Chinese hackers arrested as per the request of the U.S. govt

It seems that the disturbed relation between China and the U.S. over commercial cyberespionage has shown some sort of improvement.

A report published in Washington Post confirms that the Chinese government has arrested hackers, who had been identified by the U.S. officials as they stole commercial secrets from its firms to be sold or passed along to Chinese state-run companies, as per the request of the U.S. government.

However, the Chinese government did not public the details about those hackers. And the government has also clarified that arrests were not related to a mass sweep launched by the Chinese government in July in which authorities as of early September had arrested about 15,000 people in the charge of hacking, sending spam text messages and online scams.

The news report says that the Chinese government took the step in order to improve its relation with the U.S.

“For years, U.S. firms and officials have said Beijing hasn’t done enough to crack down on digital larceny. Experts estimate that Chinese industrial hacking costs U.S. firms tens of billions of dollars annually,” the report read.

However, White House and intelligence officials have not confirmed the arrests.

According to the news report, a senior administration official provided a statement, “As the president has said, we have repeatedly raised our concerns regarding cybersecurity with the Chinese, and we will continue to use all of our engagements to address our concerns directly with the Chinese.”

On September 25 the U.S.-China cyber-agreement announced under which both countries would cooperate “with requests to investigate cybercrimes” and “collect electronic evidence” and to mitigate malicious cyber-activities coming from their territory.

“Particularly now that we have reached this agreement with the Chinese, we should hold them at their word and see what they’re willing to do,” the U.S. official told Washington Post. “We have maintained all along that what we want to see is actions.”

Gozi Banking Trojan Creator pleads guilty

Creator of Banking Trojan 'Gozi' admitted his crime and is now awaiting sentencing.

Gozi is a trojan seen in action for quite some years now, and was first reported in 2007. It is a genuine threat to bankers and online banking in general as it has been separating people from their fortune.

In 2013, few men were arrested under the charges of operating the Gozi. Finally one of them, Deniss Calovskis, 30, has admitted committing the felon and pleaded guilty. Calovskis was held responsible for writing some of the codes for the trojan, according to a statement put out by the FBI in 2013. The agency said that the Latvian coder user the moniker 'Miami' in the web world, was arrested on suspicion of authorship for the code in his country in November 2012.

It was said and confirmed, that his codes misled people into thinking that they were on official banking sites.The US authorities were quite flabbergasted with the gang and the malware that provided the dark economy with "tens of millions of dollars". The rest of the gang are Russian Nikita Kuzmin and Romanian Mihai Ionut Paunescu. Reuters reported that the former admitted her crime in 2011, and that the latter is subject to extradition attention.

"This long-term investigation uncovered an alleged international cybercrime ring whose far-reaching schemes infected at least one million computers worldwide and 40,000 in the US, and resulted in the theft or loss of tens of millions of dollars," said FBI assistant director in charge George Venizelos."Banking trojans are to cyber criminals what safe-cracking or acetylene torches are to traditional bank burglars, but far more effective and less detectable. The investigation put an end to the Gozi virus."

32 people charged in international hacking and insider trading ring

The Securities and Exchange Commission (SEC) of the United States announced on August 11 fraud charges against 32 people, among them two are Ukrainian men, after finding their involvement in an alleged international hacking and insider trading ring.

The SEC issued a press release informing that these people took part in a scheme to profit from stolen nonpublic information about corporate earnings announcements.

“Those charged include two Ukrainian men who allegedly hacked into newswire services to obtain the information and 30 other defendants in and outside the U.S. who allegedly traded on it, generating more than $100 million in illegal profits,” the press release read.

According to the press statement, the complaint against the people was filed under seal on August 10 in U.S. District Court in Newark, N.J.

The crooks used proxy servers to mask their identities and by posing as newswire service employees and customers.  The two allegedly recruited traders with a video showcasing their ability to steal the earnings information before its public release.

“The complaint charges that in return for the information, the traders sometimes paid the hackers a share of their profits, even going so far as to give the hackers access to their brokerage accounts to monitor the trading and ensure that they received the appropriate percentage of the profits,” the statement read.

Similarly, it also charges that the traders sought to conceal their illicit activity by establishing multiple accounts in a variety of names, funneling money to the hackers as supposed payments for construction and building equipment, and trading in products such as contracts for difference (CFDs).                                              

“This international scheme is unprecedented in terms of the scope of the hacking, the number of traders, the number of securities traded and profits generated,” Mary Jo White, Chairperson of the SEC, said in the press release.

 “These hackers and traders are charged with reaping more than $100 million in illicit profits by stealing nonpublic information and trading based on that information. That deception ends today as we have exposed their fraudulent scheme and frozen their assets,” she added.

The SEC charged that Ivan Turchynov and Oleksandr Ieremenko created a secret web-based location to transmit the stolen data to traders in Russia, Ukraine, Malta, Cyprus, France, and three U.S. states, Georgia, New York, and Pennsylvania.

