korean national who was previously charged and convicted in South Korea. He’s now serving his sentence in South Korea.
The global dragnet has scooped up 337 alleged site users who’ve been arrested and charged worldwide: throughout the US, the UK, South Korea, Germany, Saudi Arabia, the United Arab Emirates, the Czech Republic, Canada, Ireland, Spain, Brazil and Australia. About 92 individuals’ home and businesses in the US have been searched.
Five search warrants issued in the Washington, D.C. metropolitan area have led to the arrests of eight people suspected of both conspiring with Jong Woo Son and of being website users themselves. The DOJ says that two suspected users committed suicide after the search warrants were executed.
The bust
According to the indictment, on 5 March 2018, a global police force – including agents from the UK, the Korean National Police in South Korea, the US Internal Revenue Service’s Criminal Investigation Division (IRS-CI), and the US Homeland Security Investigations (HSI) – arrested Jong Woo Son and seized the server that he used to operate the market.
Welcome To Video specialized in exclusively selling child sexual exploitation videos. The site, which operated from June 2015 to March 2018, had a message on its landing page explicitly warning users to “not upload adult porn.” As of 8 February 2018, Welcome to Video indicated on its download page that users had downloaded files more than a million times.
The material documented abuse of pre-pubescent children, toddlers and infants as young as six months.
Bitcoin doesn’t hide “these disgusting organizations”
The indictment alleges that police tracked Bitcoin payments to the Darknet website by tracing the flow of funds on the blockchain.
A forfeiture complaint identifies blockchain wallets allegedly used by 24 suspects in five countries to promote the site and to pay for child abuse. The complaint is looking to claw back that money and return it to the victims.
Users purchased the videos by using points that they earned in a number of ways: by uploading child abuse videos, referring new customers, paying 0.03 Bitcoin (worth approximately US $352.59 as of the time the market was seized) for a six-month “VIP” account that gave them unlimited downloads, and/or by purchasing points incrementally.
IRS-CI Chief Don Fort said in the DOJ’s news release that it was “sophisticated tracing” of transactions between the site and those customer accounts that enabled agents to crack the criminal ring:
Through the sophisticated tracing of bitcoin transactions, IRS-CI special agents were able to determine the location of the Darknet server, identify the administrator of the website and ultimately track down the website server’s physical location in South Korea.
Fort said that it doesn’t matter whether illicit proceeds are virtual or tangible: police can and will track down “these disgusting organizations” and bring them to justice, he said.
Stripping cryptocurrency’s privacy protections
As we’ve previously explained, cryptocurrencies such as Bitcoin and even Monero, which was designed for privacy, rely on blockchains: cryptographically protected, decentralized transaction ledgers.
The robustness of those blockchains relies, in part, on transparency: there are thousands of copies of both the Bitcoin and Monero blockchains in existence, and every copy carefully details every single transaction ever made in that currency.
Changing the history enshrined in those blockchains is effectively impossible. If you’ve ever spent a bitcoin or a monero, then the proof that it happened is etched indelibly into that currency’s blockchain, forever.
Bitcoin users are pseudonymous – their activity is public but their real name is hidden – protected by one or more wallet IDs.
Bitcoin users can be exposed if any one of a wallet’s transactions can be linked to a real identity.
In the case of Welcome To Video, there were a number of links to Son’s real identity. One such link was multiple instances of unconcealed IP addresses that showed that Son was running the server out of his own home. He also used his name, his cell phone number and his email account at a Bitcoin exchange account.
The charges against Welcome To Video’s admin
Besides the charges that led to his conviction in South Korea, Jong Woo Son was indicted on Wednesday in the US on nine charges relating to money laundering and to producing, advertising and distributing child abuse imagery.
HSI Acting Executive Associate Director Alysa Erichs, calling the crimes “unthinkable”, said that technology has enabled them to stay tucked away. However, the criminals who do this can and will be tracked down, she said:
Sadly, advances in technology have enabled child predators to hide behind the dark web and cryptocurrency to further their criminal activity. However, today’s indictment sends a strong message to criminals that no matter how sophisticated the technology or how widespread the network, child exploitation will not be tolerated in the United States. Our entire justice system will stop at nothing to prevent these heinous crimes, safeguard our children, and bring justice to all.
The post Bitcoin money trail leads cops to ‘world’s largest’ child abuse site – Naked Security appeared first on National Cyber Security.
