Brian Krebs writes: An organized crime group thought to include individuals responsible for the notorious Storm and Waledac worms generated more than $150 million promoting rogue online pharmacies via spam and hacking, according to data obtained by KrebsOnSecurity.com. In June 2010, an anonymous source using the assumed name “Despduck” began an e-mail correspondence with a key anti-spam…
Category: Other
(update) Belarus man pleads guilty to running identity theft site
Robert McMillan reports the latest development in a case previously mentioned on this blog: A 26-year-old Belarusian man has admitted to running an identity theft website designed to thwart the antifraud measures used by many banks. Until he was arrested in April 2010, Dmitry Naskovetz had been the mastermind behind CallService.biz, a website that helped…
(update) Ark. man accused of stealing 100,000 iPad e-mail addresses remains jailed after move to NJ
David Porter of the Associated Press reports: One of two men charged with stealing more than 100,000 e-mail addresses of Apple iPad users remained jailed Wednesday after making his first court appearance in New Jersey. Andrew Auernheimer, wearing handcuffs and a prison jumpsuit, chatted and joked with court personnel before the brief hearing in front…
Starbucks’ iPhone barcode app easily scammed by screengrab
Bill Ray reports: Someone has noticed that the Starbucks’ iPhone application can be copied with a screen grab from a neglected handset, enabling the thief to gorge themselves on free coffee. The payment system relies on reading a bar code from the iPhone’s screen, identifying the customer and debiting their account. But the barcode doesn’t…
UK: Hailsham hacker ordered to pay back £124,000
Ben Parsons reports: A computer hacker from Hailsham who set up frauds to feed a gambling habit has been ordered to pay more than £100,000. Alistair Peckover – described by police as an “obsessive loner” – used websites including Google and BT to steal people’s bank details. […] Peckover, who previously lived in Broadfield, Crawley,…
Amazon.com Security Flaw Accepts Passwords That Are Close, But Not Exact
Dylan Tweney reports: An Amazon.com security flaw allows some customers to log in with variations of their actual password that are close to, but not exactly, their real password. The flaw lets Amazon accept as valid some passwords that have extra characters added on after the 8th character, and also makes the password case-insensitive. For…