Search This Blog

Showing posts with label Hackers Arrested. Show all posts

Court in the United States has sentenced Russian Andrey Tyurin to 12 years in prison for cybercrime

The Federal Court of the Southern District of New York sentenced Russian Andrey Tyurin to 12 years in prison for committing a number of cybercrimes. In addition, he was ordered to pay the United States 19 million dollars

The Russian Consulate General in New York is in contact with law enforcement agencies in the United States in the case of the Russian Andrei Tyurin, who was sentenced by the court to 12 years in prison for cybercrime, said the press secretary of the diplomatic mission Alexey Topolsky.

According to him, the conditions of detention of the Russian citizen were difficult in the context of the COVID-19 pandemic. Topolsky recalled that Tyurin contracted the coronavirus in an American prison.

"The Russian Consulate General in New York is monitoring the case of Andrei Tyurin and is in contact with US law enforcement agencies," said Topolsky.

In his last speech, Tyurin said that he sincerely repents for what he did.

According to the judge, Tyurin must reimburse the United States 19 million 214 thousand 956 dollars, this is the profit that he derived from his criminal activities.

By US standards, a 12-year sentence is not the harshest for such a crime, says international lawyer Timur Marchani.

"In the United States, for crimes related to cybersecurity, for crimes that entail hacking the banking system, some of the harshest penalties are provided. Here, the court took into account first of all the hacker's remorse and, most importantly, cooperation with the preliminary investigation authorities and then with the court," said Mr. Marchani.

Recall that the Russian was detained in Georgia at the request of the United States in December 2017. In September 2018, he was extradited to the United States. In September 2019, the Turin pleaded guilty to six counts of the indictment.

According to the investigation, Tyurin participated in a "global hacking campaign" against major financial institutions, brokerage firms, news agencies and other companies, including Fidelity Investments, E-Trade Financial and Dow Jones & Co.

Prosecutor Jeffrey Berman said that Tyurin ultimately collected client data from more than 80 million victims, "which is one of the largest thefts of American client data for one financial institution in history."

UK Police Arrested Online Criminal Marketplace That Advertised Stolen Personal Credentials


UK police has arrested 21 malicious actors across the United Kingdom who were the part of nationwide cyber crackdown targeting customers of WeLeakInfo.com. Now-defunct online service which was previously giving access to data hacked from other Networks. According to the National Crime Agency, “those 21 people have been arrested across the Nation as part of an operation targeting customers of an online criminal marketplace were using stolen personal credentials to commit further cyber and fraud offences’’. 

All men those have been arrested aged between 18 and 38, out of 21 – 9 people have been detained under Computer Misuse Act offences, another 9 people under for Fraud offences, and remaining 3 under investigation for both the aforementioned. National Crime Agency has also seized £41,000 in bitcoin from the individuals. 

As per the sources, the UK National Crime Agency (NCA), the US Federal Bureau of Investigation (FBI), the Netherlands National Police Corps, the Police Service of Northern Ireland and the German Bundeskriminalamt, were working in unison and it was in January 2019 when they seized the domain of WeLeakInfo.com. 

Launched in 2017, WeLeakInfo was selling access to hacked information for the past three years. Reportedlu, the hackers behind the online service obtained data from over 10,000 Data breaches and cemented its name as brilliant underground hacking space. 

Furthermore, WeLeakInfo also offered subscription plans allowing users unlimited access to sensitive information. The plans were categorized as following– one day ($2), one week ($7), one month ($25), or three months ($70). Even cheap subscription plan was giving huge access to information, apprentice-type hackers were getting hold of huge cache of data and were using credentials for further criminality, including cyber attacks and fraud offences. 

Following the domain's seizure in January, in connection with running the site, two 22-year-old men, were arrested one from the Northern Ireland and another from the Netherlands.

NCA said, besides customers of WeLeakInfo, certain evidence revealed that other cybercrime tools such as remote access Trojans (RATs) and crypters were also being purchased. 

In the context, Paul Creffield, head of NCA’s National Cyber Crime Unit, said: “Through the identification of UK customers of WeLeakInfo, we were able to locate and arrest those who we believe have used stolen personal credentials to commit further cyber and fraud offences. The NCA and UK law enforcement take such offences extremely seriously and they can result in huge financial loss to victims. We were also able to pin point those on the verge of breaking the law and warn them that should they continue, they could face a criminal conviction. Cyber skills are in huge demand and there are great prospects in the tech industry for those who choose to use their skills legally’’.

