Fraud

Fraud Analytics: You’re Doing It Wrong!

One of the most vexing problems in computer security today is distinguishing malicious from legitimate behavior on victim networks. Sophisticated cyber criminals and nation-backed hacking groups make a point of moving low and slow on compromised end points and networks, while victim organizations are (rightly) wary of disrupting legitimate business activity for the sake of spotting a breach. In this Security Ledger Podcast, Paul interviews Jason Sloderbeck, Director of Product Management at RSA, EMC’s security division.  Jason talks about RSA’s Silvertail fraud analytics technology, and the organizational and technology issues that keep victims from spotting attacks. One of the big mistakes organizations make when they investigate attacks, Sloderbeck said, is focusing too narrowly on a point in time during a web session that is felt to be a good indicator of compromise – like when a user authenticates to a service or “checks out” on an e-commerce web site. “There’s a whole […]

Continue Reading

Update: Google Says BadNews Malware Not-So-Bad After All?

Editor’s Note: Updated to add comments from Lookout Mobile Security. – PFR  6/10/2013 When reports surfaced about “BadNews,” a new family of mobile malware that affected Google Android devices the news sounded…well…bad. BadNews was described as a new kind of mobile malware for the Android platform-one that harness mobile ad networks to push out malicious links, harvest information on compromised devices and more. Now, six weeks later, a senior member of Google’s Android security team claims that BadNews wasn’t really all that bad, after all. Speaking at an event in Washington D.C. sponsored by the Federal Trade Commission, Google employee and Android team member Adrian Ludwig threw cold water on reports linking BadNews to sites that installed malicious programs. The search giant, he said, had not found any evidence linking BadNews to so-called SMS “toll fraud” malware. “We’ve observed the app(lication) and we’ve reviewed all the logs we have access […]

Continue Reading

Google Adds Detection For Obad Malware

Just a follow-up to our story from last week on Obad, the new family of mobile malware that affects Google Android devices: In an e-mail to The Security Ledger on Friday, Google acknowledged the existence of the Trojan horse program and has updated its detection tools to be able to identify it. In an e-mail, a Google spokeswoman said that the malware, dubbed “Obad” by Kaspersky Lab, was not found on the company’s Google Play application store. The company  added detection for the new malware to its Application Verification Tool, which protects Android users who tried to download it from a third-party application store or browser. Obad, or Backdoor.AndroidOS.Obad.a, is described as a “multi function Trojan” that primarily acts as an SMS Trojan, surreptitiously sending short message service (SMS) messages to premium numbers. It was first described in a blog post by Kaspersky Lab researcher malware researcher Roman Unuchek last week. Unuchek […]

Continue Reading

New Malware Exploits Android Glitch To Block Removal

A new malicious program that runs on Android mobile devices exploits vulnerabilities in Google’s mobile operating system to extend the application’s permissions on the infected device, and to block attempts to remove the malicious application. Writing on securelist.com, Kaspersky Lab’s research blog, malware researcher Roman Unuchek called the newly discovered Trojan the “most sophisticated” malicious program yet detected that works with Android phones. He cited the Trojan’s advanced features, including complex obfuscation techniques that complicated analysis of the code, and the use of a previously unknown vulnerability in Android that allowed it to take control of and maintain a foothold on infected Android devices. Kaspersky said it has contacted Google regarding the malware and the alleged vulnerabilities in Android. Google was unable to confirm that prior to publication. The malware, dubbed Backdoor.AndroidOS.Obad.a, is described as a “multi function Trojan.” Like most profit-oriented mobile malware, Obad is primarily an SMS Trojan, […]

Continue Reading

Illiquid: Liberty Reserve Gone, Cybercrooks Look For Alternatives

Now that authorities in Spain, Costa Rica and the U.S. have taken down online money transfer service Liberty Reserve, the cyber underground is facing a serious liquidity crunch, as criminal gangs, botmasters, spammers and malicious hackers look for a safe platform on which to transact business. But finding a ready substitute may not be easy, with Liberty Reserve’s close competitors showing less tolerance of its “no questions asked” account creation policy, and less scrupulous outlets wary of the long arm of the U.S. Justice Department. Liberty Reserve (libertyreserve.com) went offline on Friday along with dozens of other domains operated by its founder, Arthur Budovsky – a.k.a. “Arthur Belanchuk” a.k.a “Eric Paltz.” Budovsky was arrested in Spain on May 24th. Spanish authorities acted at the request of authorities in Costa Rica, where Budovsky had set up shop, and the U.S. A three-count criminal complaint filed there by the U.S. Attorney for the […]

Continue Reading
1 17 18 19 20 21