Internet fraudsters, motivated by money and armed with sophisticated
technology, pose an increased economic threat as they steal private
data from companies and individuals, the director of the U.S. Secret
Service said on Thursday.

"There is no longer any doubt about that threat
… With just a few key strokes, (online fraudsters) can disrupt our
nation’s economy," said Ralph Basham at the RSA Security Conference in
San Francisco.

[Via BizReport -]

A second person, a juvenile, has been sentenced in connection
with the release of a computer worm in August 2003 that attacked the
same vulnerability in computer software as the Blaster worm did. The
worm — often referred to as the RPCSDBOT worm — directed infected
computers to log in on a computer (i.e., an Internet Relay Chat
channel) that the juvenile controlled.

The juvenile pleaded guilty in November 2004, to an act of juvenile
delinquency, under the Federal Juvenile Delinquency Act, Title 18,
United States Code, Section 5032, because he intentionally caused
damage and attempted to cause damage to protected computers, in
violation of Title 18, United States Code, Sections 1030(a)(5)(A)(i),
1030(a)(5)(B)(i), 1030(b), and 1030(c)(4)(A), and Section 2.

Chief Judge Robert S. Lasnik sentenced the juvenile to three years of
probation with a number of restrictions including mental health
counseling, and computer monitoring. The Judge also ordered that the
juvenile perform three hundred hours of community service that involves
work with the homeless or other less fortunate members of the
community. The juvenile told Judge Lasnik, 

"Seventeen months ago, I
made the worst mistake I ever made in my life. I did it out of
curiosity and did not think I would cause any damage. I am sorry I
created problems for people I did not even know."

[Via LinuxElectrons, TX -]

If you were worried that courts have been cracking down too much on
Internet miscreants lately, think again. Sure, virus writers and
spammers have been hit with some tough sentences in recent months. But hilat about this: the U.S. govt. has dropped charges
against a group of four guys known as the DDOS Mafia. Two of the men
admitted to releasing viruses so they could create botnets to launch
DDOS attacks for hire. Their boss is accused of causing $2Mil in damage
to victim sites. Yet prosecutors are dropping charges, so they can get
the criminals to testify against other criminals.

"Charges could still be brought. This just allows us to talk to defense
attorneys and negotiate things before having to bring an indictment
against a particular individual," said Alikhan [head of the Cyber and Intellectual Property Crimes Section for the Central District of California].

The question is, if the prosecution is looking to "catch the big fish," then who is the big fish here? Is there a DDOS cartel similar to the drug cartels that controls half of world’s denial of service attacks?

[Via Slashdot -]

Hopefully they will fix this one quickly.

"I almost got a heart attack when I was going over those papers," said
Margaret Szeliga, an automotive design engineer and single mother.
"What happened? How did this happen? I was in shock when I saw those
court papers."

Looks like Szeliga’s mother, a 70-year old Polish immigrant, who speaks little English, never owned a computer, and certainly didn’t listen to "Armed to the Teeth" and similar songs was named in the latest series of lawsuits against filesharers.

Actually, it turns out that Szeliga’s 17-year old daughter was the culprit - she had file-swapping software and like millions of other teenagers was downloading music freely off the Internet. Because the kid and her mother lived in grandma’s apartment, grandma was the one named in the lawsuit.

[Via The Bay City Times, MI -]

Are we legal after all, or not? This seems to be the question that Russian MP3 site seems to be answering the hard way.

AllofMP3.com has been operating for several years, asking consumers to
pay just 2 cents per megabyte of downloads–usually between 4 cents and
10 cents per song. Alongside the catalogue available at traditional
stores like Apple Computer’s iTunes, the site offered access to songs
from the Beatles and other groups that haven’t yet authorized digital
distribution.

The Russian site claimed that it had licenses to do so from a local clearing house, but record labels maintain otherwise. The Moscow City Police Computer Crimes division completed an investigation earlier this month and recommended that prosecutors charge the site’s operators with criminal copyright infringement. So, after all, they weren’t legal.

[Via ZDNet -]

The technology heavyweights Ebay, Microsoft, PayPay, and Visa are forming a partnership, called Phish Report Network. The organization is provided by WholeSecurity, a Texas-based company that screens sites for suspicious behavior. What WholeSecurity would do is to provide a central phish-reporting clearinghouse. Member companies would be able to report new phish (phishes?) and then obtain notifications and updates when other members go similar reports.

The participation of giants such as Microsoft, Visa, Ebay is likely to drive attention to this effort. While Visa and Ebay can supply the phish reports, Microsoft can implement them into its software. The circle is closed, right? Maybe not quite - because phishers would then write different phish emails just to avoid this clearinghouse, similarly to what spammers are currently doing.

"EBay and PayPal’s participation in the Phish Report Network is one of
many steps we have taken to improve security of the e-commerce
experience," said Howard Schmidt, eBay
and PayPal’s chief security strategist and former White House
cyber-security advisor. "As we co-develop technologies, educate online
users and work with law enforcement, we can help significantly reduce
the effect of cyber criminals."

[Via TechNewsWorld, CA -]

A new school has opened doors.

Would-be hackers interested in the skills that
have created havoc on Web sites, lamed many a large corporation and
sent harmful worms to attack computers worldwide can learn the ropes at
France’s "Hackademy" in Paris

[Via Deutsche Welle, Germany -]

Interesting article on the continuing rise of cybercrime.

"There have always been crimes," Miller [ Special Agent Hans Miller of the North Carolina State Bureau of Investigation] said. "The Internet makes the commission of certain crimes easier."

Cyberstalking of children, child pornography, identify theft, financial
fraud, computer hacking, computer viruses, and theft of proprietary
business information and intellectual property have become prominent
crimes for those with even modest amounts of technological
sophistication. Although all statistics tracking cybercrime show increase, this increase is very likely to be only a part of the real increase in cybercrime due to the lack of training to spot, detect, or report cyberincidents.

[Via Computer Crime Research Center, Ukraine -]

T-Mobile’s voicemail is apparently vulnerable to a very simple hack that would expose all of your stored messages to an attacker. .

Since the announcement of commercial caller ID spoofing systems such as
CovertCall and another called TeleSpoof. For those not in-the-know,
caller ID spoofing allows you to change your caller ID number to
anything you like. This is extremely vulnerable and make sure you turn
off auto login enabled. This is probably how they hacked into Paris
Hilton’s voicemail.

Moral - disable your auto login if you use T-Mobile and you value your voicemail messages. [Via Daves iPaq, NJ -]