Police detained hackers who stole more than 20 million rubles

Police officers of the Chuvash Republic, with the assistance of BI.ZONE experts detained the organizers of a criminal group that stole money from customers of Russian banks using the FakeToken malicious software. The group operated for more than 5 years, the damage from its activities exceeds 20 million rubles ($272 200,00).

During a search at the addresses of one of the fraudsters, network devices, communication devices and computer equipment containing clear traces of the development and distribution of Trojan Banker.AndroidOS.FakeToken were found and seized. Also, employees of the Ministry of Internal Affairs found SIM cards of various telecom operators and electronic correspondence in Telegram, which confirms the involvement of the detainee in illegal activities.

According to BI.ZONE experts, the attackers used Trojan Banker.AndroidOS.FakeToken for stealing money from users of mobile devices based on the Android OS. The program infected devices, intercepted SMS messages from the Bank and transmitted them to the server of criminals, as well as collected Bank card data. The fraudsters used this information to transfer money from the victims' mobile and Bank accounts. "Over the past five months, the hacker group has gained access to more than 5,000 phones and data from at least 2,500 Bank cards," said experts.

"In February 2020, we recorded the activation of the FakeToken malware, which infected more than 2,000 victims every day. The group that manages this software is considered one of the most active in the Russian Federation, and we are glad that we were able to help stop the criminals," said Evgeny Voloshin, director of the BI.ZONE expert services unit.

It's important to note that the FakeToken Banking Trojan has been known since 2016. It is able to attack more than 2 thousand financial applications, its victims of steel of about 16 thousand users in 27 countries, including Russia, the Ukraine and Germany.

In Ukraine, a world-famous hacker has been detained


The press center of the Security Service of Ukraine announced the arrest of a world-famous hacker who operated under the nickname Sanix. Last January, Forbes, The Guardian, and Newsweek wrote about the cybercriminal. TV channel Italia 1 dedicated a separate story to it since the database put up for sale by an unknown person was the largest in the history of the stolen database.

The hacker Sanix turned out to be a 20-year-old resident of the small town of Burshtyn. The guy graduated from high school and college, has no higher education.

At the beginning of last year, Sanix attracted the attention of the world's leading cybersecurity experts. On one of the forums, a hacker posted an ad for the sale of a database with 773 million email addresses and 21 million unique passwords. According to the portal Wired, this event should be considered the largest theft of personal data in history.

SBU experts claim that the hacker also sold pin codes for bank cards, electronic wallets with cryptocurrency and PayPal accounts.

During the searches, computer equipment with two terabytes of stolen information, phones with evidence of illegal activity and cash from illegal operations in the amount of $7,000, and more than $3,000 were seized from a hacker.

The National Police of Ukraine added that the 87 GB database proposed by the hacker makes up only a small part of the total amount of data that he possessed. More than 3 TB of such databases, uploaded and broken passwords were found at the hacker. This includes the personal and financial data of EU citizens and the United States.

Sanix himself in private correspondence with a BBC journalist noted that he was only a salesman. Sanix said that poverty in the country and an urgent need for money motivated him to become a cybercriminal.

Hackers who were preparing attacks on hospitals arrested in Romania


Romanian law enforcement officials stopped the activities of the cybercriminal group PentaGuard, which was preparing to carry out attacks on Romanian hospitals using ransomware.

Four hackers were arrested, and searches were conducted at their place of residence (at three addresses in Romania and one address in Moldova). According to the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT), hackers had various malicious programs at their disposal, including Trojans for remote access, ransomware, as well as tools for defacing sites and SQL injections.

In addition, hackers developed malicious computer applications for use in computer attacks, such as rasomware-cryptolocker and RAT (Remote Trojan Access). Such malicious attacks were directed against several state institutions, as in Bucharest.

During the investigation, it became clear that cybercriminals planned to attack hospitals. The attackers intended to send phishing emails on the subject of COVID-19 to medical institutions, and use them to infect networks with ransomware Locky or BadRabbit, encrypt files and demand a ransom for recovery. According to the Romanian media, this is how the cybercriminals wanted to protest against the quarantine measures taken by the Romanian government.

This type of attack makes it possible to block and seriously disrupt the functioning of the IT infrastructure of these hospitals. They are part of the healthcare system, which currently plays a decisive and decisive role in combating the pandemic with the new coronavirus.

