Creator of 'Mariposa botnet' sentenced to 58 months


A Slovenia hacker accused of writing code of one of the largest known botnet "Mariposa botnet" and sentenced to 58 months by Slovenia court, BBC reports.

Mariposa(Spanish word for 'Butterfly') botnet is notorious botnet discovered in 2008 designed to steal sensitive information.

The botnet reportedly infected more than 12 million computers, used for Denial of service attacks, email spamming.

Matjaz Skorjanc, a 27-year-old, known with online name "Iserdo", was arrested in 2010 and found guilty of creating the malicious program and assisting others in wrongdoings and money laundering.

The court also ordered him to pay 3,000 euro($4,100) fine and give up a flat and a car that he bought with money earned by selling malicious program to a Spanish criminals.

His girlfriend "Nusa Coh", known with her IRC nickname "L0La" was also sentenced to 8 months probation for doing money laundering.

Hacker sentenced to 18 months for hacking US government systems

A Pennsylvania hacker has been sentenced to 18 months for hacking into and selling the access to various computer networks, also fined $25,000.

According to the Boston Globe, Andrew James Miller, 24 year old, who lives with his parents in Pennsylvania, hacked into the computers of various law enforcement agencies, academic institutions, corporations and government agencies including the Dept. of Energy.

He is said to be part of the part of a underground hacker group called "
Underground Intelligence Agency" with online moniker "Green.

The man asked sorry for his actions and said "wish to do anything I can to correct the situation".

Assistant US Attorney Adam J. Bookbinder highlighted that Miller was fully aware that his actions are illegal. But because of making money, he was willing to do it.

12 Year old Anonymous hacker hacks websites for Video Games


A 12 year old school boy from Quebec has admitted hacking several government and police websites as part of Anonymous operations  in spring 2012.

According to Toronto sun report, the boy whose name can't be published is said to have involved with computer since he was 9 year old.

His actions were not politically motivated.  He traded the pirated information for video games.

The hacker is said to have hacked websites including government sites of Chile, Montreal Police sites, , the Quebec Institute of Public Health and some other websites.


Court heard he used different cyber attacks including defacing websites, compromising data from servers and Denial of service attacks.

Silk Road taken down by FBI

Notorious online marketplace "Silk Road" has been taken down by the FBI and the owner "Ross Ulbricht" a.k.a (Dread Pirate Roberts) has been arrested . Proving that "Perfect security is impossible"

He has been charged with  conspiracy to traffic narcotics, conspiracy to hack computers, and conspiracy to launder money.

The website now shows a "This Hidden Site Has Been Seized" message





Silk Road was the drug dealing website in the world .It used the "TOR hidden network" to hide itself and its users.It seems Ross Ulbricht was caught due to his own mistakes and NOT due to a vulnerability in the TOR network.


This site had been a major point used lawmakers and politicians to try to curtail the growth of the TOR
 network.And now the recent actions by the FBI against many hidden sites in the TOR network is indeed a very big setback for it.

All the transactions in silkroad were done using Bitcoins and since the news of Ross Ulbricht's arrest bitcoin value has dropped quite a bit (Due to paranoid selling). But this is just the currency stabilizing itself, when it stabilizes BTC value will rise again. And the removal of association from such illigal market places might actually be a good thing for bitcoins.

Ross Ulbricht's LinkedIn Profile:http://www.linkedin.com/in/rossulbricht
Full Arrest Warrant: http://www1.icsi.berkeley.edu/~nweaver/UlbrichtCriminalComplaint.pdf
Full Details on how he was caught: https://medium.com/p/d48995e8eb5a



Note: I Will update as the story develops . You can tweet me at @SuriyaME   if you have something to add to this article. 

Scammer who stole financial info arrested by CIB


An alleged scammer who is responsible for stealing personal data of more than 10,000k people through a spam mail pretending to be from the Bureau of National Health Insurance has been arrested in China.

Surnamed Pan, tricks victims into download and open the attachment that contained a malicious software allowing him to steal the personal data from the affected computers.

According to China Post report, he used few techniques to avoid the antivirus detection and tested his malware numerous time before launching the real attack.

Criminal Investigation Bureau (CIB) said he had stolen "vast amounts of classified financial information from location companies".  He then used those details for accessing the online banking accounts and committed credit card fraud.

Hacker arrested by Taiwan Police for hacking classic music website


The China Posts reports that Taiwan police has arrested an individual suspect surnamed Shih on May 1 for hacking into a popular local classic music website.

The police raided the apartment of Shih and seized his computer which is found to be used in his hacking attempts.

The hacker admitted that he hacked into the website's customer database and made unauthorized changes to customer data by exploiting the SQL Injection vulnerability.

Criminal Investigation Bureau (CIB) stated the investigation was launched after it received a report from the web site's operator who said their site had been been hacked in March.

Accused SpyEye Virus creator extradited from Thailand to US


An Algerian man who is believed to be the creator of the infamous Banking Trojan "SpyEye" was extradited from Thailand to the United States to face charges.

Hamza Bendelladj, 24-year-old, also known as Bx1, will face charges for allegedly playing a role in developing, marketing ,distributing and controlling the SpyEye virus, according to FBI report.

SpyEye is a Banking Trojan(similar to Zeus virus) that steals confidential personal data and finance information such as online banking credentials , credit card information.

He was arrested at Suvarnabhumi Airport in Bangkok, Thailand, on Jan 5, while he was in transit from Malaysia to Egypt.