View full post on National Cyber Security
Computer #Hackers Are #Demanding #Money From #Cities, #States, And #Companies In The #U.S.
Computer hackers are getting more sophisticated. They are not afraid to hold cities, states, and companies’ hostage until they pay a ransom. Hackers are modern day tech pirates that disrupt computer programs and turn shareholders into anxiety-ridden puppets. Computer networks in Denver, Atlanta, and Baltimore, as well as a computer network of Boeing Airlines, are recent victims. Atlanta’s computers went down on March 22nd when a hacker locked important data behind an encrypted wall. The wall would stay in place, according to the hackers, until the city pays the hackers $51,000 in Bitcoins. Atlanta has a week to comply. If the city doesn’t pay, all that important data will vanish, according to the computer pirates. No one is sure if Atlanta paid the money, according to a Fox News report. But Mayor Keisha Lance Bottoms didn’t rule out payment.
The hacking group calls itself “SamSam.” SamSam is not new to the hacking world. The group pocketed more than $800,000 in 2017. The city of Leeds, Atlanta paid SamSam $12,000 in February 2018 to release their data. But Atlanta is not the only city that SamSam has in its hacking sights this month. Officials in Baltimore said their 911 dispatch system was under attack. The system was down for 17 hours recently to prove the hackers were serious. The hackers were able to get into the system after the city made an internal change to their firewall. But the Baltimore hackers didn’t ask for money, and that is concerning, according to Frank Johnson, Baltimore’s chief information officer.
Boeing, the world’s top aerospace company, is also under attack by the now famous WannaCry ransomware. WannaCry is the same ransomware that crippled Britain’s healthcare services in 2017. The Boeing attack is not as serious as the attack in Britain, according to Boeing’s head of communications Linda Mills. Mills also said the 777 jet program was not part of the hack. Mills said only a few company machines were under attack.
Denver also had a suspicious outage when denvergov.org and pocketgov.org, as well as other online services, suddenly stopped in March. Some city staffers lost access to their email account. Denver officials claim the shutdown was the work of a computer bug, but Colorado’s Department of Transportation was a SamSam victim in February. The hackers said the information would come back to them if Colorado paid in Bitcoins, according to a news report by Denver7.
The post Computer #Hackers Are #Demanding #Money From #Cities, #States, And #Companies In The #U.S. appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
While #Western Union #wired customers’ money, #hackers #transferred their #personal #deets
Source: National Cyber Security News
Western Union has confirmed one of its IT suppliers was hacked, and that customer information was exposed to miscreants.
A Register reader, who wished to remain anonymous, showed us a copy of a letter dated January 31 that he received from the money-transfer outfit. The missive admitted that a supposedly secure data storage company used by Western Union was compromised: a database full of the wire-transfer giant’s customer records was vulnerable to plundering, and hackers were quick to oblige.
“We have discovered that some of your information may have been accessed without authorization as a result of a computer intrusion against an external vendor system formerly used by Western Union for secure data storage,” the letter read.
“We promptly moved our external secure storage to a different vendor’s system. We immediately notified law enforcement, and are actively cooperating with its investigation. Expert assistance was also immediately engaged to determine what personal information may have been compromised.”
In other words, it sounds as though a cloud-based or off-site backup storage provider was hacked. Now that system has been shut down, the cops alerted, and digital forensics teams are probing the network intrusion.
Suspicious
“Upon detecting suspicious activity, Western Union permanently discontinued all use of the vendor’s system and the system was taken offline,” a spokesperson for Western Union told The Register today.
View full post on National Cyber Security Ventures
Wall Street and The Internet Of Money
Source: National Cyber Security News
General Cybersecurity Conference
March 22, 2018 | New York City, New York, United States
Cybersecurity Conference Description
The CryptoWorld team has spent many years working within the eco-system of retail and institutional investors, and partnering with the world’s leading academics and industry practitioners to provide leading edge educational solutions for practical implementation and commercial success.
With the meteoric rise in the use of blockchain technology and the resultant growth in crypto assets, investors are bombarded with information and misinformation about the asset class, the investment products, and a reliable approach to valuation. At the same time, funds, exchanges and regulators are grappling with the same issues as they seek to find protections and solutions for market participants around the world.
The team at CryptoWorld will address these issues and more in the inaugural “Wall Street and the Internet of Money” Conference in New York City on March 22, 2018. Our agenda features a world-class speaker faculty in an interactive format to promote dialogue and debate, and a stimulating learning environment for attendees. There is ample networking time devoted to meeting directly with the speaker faculty as well as the many industry participants that will be in attendance.