The hacker group PentaGuard has existed since about 2000. In January 2001, the group carried out a massive deface of the sites of the British and Australian governments. Over the past few years, PentaGuard has not conducted any deface campaigns but has remained active on hacker forums. In January 2020, the group resumed defacing attacks.

The Federal security service of Russia stopped the activities of the largest group of hackers


More than 30 members of an interregional criminal group engaged in cloning and selling credit and payment cards of Russian and foreign banks were detained by the Federal security service (FSB). Hackers gained access to data by hacking user accounts and payment systems. The detentions took place immediately in 11 regions of Russia.

The group created more than 90 online stores where it was possible to buy data from other people's bank cards. The cards of both Russian and foreign banks, including credit cards, were compromised.
According to the FSB, the criminal group has been operating for at least the past three years. Criminals obtained the necessary data of real cardholders by accessing user accounts on the Internet and payment systems.

One of the most common ways to get them was to create websites selling various products at below-market prices. Customers interested in these cheap offers paid for the purchase directly on the site with a bank card. At the same time, using a special program, hackers gained access not only to its number but also to the pin code, as well as the CVC code of the cardholder. The seller immediately canceled the transaction itself, referring to the fact that the product is out of stock and the customer will be notified of its appearance by SMS.

After that, cloned Bank cards with a balance, usually, not less than several hundred thousand rubles or several thousand dollars or euros went on sale in one of the 90 online stores organized by members of the group in the Darknet. For example, a copy of the card with a balance of $3 thousand to $25 thousand fraudsters offered to buy for 30% of the face value. They even gave a 30-day guarantee for their product, promising to exchange the card in case of blocking. At the same time, courier delivery of cards with the entire package of documents was offered to any city in the world. Withdraw money was recommended as soon as possible so that its real owner did not have time to suspect anything.
25 detainees were charged under the article on illegal turnover of payment funds. Among the detainees are citizens of Ukraine and Lithuania.

Law enforcement officers seized more than $1 million and 3 million rubles during their detention, as well as weapons, drugs, gold bars and servers hosting fraudulent websites. According to the statement, the site hosting equipment was "liquidated". The FSB added that the seized property included fake documents, including fictitious Russian passports and law enforcement documents.

In Kiev, a hacker group who used the vulnerability of banks to steal their clients' money was caught


The Security Service of Ukraine (SBU) announced the termination of the acclivities of hackers who stole an average of 1.2 million dollars a year from the accounts of banking institutions.

According to the investigation, the attackers found vulnerabilities in the electronic payment document management system of banks, illegally transferred money of clients to the accounts of fictitious persons or transferred it to cryptocurrency. Hackers created a bot network of infected computers to conduct illegal operations on the Internet. "Thus, the members of the group stole from the accounts of banking institutions on average 30 million hryvnias ($1.2 million) a year," reported the press service of the SBU on Tuesday.

During 10 searches in Kiev and the region, as well as in Lviv, law enforcement officers seized computer equipment and mobile devices that were used by members of the group during illegal activities. Now the seized equipment is sent for examination.

A criminal case has been opened. If the attackers are found guilty, they face up to six years in prison.
It is worth noting that the Security Service of Ukraine recently exposed a large group of hackers associated with the Darknet.

Members of the group and third parties used server hosting equipment to conduct cyberattacks on the authorities and administration of Ukraine, critical infrastructure of Ukraine, as well as Ukrainian and world banks.

During the investigation, operatives detained the organizer of the group, who since 2011 provided its own server equipment for hosting, administering and distributing malware, bot networks and conducting cyberattacks.

In particular, DDoS attacks were carried out on strategic facilities in Ukraine and banking institutions of other states. The specified hosting was known on the Darknet network under the name "ProHoster" and "Bulletproof.space".

Hacker to stand trial for stealing and distributing Russian Railways data


The investigating authorities completed a criminal investigation into the theft of data from Russian Railways employees. This was reported by the press service of the Investigative Committee of Russia.

According to the Committee, in June 2019, the accused, using illegally obtained accounts of two employees of Russian Railways and 96 unique IP addresses, was able to get to the internal website of the state company. There, he copied several hundred thousand photos and information of the Russian Railways management, as well as other employees of the organization. Later, he posted the data on one of the sites that have hosting in Germany.

