Search This Blog

Showing posts with label Hackers Arrested. Show all posts

In Ukraine, a world-famous hacker has been detained


The press center of the Security Service of Ukraine announced the arrest of a world-famous hacker who operated under the nickname Sanix. Last January, Forbes, The Guardian, and Newsweek wrote about the cybercriminal. TV channel Italia 1 dedicated a separate story to it since the database put up for sale by an unknown person was the largest in the history of the stolen database.

The hacker Sanix turned out to be a 20-year-old resident of the small town of Burshtyn. The guy graduated from high school and college, has no higher education.

At the beginning of last year, Sanix attracted the attention of the world's leading cybersecurity experts. On one of the forums, a hacker posted an ad for the sale of a database with 773 million email addresses and 21 million unique passwords. According to the portal Wired, this event should be considered the largest theft of personal data in history.

SBU experts claim that the hacker also sold pin codes for bank cards, electronic wallets with cryptocurrency and PayPal accounts.

During the searches, computer equipment with two terabytes of stolen information, phones with evidence of illegal activity and cash from illegal operations in the amount of $7,000, and more than $3,000 were seized from a hacker.

The National Police of Ukraine added that the 87 GB database proposed by the hacker makes up only a small part of the total amount of data that he possessed. More than 3 TB of such databases, uploaded and broken passwords were found at the hacker. This includes the personal and financial data of EU citizens and the United States.

Sanix himself in private correspondence with a BBC journalist noted that he was only a salesman. Sanix said that poverty in the country and an urgent need for money motivated him to become a cybercriminal.

Hackers who were preparing attacks on hospitals arrested in Romania


Romanian law enforcement officials stopped the activities of the cybercriminal group PentaGuard, which was preparing to carry out attacks on Romanian hospitals using ransomware.

Four hackers were arrested, and searches were conducted at their place of residence (at three addresses in Romania and one address in Moldova). According to the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT), hackers had various malicious programs at their disposal, including Trojans for remote access, ransomware, as well as tools for defacing sites and SQL injections.

In addition, hackers developed malicious computer applications for use in computer attacks, such as rasomware-cryptolocker and RAT (Remote Trojan Access). Such malicious attacks were directed against several state institutions, as in Bucharest.

During the investigation, it became clear that cybercriminals planned to attack hospitals. The attackers intended to send phishing emails on the subject of COVID-19 to medical institutions, and use them to infect networks with ransomware Locky or BadRabbit, encrypt files and demand a ransom for recovery. According to the Romanian media, this is how the cybercriminals wanted to protest against the quarantine measures taken by the Romanian government.

This type of attack makes it possible to block and seriously disrupt the functioning of the IT infrastructure of these hospitals. They are part of the healthcare system, which currently plays a decisive and decisive role in combating the pandemic with the new coronavirus.

The hacker group PentaGuard has existed since about 2000. In January 2001, the group carried out a massive deface of the sites of the British and Australian governments. Over the past few years, PentaGuard has not conducted any deface campaigns but has remained active on hacker forums. In January 2020, the group resumed defacing attacks.

The Federal security service of Russia stopped the activities of the largest group of hackers


More than 30 members of an interregional criminal group engaged in cloning and selling credit and payment cards of Russian and foreign banks were detained by the Federal security service (FSB). Hackers gained access to data by hacking user accounts and payment systems. The detentions took place immediately in 11 regions of Russia.

The group created more than 90 online stores where it was possible to buy data from other people's bank cards. The cards of both Russian and foreign banks, including credit cards, were compromised.
According to the FSB, the criminal group has been operating for at least the past three years. Criminals obtained the necessary data of real cardholders by accessing user accounts on the Internet and payment systems.

One of the most common ways to get them was to create websites selling various products at below-market prices. Customers interested in these cheap offers paid for the purchase directly on the site with a bank card. At the same time, using a special program, hackers gained access not only to its number but also to the pin code, as well as the CVC code of the cardholder. The seller immediately canceled the transaction itself, referring to the fact that the product is out of stock and the customer will be notified of its appearance by SMS.

