From CERT.pl: During the SECURE conference, we presented a talk outlining actions performed by a group of criminals, which we have called “The Postal Group”. Their name is derived from the fact that they masquerade their phishing attacks as messages from the post office. This phishing then leads to either cryptolocker or a banking trojan….
Category: Malware
Service Systems Associates updates its breach disclosure
Back in July, this site reported that a number of gift shops at zoos were impacted by a breach involving their point of sale systems. Service Systems Associates (SSA) issued a statement at the time. I’m not sure why more impacted entities are first disclosing now, but WBAP reports: You’ll want to check your bank statements if you went…
Bugat Botnet Administrator Arrested and Malware Disabled
A sophisticated malware package designed to steal banking and other credentials from infected computers has been disrupted, and charges have been filed in the Western District of Pennsylvania against a Moldovan administrator of the botnet known as “Bugat,” “Cridex” or “Dridex.” Actions taken by the U.K. and the U.S. substantially disrupted the botnet. Andrey Ghinkul, aka Andrei Ghincul and Smilex, 30, of…
America’s Thrift Stores notifies customers of payment card breach
Thrift store chain America’s Thrift Stores has disclosed a data breach involving an unnamed third-party provider. A statement prominently linked from their home page begins: A Statement From Our CEO Concerning Cyber Security Dear Customers, America’s Thrift Stores recently learned that it was the victim of a data security breach that occurred through software used by…
Russian Developer of the Notorious Citadel Malware Sentenced to Prison
Dimitry Belorossov, a/k/a Rainerfox, has been sentenced to four years, six months in prison following his guilty plea for conspiring to commit computer fraud. Belorossov distributed and installed Citadel, a sophisticated malware that infected over 11 million computers worldwide, onto victim computers using a variety of infection methods. According to U.S. Attorney Horn, the…
MS Society warns website users their personal details might have been compromised
Andy Ricketts reports: The MS Society has written to approximately 25,000 of its website users to warn them that their personal information might have been compromised by a cyber attack. The charity said it had discovered malicious software on its website systems that could mean it had been subject to a hacking attempt. People who might have…