Investigators were able to identify the computer genius. It turned out to be a 26-year-old IT specialist from Krasnodar, who admitted his guilt. It was possible to establish the identity of the attacker through joint work with the K department of the Ministry of Internal Affairs of Russia and the security service of Russian Railways. In December 2019, he was charged under the article "illegal receipt and disclosure of information constituting a trade secret".

The leak of data of Russian Railways employees became known in August 2019. They were published on the website infach[dot]me, which allowed users to anonymously publish personal data of other people. Among the data of Russian Railways employees published on the site were their names, phone numbers, positions, photos in the uniform and pictures of the insurance documents. The attackers added a note to the publication "Thank you to Russian Railways for the information provided by carefully handling the personal data of their employees". Later, the information was hidden.

Later, Ashot Hovhannisyan, the founder and technical Director of DeviceLock, a company specializing in preventing data leaks from corporate computers, said that unknown people had posted personal data of 703 thousand people for free access. He also suggested that the leak occurred from the database of the security service of the state company. According to the report for the first half of 2019, the number of employees of Russian Railways amounted to 732 thousand people.
After the leak, Russian Railways assured that the passenger data was not stolen.

Group of 10 hackers was convicted for stealing gasoline and selling


The court issued a verdict on February 3 in the case of theft of fuel at Rosneft gas stations.
The court and investigation found that there were ten people in the hacker group, two women and eight men. They divided criminal roles, came up with a scheme using special equipment and software in order not to top up gasoline at gas stations.

Attackers stole at "Rosneft-Kubannefteprodukt" gas stations. They launched the equipment and modified the information on the computer, which gave them the opportunity not to top up the fuel to customers. They sold the surplus again and divided the profits.

The damage to Rosneft gas stations amounted to more than 1.7 million rubles ($27,000). Its size was calculated based on the price of spare parts that were damaged by attackers in the fuel dispensers.
A criminal case has been opened on the creation, use and distribution of malicious computer programs. The court found the defendants guilty. Depending on the role of each, they were assigned from 1.5 years to 4 years in prison with fines of 200 to 500 thousand rubles ($3,000-$8,000).

Earlier, EhackingNews reported that employees of the Ministry of Internal Affairs in the Khabarovsk region detained 13 employees of one of the companies engaged in retail and wholesale of petroleum products. The hackers introduced the virus into the control system of gas stations. This allowed hackers to steal part of the product purchased by customers.

It is worth noting that in 2018, the FSB found viruses in dozens of gas stations in the South of Russia that allow to not top up fuel. The creator and distributor of viruses was Russian hacker Denis Zaev. In August 2019, Zaev hid several times from law enforcement agencies and was on the Federal wanted list, and then hid on the territory of Georgia. In total, 24 defendants are involving in this criminal case.

Cyber police in Ukraine caught hackers who hacked tens of thousands of servers around the world


Cyber police in the Kharkiv region exposed members of a criminal hacker group who purposefully carried out attacks on private organizations and individuals to illegally gain access to their remote servers. It is established that in this way they managed to hack more than 20 thousand servers around the world.

According to employees of the Department for Combating Cybercrime, the attackers sold the hacked accesses to customers. In addition, law enforcement identified all members of this group. So, it included three Ukrainian and one foreigner. All of them were well-known participants of hacker forums and carried out orders hacking remote servers located in the territory of Ukraine, Europe and the USA.

Cyber police found that the criminal group had been operating since 2014. Its participants carried out bruteforce attacks on private enterprises and individuals. They used for attacks specialized software that exploited vulnerabilities of Windows-based servers.

It is known that attackers sold some hacked servers to other hackers who used the acquired information for their own purposes, for example, they demanded money from a victim or threatened to debit money from bank cards.

They also used part of the servers for their own purposes: creating botnets for mining, DDoS attacks, installing software command centers for viruses like Stealer, turning them into tools for conducting brute-force attacks on new network nodes.

Cybercriminals received income from their illegal activities on e-wallets. Almost $80,000 was found in some accounts.

To coordinate the actions of all members of the international hacker group, communication between them took place through hidden messengers.

Cyber police together with investigators of the Kharkiv region police conducted searches of the places of residence of the persons involved in the international hacker group. Computer equipment, additional media, draft records, mobile phones and bank cards that were used to commit crimes were seized.

Romanian cybercriminals sentenced to 20 years in prison for developing malware


Two Romanian citizens were sentenced to imprisonment for the development and operation of the Bayrob malware, which infected more than 400 thousand computers, and theft of confidential information.