If convicted, he will face a maximum sentence of up to 30 years in prison for conspiracy to commit wire and bank fraud; up to 20 years for each wire fraud count; up to five years for conspiracy to commit computer fraud; up to five or 10 years for each count of computer fraud; and fines of up to $14 million.

Ex-employee arrested for hacking into High-voltage power manufacturer's network


A Software programmer who was employed at the High-voltage power manufacturer company arrested for hacking into the computer network of the company.

According to the FBI report, Michael Meneses, was employed at the victim company as a software programmer and system manager specializing in developing and customizing the software that the company used to run its business operations.

He was one of two employees who were primarily responsible for ensuring that the software that drove the company’s manufacturing business. His responsibilities gave him high-level access to the company’s computer network.

He had voiced displeasure at having been passed over for promotions, tendered his resignation in late December 2011.  Then, he allegedly launched cyber attack against the company and steal employee's security credentials.  He then used those credentials for accessing the network remotely via VPN.  The complaint says the company suffered over $90,000 in damages as a result of Meneses’s intrusions.

If convicted, he will face a statutory maximum sentence of years’ imprisonment, a $250,000 fine, and restitution.

Cybercriminals behind Carberp Trojan arrested in Ukraine


The masterminds allegedly behind one of the notorious banking Trojan Carberp that stoles millions of dollars and the developers have been arrested in Ukraine.

Carberp is a banking Trojan that first appeared in 2010 and started as a private malware used by a single group.  The gang in 2011 sold the malware's builder, a tool used to customize their Trojan program for $10,000 to a limited number of customers.

28-year-old Russian, the alleged leader of the group arrested along with about 20 individuals aged between 25 and 30 years old.

According to Kommersant Ukraine report, the cyber criminal ring is responsible for stealing more than $250 million in Ukraine and Russia alone.

5 CyberCriminals arrested for stealing 2 million Euros via e-banking hacks


Slovenian Police performed 12 house searches and arrested five cyber criminals who are believed to be responsible for the malware attacks that steals money from companies bank accounts.

It all started last year when the Slovenian national Computer Emergency Response Team(SI-CERT) started receive reports regarding a malware attacks.

The victims received emails pretending to be coming from a local bank and state tax authority with a Trojan horse attached.

The malware installs the Remote Administration tool that steals victim's e-banking credentials and send it to the cyber criminals.

"With stolen credentials and in the case where the victim did not remove the smart card containing the bank-issued certificate from the reader after use, the doors to the company's bank accounts were left open to the criminal gang." SI-CERT's report reads.

The attackers cleverly planned their attacks to happen on Fridays or the day before national holidays, so that the companies wouldn't immediately notice the theft.

According to the report, the criminal group used 25 money mules to transfer around 2 million Euros.

More than 1600 Indians were arrested in 2011 for CyberCrimes

cybercrime and law in india

More than 1,600 Indians were arrested in 2011 for Cyber Crimes registered under the Information Technology (IT) Act (2000) and under sections of Indian Penal Code (IPC), nearly 30% more than previous year.

According to Times of India report, Indian Minister of State for Communications Milind Deora said that a total 1,630 persons arrested in 2011 comprised 1,184 under Information Technology (IT) Act (2000) and 446 under sections of the Indian Penal Code (IPC) related to cybercrimes.

In 2010, the number of arrests for cybercrime under the IT Act (2000) was 799 and 394 under sections of the Indian Penal Code (IPC), making a total of 1,193.

Last year's cybercrime cases pertained to tampering computer source documents, hacking, obscene publication/transmission in electronic form and failure of compliance/order of certifying Authority, among other reasons.

Feds charge Anonymous spokesperson Barrett Brown for sharing link to stolen credit card data


Is it crime to share a link to data leaks? The Today indictment of Anonymous spokesperson shows sharing link to data leaks is crime.

Barrett Brown , the former spokesperson for the Anonymous hacktivist, has been charged of one count of trafficking stolen authentication features, one count of access device fraud, and ten counts of aggravated identity theft.

The charges are related to the Stratfor hack carried out by hacktivists at the end of 2011.

Brown isn’t charged with committing the stratfor hack but for posting links to file contains the 5,000 credit card details that were stolen in the incident.

" By transferring and posting the hyperlink, Brown caused the data to be made available to other persons online, without the knowledge and authorization of Stratfor and the card holders." The Feds says.

From the story, We can come to a conclusion that all Journalist who covers the hacking incident and links to data leaks are making crime.

At that time of stratfor hacking incident, links to the stolen credit card details were widely shared on twitter - are all the users who shared the links going to be rounded up and arrested, too?

Anonymous hacker convicted for attack on PayPal, Visa and MasterCard as part of Operation Payback

Anonymus hacker

A British Student hacker associated with the Anonymous hacktivist has been convicted in UK for his involvement in series of cyber attacks against the Paypal, Mastercard, Visa in 2010 as part of 'Operation Payback'

Christopher Weatherhead, 22 year-old, online handle 'Nerdo', was found guilty following the guilty pleas of three others — Jake Birchall, Ashley Rhodes and Peter Gibson.

The four hackers were arrested for orchestrating denial of service attacks against the companies because they had stopped processing payments for WikiLeaks. The attacks cost PayPal £3.5m.

The hacker also overwhelmed the servers of the British Recorded Music Industry and replaced with a message :

"You've tried to bite the Anonymous hand. You angered the hive and now you are being stung."

Weatherhead, who will be sentenced at a later date, could face up to 10 years in prison.