After that, cloned Bank cards with a balance, usually, not less than several hundred thousand rubles or several thousand dollars or euros went on sale in one of the 90 online stores organized by members of the group in the Darknet. For example, a copy of the card with a balance of $3 thousand to $25 thousand fraudsters offered to buy for 30% of the face value. They even gave a 30-day guarantee for their product, promising to exchange the card in case of blocking. At the same time, courier delivery of cards with the entire package of documents was offered to any city in the world. Withdraw money was recommended as soon as possible so that its real owner did not have time to suspect anything.
25 detainees were charged under the article on illegal turnover of payment funds. Among the detainees are citizens of Ukraine and Lithuania.

Law enforcement officers seized more than $1 million and 3 million rubles during their detention, as well as weapons, drugs, gold bars and servers hosting fraudulent websites. According to the statement, the site hosting equipment was "liquidated". The FSB added that the seized property included fake documents, including fictitious Russian passports and law enforcement documents.

In Kiev, a hacker group who used the vulnerability of banks to steal their clients' money was caught


The Security Service of Ukraine (SBU) announced the termination of the acclivities of hackers who stole an average of 1.2 million dollars a year from the accounts of banking institutions.

According to the investigation, the attackers found vulnerabilities in the electronic payment document management system of banks, illegally transferred money of clients to the accounts of fictitious persons or transferred it to cryptocurrency. Hackers created a bot network of infected computers to conduct illegal operations on the Internet. "Thus, the members of the group stole from the accounts of banking institutions on average 30 million hryvnias ($1.2 million) a year," reported the press service of the SBU on Tuesday.

During 10 searches in Kiev and the region, as well as in Lviv, law enforcement officers seized computer equipment and mobile devices that were used by members of the group during illegal activities. Now the seized equipment is sent for examination.

A criminal case has been opened. If the attackers are found guilty, they face up to six years in prison.
It is worth noting that the Security Service of Ukraine recently exposed a large group of hackers associated with the Darknet.

Members of the group and third parties used server hosting equipment to conduct cyberattacks on the authorities and administration of Ukraine, critical infrastructure of Ukraine, as well as Ukrainian and world banks.

During the investigation, operatives detained the organizer of the group, who since 2011 provided its own server equipment for hosting, administering and distributing malware, bot networks and conducting cyberattacks.

In particular, DDoS attacks were carried out on strategic facilities in Ukraine and banking institutions of other states. The specified hosting was known on the Darknet network under the name "ProHoster" and "Bulletproof.space".

Hacker to stand trial for stealing and distributing Russian Railways data


The investigating authorities completed a criminal investigation into the theft of data from Russian Railways employees. This was reported by the press service of the Investigative Committee of Russia.

According to the Committee, in June 2019, the accused, using illegally obtained accounts of two employees of Russian Railways and 96 unique IP addresses, was able to get to the internal website of the state company. There, he copied several hundred thousand photos and information of the Russian Railways management, as well as other employees of the organization. Later, he posted the data on one of the sites that have hosting in Germany.

Investigators were able to identify the computer genius. It turned out to be a 26-year-old IT specialist from Krasnodar, who admitted his guilt. It was possible to establish the identity of the attacker through joint work with the K department of the Ministry of Internal Affairs of Russia and the security service of Russian Railways. In December 2019, he was charged under the article "illegal receipt and disclosure of information constituting a trade secret".

The leak of data of Russian Railways employees became known in August 2019. They were published on the website infach[dot]me, which allowed users to anonymously publish personal data of other people. Among the data of Russian Railways employees published on the site were their names, phone numbers, positions, photos in the uniform and pictures of the insurance documents. The attackers added a note to the publication "Thank you to Russian Railways for the information provided by carefully handling the personal data of their employees". Later, the information was hidden.

Later, Ashot Hovhannisyan, the founder and technical Director of DeviceLock, a company specializing in preventing data leaks from corporate computers, said that unknown people had posted personal data of 703 thousand people for free access. He also suggested that the leak occurred from the database of the security service of the state company. According to the report for the first half of 2019, the number of employees of Russian Railways amounted to 732 thousand people.
After the leak, Russian Railways assured that the passenger data was not stolen.