Back in 2016, three members of the hacking group Bayrob were extradited to the US. Law enforcement officers told that citizens of Romania Bogdan Nicolesku aka Masterfraud, aka mf, Danet Tiberiu aka Amightysa, aka amy and dRadu Miclaus aka Minolta, aka min since 2007 engaged in fraud and development of malware, and then their business became a large botnet, which was also involved in cryptocurrency mining.

According to authorities, during the years of activity, the group stole more than four million dollars from its victims, but Symantec analysts, who helped law enforcement agencies to stop the group's activities, reported that in fact, the damage from the actions of Bayrob could be more than $35,000,000.

Bayrob malware was conceived as a tool to steal email addresses from the target computer and then send infected messages to users. Cybercriminals managed to infect and hack more than 400 thousand computers. The attackers registered more than 100 thousand email accounts to send 10 million letters to the collected addresses. The defendants also intercepted requests to Facebook, PayPal, eBay and other websites and redirected victims to similar domains in order to steal their data.

So, if in 2007 about 1000 cars were infected with Bayrob, by 2014 their number increased to 50,000, and by 2016 it exceeded 300,000 altogether.

All three suspects were charged in 2016, but the case came to court much later. At the end of last week, the website of the US Department of Justice reported that Nicolesku and Tiberiu were sentenced to 20 and 18 years in prison.

The Russian Embassy in Washington sent a note of protest to the State Department


The US Department of Justice has confirmed the extradition of Russian hacker Alexei Burkov from Israel. Accused by Americans of credit card fraud, a Russian citizen has already appeared before a federal judge in Virginia. Burkov faces up to 80 years in prison. The Russian Foreign Ministry sent a note of protest to the State Department, soon the consuls will be sent to the Russian citizen.

"In connection with the extradition of the Russian citizen Burkov from Israel to the United States, we have taken a decisive demarche regarding the “hunt” unleashed by Washington for our citizens around the world. In the note sent to the State Department, we demanded strict compliance by the American side with existing bilateral obligations," reported the press service of the Russian diplomatic mission.

The Embassy noted that Russian diplomats "will soon visit a compatriot in a pretrial detention center in Virginia."

Earlier, the US Department of Justice said that according to court documents, Burkov allegedly ran a website called Cardplanet that sold payment card numbers, many of which belonged to US citizens.
"Stolen data from more than 150,000 payment cards were allegedly sold on Burkov's website and led to fraudulent purchases made from US credit cards worth more than $20 million," stated the US Department of Justice.

It is noted that if Burkov is found guilty on all counts, he faces up to 80 years in prison.
Earlier, Russian President Vladimir Putin proposed to exchange the Israeli woman, who has dual citizenship — Israel and the United States. She was sentenced to 7.5 years in prison for smuggling hashish. Putin discussed the case with the Prime Minister of the Jewish state, Benjamin Netanyahu. However, he refused to make such an exchange.

Recall that Burkov was detained at the airport in Tel Aviv in 2015 when he came to Israel on vacation. He was later charged with crimes in the sphere of cybersecurity. He calls himself an information security specialist and denies the charges of committing the crimes imputed to him. All the time since the arrest he spent in Israeli prisons.

It is worth noting that Alexei Burkov will not be the first Russian convicted in the United States, whose return will be required by the Russian Foreign Ministry.

The Russian security guard arrested for stealing login credentials of Gamers and selling them


The court began consideration of the case of a hacker from Novosibirsk, who was engaged in the theft of credentials gaming accounts right at the workplace in the Novosibirsk State Agrarian University, where he worked as a security guard. Data was subsequently sold over the Internet. The security guard was engaged in this activity not less than half a year.

31-year-old former employee of a private security company for six months combined his hacker activity with work as a university security guard, this continued until January 2019. According to the materials of the case, the man downloaded hacker programs for stealing logins and passwords for popular gaming platforms, including Steam and the Rockstar Games and Electronic Arts services.

The hacker sold the received data through the FunPay electronic exchange. The investigation was unable to establish the exact number of hacked accounts, but tracked the payment received by the hacker on the site. However, the business did not have high profitability, since in six months the hacker was able to earn only about 1.7 thousand rubles ($26).

The security guard was caught by the FSB officers, calculating the origin of computer attacks by IP-address. The accused has fully admitted his guilt. Prosecutor's office demands for him two years suspended sentence, without payment of a fine.