“This cyber hacking scheme is one of the most intricate and sophisticated trading rings that we have ever seen, spanning the globe and involving dozens of individuals and entities,” said Andrew Ceresney, Director of the SEC’s Division of Enforcement.  “Our use of innovative analytical tools to find suspicious trading patterns and expose misconduct demonstrates that no trading scheme is beyond our ability to unwind.”

Three Estonian men sentenced for internet fraud by US court

Manhattan federal court has sentenced over three years imprisonment to three Estonian men for their involvement in an Internet scheme that infected more than 4 million computers in over 100 countries.

U.S. District Judge Lewis A. Kaplan said that, "It's hard to pick up a newspaper this summer without reading about another one." Justifying his decision he said it was important to impose tough sentence.

Timur Gerassimenko, 35, was sentenced to four years, Dmitri Jegorov, 37, got 3 2/3 years and Konstantin Poltev, 31, received 3 1/3 years for their roles in an internet  fraud.

According to the government, Gerassimenko was the main culprit behind this fraud, he hired programmers, Jegorov as the lead network administrator while Poltev as the public face of the enterprise.

When the men were arrested in Estonia, Gerassimenko was ordered to forfeit $2.5 million while Jegorov and Poltev were each told to forfeit $1 million. All three of them  apologized for their crimes before they were sentenced.

The fraud has affected computers belonging to government agencies such as NASA, along with educational institutions, nonprofit organizations, businesses and individuals.

The malware scheme that was  carried out with co-conspirators in Russia and Ukraine, cost NASA more than $65,000 in repairs.

All three men sentenced Thursday are serving sentences in Estonia for similar crime.

Vietnamese Hacker who stole identities of 200 million American, sentenced to 13 years

After breaking into the computers of several business entities and stealing the personal identification information of over 200 million Americans, a Vietnamese hacker has finally been sentenced for 13 years in prison.

The Department of Justice on Tuesday, released a report announcing that Hieu Minh Ngo, 25, bagged $2 mn from hacking and stealing the personal identification and selling it to other cyber criminals.

A District Court in New Hampshire finally sentenced Ngo on Tuesday for various fradulent charges, as reported by the Financial Times. Ngo was arrested in february 2013, soon as he entered America.

Back in his home in Vietnam, Ngo was active from 2007 till 2013, for breaking into computer systems and stealing identifiable information like Social security numbers, credit card details, bank account, phone numbers, and advertising about the data on his websites, from where the fellow hackers used to buy the information.

A press release by the Justice Department specified that 'Ngo admitted that he offered access to PII (personally identifiable information) for 200 million U.S. citizens, and that more than 1,300 customers from around the world conducted more than three million "queries" through the third-party databases maintained on his websites'.

The Internal Revenue Service stated that the information sold on Ngo's website to other hackers was used to file income tax returns for more than 13000 people, who saw $65 million returned on their behalf.

'Criminals buy and sell stolen identity information because they see it as a low-risk, high-reward proposition,' Assistant Attorney General Leslie Caldwell said a statement.
'Identifying and prosecuting cyber criminals like Ngo is one of the ways we're working to change that cost-benefit analysis.'

The US Office of Personnel Management revealed that the hackers have stolen more than 21.5 mn social security numbers till now, and out of them 1.1 mn include fingerprints.

Sentencing Ngo has finally taken an initiative for stopping cyber crimes that are breaching the personal identity of civilians.

FBI takedown biggest malware marketplace 'Darkode'

Federal Bureau of Investigation  announced the takedown of ‘Darkode’, an international malware marketplace, on Wednesday.

Darkode was a secretive, password protected society of elite hackers, and this forum was used as a meeting place, and place to purchase and trade of hacking tools since 2008.

FBI arrested people from  20 countries and indictments for 70 individuals, including 12 in the U.S., from Wisconsin to Louisiana.

U.S. Attorney David J. Hickton said, “The FBI has effectively smashed the hornets' nest and we are in the process of rounding up and charging the hornets."

Adding to this Hickton explained how Darkode was one of the greatest threats to online security, mentioning one forum member who put up software (for a price of $65,000) that can take over cellphones. He said that how a user offered the ability to steal and sell lists of friends on Facebook.

According to the FBI’s Special Agent in Charge Scott S. Smith the arrests came after a two-year of undercover operation that infiltrated the forum.

The Pittsburgh Post-Gazette explains how the investigation started: "Following a lead generated in Pittsburgh around 18 months ago, the FBI cybersquad here launched Operation Shrouded Horizon. The bureau's local office assembled a coalition that started domestically with the bureau's offices in Washington, D.C., San Diego, New Orleans and San Francisco, and extended to online enforcement teams in 20 countries, including numerous European countries, Israel, Australia, Colombia, Brazil and Nigeria."

Federal officials say the investigation into Darkode is continuing.