Personal Information Theft Case Du Jour: McAfee employees are now vulnerable to ID theft after McAfee’s auditor, Deloitte & Touche USA lost a disk with McAfee employee information.

The disc contained personal details on all current U.S. and Canadian McAfee workers hired prior to April 2005 and on about 6,000 former employees in the same region, (McAfee spokeswoman Siobhan) MacDermott said. (The security company currently has approximately 3,290 employees worldwide.) The information wasn’t encrypted and potentially includes names, Social Security numbers and stock holdings in McAfee.

Deloitte & Touche confirmed the incident. “A Deloitte & Touche employee left an unlabelled backup CD in an airline seat pocket,” a representative for the professional services firm said. “We are not aware of any unauthorized access to this data in the two months since the CD was lost.”

Source: ZDNet

How ironic. Of course, this is not McAfee’s fault (or at least the article and the facts on their face do not suggest so) but the story shows how even the most-protected or vigilant organizations are not immune to theft of important personal data.

The increased rise in phishing websites has been attributed to the increasing use of so-called "phishing kits". The Anti-Phishing Work Group has revealed in a December 2005 report that although the absolute number of phishing emails sent has decreased, the number of sites hosting phishing "action" pages has increased from 4,630 to 7,197 (over 50% increase). Readily-available "phishing kits" are circulating in underworld websites. These "phishing kits" allow even non-technical people to create and manage a multitude of phishing sites. Although usually the sophistication of such "amateur" phishing sites is likely to be low and subject to easy detection, the 50+ percent increase of such sites shows an alarming trend.

Joel Camissar, country manager for Australia and New Zealand at Websense, has told ZDNet that the situation is similar to what happened when virus-making kits started appearing a few years ago.

The commercialisation of these phishing tools is what we saw in the antivirus industry… when toolkits to create mass-mailing worms started becoming increasingly popular. We are seeing the same parallel in the phishing world, whereby these techniques are becoming mainstream.

[Via ZDNet UK, UK -]

A 21-year old virus writer who decided to give an interview to the Washington Post may be sorry after his identity was uncovered by the general Internet community (and largely Slashdot). The Washington Post agreed to preserve the identity of the virus writer 0×80 in an exchange for an interview and a rare glimpse into the life of a hacker (WaPo article).    The article is pretty catchy and is indeed an interesting read in and of itself:

Most days, I just sit at home and chat online while I make money," 0×80 says. "I get one check like every 15 days in the mail for a few hundred bucks, and a buncha others I get from banks in Canada every 30 days." He says his work earns him an average of $6,800 per month, although he’s made as much as $10,000. Not bad money for a high school dropout.

However, the happy hacking days may be over for 0×80 as it was discovered that the article, along with the published photo (which was later removed by the Washington Post) contained enough clues to unmask the identity of the virus writer. Some posters at Slashdot were able to identify where the picture was taken and the name of the photographer via metadata  (oh, this metadata again?) hidden in the picture. According to the Slashdot posts, the picture was taken in a rural town in Middle America that has a meager population of 2,842. Along with suggesting the name of the town, the article provides more clues:

Tall and lanky, with hair that falls down to his eyebrows, 0×80 almost never looks you in the eye when he talks, his accent a slurry of heavy Southern drawl and Midwestern nasality. He lives with his folks in a small town in Middle America. The nearest businesses are a used-car lot, a gas station/convenience store and a strip club, where 0×80 says he recently dropped $800 for an hour alone in a VIP room with several dancers.

Maybe the federal agents are already searching for a user-car lot in a proximity of a strip club somewhere in the Midwest?