It is worth noting that this is not the first time in recent years, when a hacker appears in court in the case of hacking accounts with special software. For example, in June 2019, a hacker from Chelyabinsk was sentenced to 10 months in prison for hacking personal accounts of users in payment systems and accounts in social networks with the help of malware. But the hacker did not manage to steal money from the victims.

Hacker from Samara city sentenced for Creating and Selling Malware


Sergei Materov, a 42-year old hacker from Samara, the sixth largest city in Russia, has been sentenced at the Prikubansky District Court of Krasnodar for creating and distributing malicious computer programs , under part 2 of article 273 of the Criminal Code of Russian Federation.

According to the local news report, the malware created by him were capable of neutralizing security solutions installed and steal, modify, block and destroy information on the infected computer.

The convict came to Kuban to earn money. He started to do freelance software development from home. He also posted advertisements on the Internet in which he offered software development for computers.

An unnamed person responded to his ads and paid him 6800 Rubles for developing two malicious programs.

Materov was detained by the FSB officers and later sentenced to one year and three months imprisonment.

- Christina
 

Russian Citizen suspected of cybercrime was arrested in Estonia



A 20-year-old Russian IT programmer is suspected of cyber espionage. He was traveling from Estonia to Russia and was detained at the border crossing in Narva.

According to the local media, the Estonian Security Police(KaPo) allowed the suspect to work for some time unhindered, as a result of which he was linked to the Security Service of Russian Federation.

Authorities said that he is a member of the FSB and was preparing a mass cyber attack on the computer systems of the Estonian State Institutions. According to them, the Russians was trying to make some device or computer program with which he can get access to local computer systems.

Elena Vladimirovna, mother of the suspect, told media that it is completely unexpected for her since her son was never seen in any unlawful actions.

"Of course, I hope that everything will end well and we will be able to prove his innocence." Elena was quoted as saying by Local Media Sputnik. "However, the services of a good lawyer cost a lot of money, which I do not have. Perhaps, the Russian embassy will be able to help us in some way, but I will not let my son to Estonia again never"

The Russian Embassy in Estonia is ready to help. The Embassy asked Estonian Foreign Ministry to give permission to meet the arrested person.

A criminal case has been instituted against the suspect under article 233 of the Penal Code of the Republic of Estonia "Non-violent acts of an alien directed against the Republic of Estonia" and article 216 "Preparing a computer crime". He faces up to 15 years in prison, if convicted.

- Christina

Russian hackers stole 60.5 million rubles using malware

According to the Ministry of International Affairs of Russian Federation, two natives of the Sverdlovsk region stole more than 60.5 million rubles from Petropavlovsk-Kamchatsky (center of Kamchatka Krai) Bank and another commercial organizations.

Irina Volk, official representative of the MIA, said that hackers were able to access the computers of the affected organizations using Malware.  Stolen money was transferred to the Bank accounts of front organizations and cashed.

Criminal cases of illegal access to computer information and cybercrime will be heard soon. According to the first case, hackers can face up to five years imprisonment. According to second, they can face up to ten years with a fine up to one million rubles.

It is known that they have another partners. The investigation against hacker group continues.

According to Ilya Sachkov (CEO and founder of Group-IB), 100% effective safeguards against cyber attacks does not exist, but every organization can reduce the risks and improve protection of banks. The most important thing for organizations is creation their own Information Systems and Security Division.

- Christina

Trial Of a Group Accused Of Hacking Transport Card System "Troika" To Resume On September 12



Trial of Russian hackers who are accused of hacking transport card system "Troika" and other transport cards is postponed from 31 August to September 12. The accused are Denis Kazmin, Yury Putin and Pavel Andryushin.

The group bought the details of the Turnstiles (like in metro) for the creation of malicious software. After studying the working process of Turnstiles, they developed a program in Object Pascal Programming language, namely "Terminal.exe" "ATMega128_BackDoorBootLoader.asm".

The program allowed them to get information of the carrier, memory dumps and access keys from the Turnstiles located at one of the Moscow station. The information were used for adding money to transport card and sold the card.

The hackers may receive 3 to 4 years of imprisonment

Experts were surprised, according to them, transport card fraud is a rare, because in this way you can not earn big money. The whole damage amounted to 2 million rubles.

It's interesting to note that in May 2016 another Russian researcher Igor Shevtsov did research and wrote an article(https://habrahabr.ru/post/301832/) about a critical vulnerability of transport card "TROIKA".