Group of 10 hackers was convicted for stealing gasoline and selling


The court issued a verdict on February 3 in the case of theft of fuel at Rosneft gas stations.
The court and investigation found that there were ten people in the hacker group, two women and eight men. They divided criminal roles, came up with a scheme using special equipment and software in order not to top up gasoline at gas stations.

Attackers stole at "Rosneft-Kubannefteprodukt" gas stations. They launched the equipment and modified the information on the computer, which gave them the opportunity not to top up the fuel to customers. They sold the surplus again and divided the profits.

The damage to Rosneft gas stations amounted to more than 1.7 million rubles ($27,000). Its size was calculated based on the price of spare parts that were damaged by attackers in the fuel dispensers.
A criminal case has been opened on the creation, use and distribution of malicious computer programs. The court found the defendants guilty. Depending on the role of each, they were assigned from 1.5 years to 4 years in prison with fines of 200 to 500 thousand rubles ($3,000-$8,000).

Earlier, EhackingNews reported that employees of the Ministry of Internal Affairs in the Khabarovsk region detained 13 employees of one of the companies engaged in retail and wholesale of petroleum products. The hackers introduced the virus into the control system of gas stations. This allowed hackers to steal part of the product purchased by customers.

It is worth noting that in 2018, the FSB found viruses in dozens of gas stations in the South of Russia that allow to not top up fuel. The creator and distributor of viruses was Russian hacker Denis Zaev. In August 2019, Zaev hid several times from law enforcement agencies and was on the Federal wanted list, and then hid on the territory of Georgia. In total, 24 defendants are involving in this criminal case.

Cyber police in Ukraine caught hackers who hacked tens of thousands of servers around the world


Cyber police in the Kharkiv region exposed members of a criminal hacker group who purposefully carried out attacks on private organizations and individuals to illegally gain access to their remote servers. It is established that in this way they managed to hack more than 20 thousand servers around the world.

According to employees of the Department for Combating Cybercrime, the attackers sold the hacked accesses to customers. In addition, law enforcement identified all members of this group. So, it included three Ukrainian and one foreigner. All of them were well-known participants of hacker forums and carried out orders hacking remote servers located in the territory of Ukraine, Europe and the USA.

Cyber police found that the criminal group had been operating since 2014. Its participants carried out bruteforce attacks on private enterprises and individuals. They used for attacks specialized software that exploited vulnerabilities of Windows-based servers.

It is known that attackers sold some hacked servers to other hackers who used the acquired information for their own purposes, for example, they demanded money from a victim or threatened to debit money from bank cards.

They also used part of the servers for their own purposes: creating botnets for mining, DDoS attacks, installing software command centers for viruses like Stealer, turning them into tools for conducting brute-force attacks on new network nodes.

Cybercriminals received income from their illegal activities on e-wallets. Almost $80,000 was found in some accounts.

To coordinate the actions of all members of the international hacker group, communication between them took place through hidden messengers.

Cyber police together with investigators of the Kharkiv region police conducted searches of the places of residence of the persons involved in the international hacker group. Computer equipment, additional media, draft records, mobile phones and bank cards that were used to commit crimes were seized.

Romanian cybercriminals sentenced to 20 years in prison for developing malware


Two Romanian citizens were sentenced to imprisonment for the development and operation of the Bayrob malware, which infected more than 400 thousand computers, and theft of confidential information.

Back in 2016, three members of the hacking group Bayrob were extradited to the US. Law enforcement officers told that citizens of Romania Bogdan Nicolesku aka Masterfraud, aka mf, Danet Tiberiu aka Amightysa, aka amy and dRadu Miclaus aka Minolta, aka min since 2007 engaged in fraud and development of malware, and then their business became a large botnet, which was also involved in cryptocurrency mining.

According to authorities, during the years of activity, the group stole more than four million dollars from its victims, but Symantec analysts, who helped law enforcement agencies to stop the group's activities, reported that in fact, the damage from the actions of Bayrob could be more than $35,000,000.