View full post on National Cyber Security Ventures
Hacker #demands #money, #threatens #terrorist #claims
Source: National Cyber Security – Produced By Gregory Evans
A 72-year-old Plymouth man’s computer was hacked by someone who threatened to report him as a terrorist sympathizer unless he paid money, a police report said.
The victim told police he received several telephone calls Nov. 21 after his computer was hacked. He said the caller demanded $300 for three years of computer protection or $2,000 for lifetime coverage.
The caller became aggressive, the report said, threatening to contact the U.S. president and the CIA to accuse the victim of supporting a terrorist network.
The victim notified police and no money was lost.
Suspicious visitor
A 51-year-old Plymouth man notified police after he was twice awakened by someone pounding on his door and leaving behind a smashed pumpkin on his driveway and a plant dumped on the windshield of his Ford Fusion, a report said.
The man said the knocking occurred about 2:30 a.m. Nov. 23 and then an hour later. He called police both times, but the prankster had fled when officers arrived.
The incident occurred in the 1000 block of Quail Circle. The windshield of the Ford Fusion sustained some damage when the plant was dumped on it.
Drunken crash
Plymouth Township police arrested a 36-year-old Westland man after he crashed his 2013 Ford Econoline into a building at 14937 Northville Road, a report said.
Police cited the man for operating while impaired and his vehicle was impounded.
The crash happened just before midnight Nov. 21, near Northville Road and Five Mile, the report said. The driver was bleeding from the head and mouth and was taken to St. Mary Mercy Hospital for treatment, the report said.
The suspect told police another vehicle cut him off and caused him to crash into the building after he left a bar, the report said. Police got a search warrant to have the man’s blood drawn to test for blood-alcohol level.
Vehicle larceny
A 43-year-old Canton woman called police after her purse was stolen by someone who smashed out her car window while she was parked at Applied Fitness Solutions on Ann Arbor Road in Plymouth, a report said.
She said the incident happened between 6:45 p.m. and 8 p.m. Nov. 9. She said she had tried to hide her purse under the back of the passenger seat, but apparently it was still visible.
She said she locked the doors, but the intruder broke out the rear passenger window. She told police the purse contained credit cards, $30 in cash and her driver’s license.
Home break-in?
A 34-year-old man told Plymouth Township police $500 was stolen from his bedroom closet while he was out of town, a report said.
He told police he returned Nov. 12 to his home in the 2300 block of Hackberry to find that five $100 bills had been stolen from his closet. He said he locked the house before he left.
He told police the money had been given to him as a family gift.
The post Hacker #demands #money, #threatens #terrorist #claims appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
How #hackers can #hijack your #computer to make free #money
Source: National Cyber Security – Produced By Gregory Evans
If you experienced a sudden drop of performance when visiting Politifact on Friday, it was most likely because the popular fact-checking website was fast busy taxing your computer’s resources to make money—and no, you’re not getting a cut.
Hackers allegedly compromised the website and inflicted it with a cryptocurrency-mining script, a program that uses visitors’ CPU power to generate Monero, a digital currency like Bitcoin that professes anonymity.
The same script appeared on Showtime’s website late last month, though it was quickly removed after news broke on Twitter and several tech publications. Showtime never made it clear whether the script was added intentionally or was the result of their website being compromised. Pirate Bay intentionally experimented with the script but later removed it due to negative visitor feedback.
These are just a few of the increasing number of cases where the resources of computers like yours or mine have been hijacked to generate digital money without their owners’ consent. With the prices of cryptocurrencies steadily rising, plenty of people—including malicious hackers—are on the lookout to pad their wallets.
What is cryptocurrency mining?
While you can always buy cryptocurrencies on online exchanges, an alternative way to obtain them is to “mine” them, which will cost nothing if others are doing it for you.
Cryptocurrencies run on blockchain technology, a distributed ledger that exists on thousands of computers at the same time and obviates the need for middlemen and brokers such as banks and financial institutions. Records are stored on the ledger in blocks and are linked together through cryptographic equations, hence the name.
Before a new block is added to the blockchain, it has to be validated and verified through solving complicated mathematical problems. The process, called mining, requires a lot of computing power and ensures that no one can compromise the integrity of the system.