He explained how to fake balance of the card and how travel on public transport for free.  It took him 15 days, he used Android smartphone with NFC chip. He also created an android application TroikaDumper to exploit the vulnerability. The Representatives of Moscow metro contacted with the researcher and fixed the vulnerability after few days. The article written by Shevtsov is now removed.

- Christina
 

Two Israeli Teenagers arrested and charged for selling DDOS Service


Two Israeli teenagers from Sharon region were formerly arrested after eighteen months of investigation.

The Israelis are responsible for thousands of cyber attacks around the world, causing damage estimated in more than million dollars.

According to local news report, they have created a Shell company in England and sold Distributed Denial of Service (DD, OS) attack as service.

"In January of 2016, a covert investigation was opened against the suspects who set up and managed a website called vdos-s[dot]com, which sold packages created to cause the servers to crash," police told local news report.

The DDOS attack is used for disrupting access to the victims' websites. Price of the "attack pacakge" offered by them was ranged from 19.99 $ to $ 499,99.

More than two million cyber attacks were conducted in the United States, England, Holland and Sweden, causing multi million-dollar losses. Suspects earned above 613 thousand dollars. The money was seized after Bank accounts were identified and frozen.

- Christina

Gozi Banking Trojan Creator pleads guilty

Creator of Banking Trojan 'Gozi' admitted his crime and is now awaiting sentencing.

Gozi is a trojan seen in action for quite some years now, and was first reported in 2007. It is a genuine threat to bankers and online banking in general as it has been separating people from their fortune.

In 2013, few men were arrested under the charges of operating the Gozi. Finally one of them, Deniss Calovskis, 30, has admitted committing the felon and pleaded guilty. Calovskis was held responsible for writing some of the codes for the trojan, according to a statement put out by the FBI in 2013. The agency said that the Latvian coder user the moniker 'Miami' in the web world, was arrested on suspicion of authorship for the code in his country in November 2012.

It was said and confirmed, that his codes misled people into thinking that they were on official banking sites.The US authorities were quite flabbergasted with the gang and the malware that provided the dark economy with "tens of millions of dollars". The rest of the gang are Russian Nikita Kuzmin and Romanian Mihai Ionut Paunescu. Reuters reported that the former admitted her crime in 2011, and that the latter is subject to extradition attention.

"This long-term investigation uncovered an alleged international cybercrime ring whose far-reaching schemes infected at least one million computers worldwide and 40,000 in the US, and resulted in the theft or loss of tens of millions of dollars," said FBI assistant director in charge George Venizelos."Banking trojans are to cyber criminals what safe-cracking or acetylene torches are to traditional bank burglars, but far more effective and less detectable. The investigation put an end to the Gozi virus."

Six teenagers arrested for using Lizard Squad's DDoS service


(PC- google images)
Six teenagers were recently arrested and later bailed on account of using the hacking tools of a certain Lizard Squad to breach softwares and websites, which included gaming companies, school servers and even newspapers.


The teenagers, aged between 15 to 18 and all male, were arrested during an operation by the UK police in search of hackers using the Lizard Stresser tool that allows the user to send spam to system and facilitate the denial of service (ddos) attack, which makes the website unavailable to the real time visitors.

In the past, such ddos attacks have caused both reputational and financial damage to services provided by big business giants like Sony to even government websites, while these attacks interrupt the smooth functioning for a time interval that starts from a few hours and can last till weeks.

This tool was effectively used by the Lizard Squad in December 2014, to interrupt the online gaming services of Microsoft’s Xbox Live and Sony’s PlayStation Network. The tool is available in the market and can acquiring it can make a normal person into a potential hacker who can then select their targets according to their will.
The UK police arrested the teenagers with the help of the National Crime Agency(NCA), while they were trying to pay anonymously for the tool using BitCoin. However, none of the six teenagers have been confirmed to be a member of the Lizard Squad.

Tony Adams of NCA’s cybercrime unit, explained that by a small amount, a person can acquire the Lizard Stresser that can ruin big businesses and make access to information a deliria for the public. He further added that the arrest was made under an operation named ‘Vivarium’, and that the teenagers were operating from all across UK.


A member of Lizard Squad was arrested in Twickenham in December for their involvement in cyber attacks, while a further member was arrested in May for pranking armed police. However, the hacking group’s tool remains available, despite its site being hacked revealing customers’ details.