Bayrob malware was conceived as a tool to steal email addresses from the target computer and then send infected messages to users. Cybercriminals managed to infect and hack more than 400 thousand computers. The attackers registered more than 100 thousand email accounts to send 10 million letters to the collected addresses. The defendants also intercepted requests to Facebook, PayPal, eBay and other websites and redirected victims to similar domains in order to steal their data.

So, if in 2007 about 1000 cars were infected with Bayrob, by 2014 their number increased to 50,000, and by 2016 it exceeded 300,000 altogether.

All three suspects were charged in 2016, but the case came to court much later. At the end of last week, the website of the US Department of Justice reported that Nicolesku and Tiberiu were sentenced to 20 and 18 years in prison.

The Russian Embassy in Washington sent a note of protest to the State Department


The US Department of Justice has confirmed the extradition of Russian hacker Alexei Burkov from Israel. Accused by Americans of credit card fraud, a Russian citizen has already appeared before a federal judge in Virginia. Burkov faces up to 80 years in prison. The Russian Foreign Ministry sent a note of protest to the State Department, soon the consuls will be sent to the Russian citizen.

"In connection with the extradition of the Russian citizen Burkov from Israel to the United States, we have taken a decisive demarche regarding the “hunt” unleashed by Washington for our citizens around the world. In the note sent to the State Department, we demanded strict compliance by the American side with existing bilateral obligations," reported the press service of the Russian diplomatic mission.

The Embassy noted that Russian diplomats "will soon visit a compatriot in a pretrial detention center in Virginia."

Earlier, the US Department of Justice said that according to court documents, Burkov allegedly ran a website called Cardplanet that sold payment card numbers, many of which belonged to US citizens.
"Stolen data from more than 150,000 payment cards were allegedly sold on Burkov's website and led to fraudulent purchases made from US credit cards worth more than $20 million," stated the US Department of Justice.

It is noted that if Burkov is found guilty on all counts, he faces up to 80 years in prison.
Earlier, Russian President Vladimir Putin proposed to exchange the Israeli woman, who has dual citizenship — Israel and the United States. She was sentenced to 7.5 years in prison for smuggling hashish. Putin discussed the case with the Prime Minister of the Jewish state, Benjamin Netanyahu. However, he refused to make such an exchange.

Recall that Burkov was detained at the airport in Tel Aviv in 2015 when he came to Israel on vacation. He was later charged with crimes in the sphere of cybersecurity. He calls himself an information security specialist and denies the charges of committing the crimes imputed to him. All the time since the arrest he spent in Israeli prisons.

It is worth noting that Alexei Burkov will not be the first Russian convicted in the United States, whose return will be required by the Russian Foreign Ministry.

The Russian security guard arrested for stealing login credentials of Gamers and selling them


The court began consideration of the case of a hacker from Novosibirsk, who was engaged in the theft of credentials gaming accounts right at the workplace in the Novosibirsk State Agrarian University, where he worked as a security guard. Data was subsequently sold over the Internet. The security guard was engaged in this activity not less than half a year.

31-year-old former employee of a private security company for six months combined his hacker activity with work as a university security guard, this continued until January 2019. According to the materials of the case, the man downloaded hacker programs for stealing logins and passwords for popular gaming platforms, including Steam and the Rockstar Games and Electronic Arts services.

The hacker sold the received data through the FunPay electronic exchange. The investigation was unable to establish the exact number of hacked accounts, but tracked the payment received by the hacker on the site. However, the business did not have high profitability, since in six months the hacker was able to earn only about 1.7 thousand rubles ($26).

The security guard was caught by the FSB officers, calculating the origin of computer attacks by IP-address. The accused has fully admitted his guilt. Prosecutor's office demands for him two years suspended sentence, without payment of a fine.

It is worth noting that this is not the first time in recent years, when a hacker appears in court in the case of hacking accounts with special software. For example, in June 2019, a hacker from Chelyabinsk was sentenced to 10 months in prison for hacking personal accounts of users in payment systems and accounts in social networks with the help of malware. But the hacker did not manage to steal money from the victims.