Anyone can become a miner by installing mining software and joining the network. The first miner to solve the equation gets to append the new block to the blockchain and be rewarded in cryptocurrencies and transaction fees.
Mining bitcoins requires huge amounts of computing power and requires specialized hardware available in large data centers. On the other hand, Monero, which was launched in 2014, can be mined with ordinary CPUs. Hackers can easily get involved by assembling a mining botnet, a network of computers infected with malware that enables cybercriminals to control them from afar.
How hackers are mining cryptocurrencies
Coinhive, the script used on the Showtime and Pirate Bay sites, was developed by a namesake company earlier this year and was introduced as “a viable alternative to intrusive and annoying ads that litter so many websites today.” It was also meant to address the rise of ad-blockers, which are hurting the bottom line of websites that rely on ads. The hosting website takes 70 percent of the proceeds and the rest goes to Coinhive. (The user naturally gets nothing.)
Given the inconspicuous way the script works, it has become a favorite money-making tool for hackers. In the past weeks, the script has popped up in numerous Google Chrome extensions and hacked WordPress and Magento websites.
Coinhive has expressed disappointment in the shady use of its tools and has promised to alter the script to obtain visitors’ consent before using their CPU for mining in the future. Meanwhile, several ad-blockers have added support to block Coinhive’s script.
However, Coinhive is not the only tool hackers are using to mine cryptocurrencies. Cryptocurrency mining malware and schemes have been around for several years. But the past months have seen a spike in mining activity, largely due to the rising price of cryptocurrencies.
Slovakian cybersecurity vendor ESET recently discovered a malware that exploits unpatched vulnerabilities in Windows Server 2003 machines to mine tens of thousands of dollars’ worth of Monero every month.
Kaspersky Labs reported that cryptocurrency-mining malware has targeted more than 1.65 million computers in the first eight months of 2017, an uptick compared to previous years. IBM’s X-Force security team has found a sixfold increase in cryptocurrency-mining attacks aimed at enterprise networks.
How to protect yourself against cryptocurrency miners
While cryptocurrency miners won’t steal your data or encrypt your files like other malware, they are annoying nonetheless and can negatively impact the performance of your computer. Here are several ways you can prevent hackers from lining their pockets with your CPU:
Install an antivirus and keep it up to date: Most antivirus solutions detect and removing cryptocurrency mining tools as harmful software.
Install an ad-blocker: If you’re using AdBlock Plus or AdGuard, both block Coinhive’s JS library.
Install a cryptomining blocker extension on your browser: Developers have created Chrome extensions that scan your browser and terminate scripts that “look” like Coinhive. AntiMiner, No Coin, and minerBlock are three plugins that will help protect you against cryptocurrency miner scripts.
The post How #hackers can #hijack your #computer to make free #money appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
Hacker steals water customers’ money in Margate, police say
Source: National Cyber Security – Produced By Gregory Evans The U.S. Secret Service is investigating how a hacker managed to get water-utility customers’ personal information to steal their money, Margate police said Thursday. The accounts for sixty-nine water customers in Margate and parts of Coconut Creek were compromised when residents went online to pay their […]
View full post on AmIHackerProof.com | Can You Be Hacked?
Greece wants more money, top role for EU cyber security agency
Source: National Cyber Security – Produced By Gregory Evans
Greece wants the European Commission to give the Athens-based European Union Agency for Network and Information Security (ENISA) more money and the leading role in managing Europe’s cyber security issues as part of a legal overhaul next month. “We want ENISA to have a bigger role in cyber security and…
The post Greece wants more money, top role for EU cyber security agency appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
Teenage hacker who conspired to attack Sussex Police told to pay with pocket money
Source: National Cyber Security – Produced By Gregory Evans
A teenage hacker who conspired to attack Sussex Police and the Hong Kong government has been told his pocket money should be docked. The 17-year-old boy from Hove, who cannot be named for legal reasons, played a ‘significant role’ in an online hacker conspiracy group. He appeared at Worthing Magistrates’…
The post Teenage hacker who conspired to attack Sussex Police told to pay with pocket money appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
Cyber Security: Why Money Isn’t the Answer
Source: National Cyber Security – Produced By Gregory Evans
With the growing cyber security threats, a misconception has established — if users spend more money on security they’ll get better protection. Wrong. Regardless of how much money users spend on protection they could still be infected unless they find the right protection. But how do they do that? Focusing…
The post Cyber Security: Why Money Isn’t the Answer appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
D5 Creation