Hacker from Samara city sentenced for Creating and Selling Malware


Sergei Materov, a 42-year old hacker from Samara, the sixth largest city in Russia, has been sentenced at the Prikubansky District Court of Krasnodar for creating and distributing malicious computer programs , under part 2 of article 273 of the Criminal Code of Russian Federation.

According to the local news report, the malware created by him were capable of neutralizing security solutions installed and steal, modify, block and destroy information on the infected computer.

The convict came to Kuban to earn money. He started to do freelance software development from home. He also posted advertisements on the Internet in which he offered software development for computers.

An unnamed person responded to his ads and paid him 6800 Rubles for developing two malicious programs.

Materov was detained by the FSB officers and later sentenced to one year and three months imprisonment.

- Christina
 

Russian Citizen suspected of cybercrime was arrested in Estonia



A 20-year-old Russian IT programmer is suspected of cyber espionage. He was traveling from Estonia to Russia and was detained at the border crossing in Narva.

According to the local media, the Estonian Security Police(KaPo) allowed the suspect to work for some time unhindered, as a result of which he was linked to the Security Service of Russian Federation.

Authorities said that he is a member of the FSB and was preparing a mass cyber attack on the computer systems of the Estonian State Institutions. According to them, the Russians was trying to make some device or computer program with which he can get access to local computer systems.

Elena Vladimirovna, mother of the suspect, told media that it is completely unexpected for her since her son was never seen in any unlawful actions.

"Of course, I hope that everything will end well and we will be able to prove his innocence." Elena was quoted as saying by Local Media Sputnik. "However, the services of a good lawyer cost a lot of money, which I do not have. Perhaps, the Russian embassy will be able to help us in some way, but I will not let my son to Estonia again never"

The Russian Embassy in Estonia is ready to help. The Embassy asked Estonian Foreign Ministry to give permission to meet the arrested person.

A criminal case has been instituted against the suspect under article 233 of the Penal Code of the Republic of Estonia "Non-violent acts of an alien directed against the Republic of Estonia" and article 216 "Preparing a computer crime". He faces up to 15 years in prison, if convicted.

- Christina

Russian hackers stole 60.5 million rubles using malware

According to the Ministry of International Affairs of Russian Federation, two natives of the Sverdlovsk region stole more than 60.5 million rubles from Petropavlovsk-Kamchatsky (center of Kamchatka Krai) Bank and another commercial organizations.

Irina Volk, official representative of the MIA, said that hackers were able to access the computers of the affected organizations using Malware.  Stolen money was transferred to the Bank accounts of front organizations and cashed.

Criminal cases of illegal access to computer information and cybercrime will be heard soon. According to the first case, hackers can face up to five years imprisonment. According to second, they can face up to ten years with a fine up to one million rubles.

It is known that they have another partners. The investigation against hacker group continues.

According to Ilya Sachkov (CEO and founder of Group-IB), 100% effective safeguards against cyber attacks does not exist, but every organization can reduce the risks and improve protection of banks. The most important thing for organizations is creation their own Information Systems and Security Division.

- Christina

Trial Of a Group Accused Of Hacking Transport Card System "Troika" To Resume On September 12



Trial of Russian hackers who are accused of hacking transport card system "Troika" and other transport cards is postponed from 31 August to September 12. The accused are Denis Kazmin, Yury Putin and Pavel Andryushin.

The group bought the details of the Turnstiles (like in metro) for the creation of malicious software. After studying the working process of Turnstiles, they developed a program in Object Pascal Programming language, namely "Terminal.exe" "ATMega128_BackDoorBootLoader.asm".

The program allowed them to get information of the carrier, memory dumps and access keys from the Turnstiles located at one of the Moscow station. The information were used for adding money to transport card and sold the card.

The hackers may receive 3 to 4 years of imprisonment

Experts were surprised, according to them, transport card fraud is a rare, because in this way you can not earn big money. The whole damage amounted to 2 million rubles.

It's interesting to note that in May 2016 another Russian researcher Igor Shevtsov did research and wrote an article(https://habrahabr.ru/post/301832/) about a critical vulnerability of transport card "TROIKA".

He explained how to fake balance of the card and how travel on public transport for free.  It took him 15 days, he used Android smartphone with NFC chip. He also created an android application TroikaDumper to exploit the vulnerability. The Representatives of Moscow metro contacted with the researcher and fixed the vulnerability after few days. The article written by Shevtsov is now removed.

- Christina
 

Two Israeli Teenagers arrested and charged for selling DDOS Service


Two Israeli teenagers from Sharon region were formerly arrested after eighteen months of investigation.

The Israelis are responsible for thousands of cyber attacks around the world, causing damage estimated in more than million dollars.

According to local news report, they have created a Shell company in England and sold Distributed Denial of Service (DD, OS) attack as service.

"In January of 2016, a covert investigation was opened against the suspects who set up and managed a website called vdos-s[dot]com, which sold packages created to cause the servers to crash," police told local news report.

The DDOS attack is used for disrupting access to the victims' websites. Price of the "attack pacakge" offered by them was ranged from 19.99 $ to $ 499,99.

More than two million cyber attacks were conducted in the United States, England, Holland and Sweden, causing multi million-dollar losses. Suspects earned above 613 thousand dollars. The money was seized after Bank accounts were identified and frozen.

- Christina

Gozi Banking Trojan Creator pleads guilty

Creator of Banking Trojan 'Gozi' admitted his crime and is now awaiting sentencing.

Gozi is a trojan seen in action for quite some years now, and was first reported in 2007. It is a genuine threat to bankers and online banking in general as it has been separating people from their fortune.

In 2013, few men were arrested under the charges of operating the Gozi. Finally one of them, Deniss Calovskis, 30, has admitted committing the felon and pleaded guilty. Calovskis was held responsible for writing some of the codes for the trojan, according to a statement put out by the FBI in 2013. The agency said that the Latvian coder user the moniker 'Miami' in the web world, was arrested on suspicion of authorship for the code in his country in November 2012.

It was said and confirmed, that his codes misled people into thinking that they were on official banking sites.The US authorities were quite flabbergasted with the gang and the malware that provided the dark economy with "tens of millions of dollars". The rest of the gang are Russian Nikita Kuzmin and Romanian Mihai Ionut Paunescu. Reuters reported that the former admitted her crime in 2011, and that the latter is subject to extradition attention.

"This long-term investigation uncovered an alleged international cybercrime ring whose far-reaching schemes infected at least one million computers worldwide and 40,000 in the US, and resulted in the theft or loss of tens of millions of dollars," said FBI assistant director in charge George Venizelos."Banking trojans are to cyber criminals what safe-cracking or acetylene torches are to traditional bank burglars, but far more effective and less detectable. The investigation put an end to the Gozi virus."

Six teenagers arrested for using Lizard Squad's DDoS service


(PC- google images)
Six teenagers were recently arrested and later bailed on account of using the hacking tools of a certain Lizard Squad to breach softwares and websites, which included gaming companies, school servers and even newspapers.


The teenagers, aged between 15 to 18 and all male, were arrested during an operation by the UK police in search of hackers using the Lizard Stresser tool that allows the user to send spam to system and facilitate the denial of service (ddos) attack, which makes the website unavailable to the real time visitors.

In the past, such ddos attacks have caused both reputational and financial damage to services provided by big business giants like Sony to even government websites, while these attacks interrupt the smooth functioning for a time interval that starts from a few hours and can last till weeks.

This tool was effectively used by the Lizard Squad in December 2014, to interrupt the online gaming services of Microsoft’s Xbox Live and Sony’s PlayStation Network. The tool is available in the market and can acquiring it can make a normal person into a potential hacker who can then select their targets according to their will.
The UK police arrested the teenagers with the help of the National Crime Agency(NCA), while they were trying to pay anonymously for the tool using BitCoin. However, none of the six teenagers have been confirmed to be a member of the Lizard Squad.

Tony Adams of NCA’s cybercrime unit, explained that by a small amount, a person can acquire the Lizard Stresser that can ruin big businesses and make access to information a deliria for the public. He further added that the arrest was made under an operation named ‘Vivarium’, and that the teenagers were operating from all across UK.


A member of Lizard Squad was arrested in Twickenham in December for their involvement in cyber attacks, while a further member was arrested in May for pranking armed police. However, the hacking group’s tool remains available, despite its site being hacked revealing customers’ details.

20-year-old student pleads to making spy app for Android phone



A 20-year-old student of Carnegie Mellon University has pleaded guilty to developing and selling malicious software that allowed others to remotely control Google Android phones, including using the phones' cameras to spy on their owners.

Morgan Culbertson, a resident of Churchill, could face up to 10 years in prison and $250,000 in fines when he is sentenced Dec. 2.

However, it is unclear that how many phones were actually infected by malicious software after his court appearance before a federal judge in Pittsburgh.

It is said that if anyone’s phone gets infected from the app, it can remotely control by others and used to spy and secretly take pictures without the phone owner's knowledge. It also records calls, intercept text messages and otherwise steal information the owners downloaded on the devices.

According to a news report published in IndiaToday, he is one of 12 people charged by U.S. authorities, and the fourth to plead guilty so far, in the worldwide takedown of the Darkode.com cybercriminal marketplace.

Almost 70 other people have been targeted for allegedly using the cybercriminal marketplace where hackers bought and sold malicious software.

"I committed the crime, so I am responsible," Culbertson said after pleading guilty, according to the Pittsburgh Tribune-Review. "I understand what I did was wrong and I take full responsibility. I would like in the future to use may skills to help protect people."

Assistant U.S. Attorney Jimmy Kitchen said that Culbertson worked online with a man identified only as "Mike from the Netherlands" to create Dendroid, the malware that was secretly linked to Android phone apps available for purchase through Google Play.

Russian hacker's profit frozen after manipulating Australian stockmarket


The New South Wales Supreme Court has restrained more than $77,000 of a suspected Russian hacker, who manipulated penny stocks on the Australian share market.

The joint operation by the Australian Securities and Investments Commission (ASIC) and Australian Federal Police (AFP) investigated a series of suspicious trades in cheap “penny stocks”.

After the operation, “Operation Emerald”, the investigators targeted the suspected Russian hacker , who manipulated market through an overseas account that traded through Morgan Stanley Australia.

ASIC’s surveillance team  spotted the suspicious trades in between August and October last year.

According to the ASIC,the trades were made through hacked retail clients account, and they targeted 13 penny stocks.

ASIC commissioner Cathie Armour said that they will continue to “help smash” any criminal activity targeting the Australian market.

“[ASIC] staff continue to monitor and detect suspicious trading activity and work with market participants to ensure account hacking is swiftly identified and stopped,” Ms Armour said.

Penalty of up to 10 years in jail for manipulating the market.

Three Estonian men sentenced for internet fraud by US court

Manhattan federal court has sentenced over three years imprisonment to three Estonian men for their involvement in an Internet scheme that infected more than 4 million computers in over 100 countries.

U.S. District Judge Lewis A. Kaplan said that, "It's hard to pick up a newspaper this summer without reading about another one." Justifying his decision he said it was important to impose tough sentence.

Timur Gerassimenko, 35, was sentenced to four years, Dmitri Jegorov, 37, got 3 2/3 years and Konstantin Poltev, 31, received 3 1/3 years for their roles in an internet  fraud.

According to the government, Gerassimenko was the main culprit behind this fraud, he hired programmers, Jegorov as the lead network administrator while Poltev as the public face of the enterprise.

When the men were arrested in Estonia, Gerassimenko was ordered to forfeit $2.5 million while Jegorov and Poltev were each told to forfeit $1 million. All three of them  apologized for their crimes before they were sentenced.

The fraud has affected computers belonging to government agencies such as NASA, along with educational institutions, nonprofit organizations, businesses and individuals.

The malware scheme that was  carried out with co-conspirators in Russia and Ukraine, cost NASA more than $65,000 in repairs.

All three men sentenced Thursday are serving sentences in Estonia for similar crime.