Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).
- Cybercrime Gang: Fraud Estimates Hit $1B: Experts Say Anunak/Carbanak Malware Attacks Still Under Way (BankInfoSecurity)
A notorious cybercrime gang continues to target financial services firms and retailers. A new report estimates that the Anunak - a.k.a. Carbanak - gang has now stolen up to $1 billion from banks in Russia, the United States and beyond, in part by using "jackpotting" malware that infects ATMs and which attackers can use to issue cash from ATMs, on demand.
Vawtrak Banking Trojan Uses Windows PowerShell, Macros in Infection Routines (Security Week)
Vawtrak, also known as Neverquest and Snifula, has evolved a great deal over the past months. In September, PhishLabs researchers noticed that cybercriminals had expanded not only the malware’s capabilities, but also the list of targeted financial institutions. The initial Vawtrak attacks primarily targeted banks in Japan.
- The Rise in State Tax Refund Fraud (KrebsOnSecurity)
Intuit: Anti-fraud Improvements by IRS Fuel Up To 3700 Percent Rise in Phony State Filings
- UPDATE 3-Hack gave U.S. and British spies access to billions of phones – Intercept (Reuters)
U.S. and British spies hacked into the world's biggest maker of phone SIM cards, allowing them to potentially monitor the calls, texts and emails of billions of mobile users around the world, an investigative news website reported.
Android malware fakes phone shutdown to steal your data (PC World)
Next time you turn off your Android phone, you might want take the battery out just to be certain. Security vendor AVG has spotted a malicious program that fakes the sequence a user sees when they shut off their phone, giving it freedom to move around on the device and steal data.
Lenovo Shipping PCs with Pre Installed ‘Superfish Malware’ that Kills HTTPS (TheHackerNews)
One of the most popular computer manufacturers Lenovo is being criticized for selling laptops pre-installed with invasive marketing software, or malware that, experts say, opens up a door for hackers and cyber crooks.
Hackers force closure of Canadian Bitcoin exchange Cavirtex (Naked Security)
Canadian Bitcoin exchange Cavirtex has announced its imminent closure following an apparent security breach.
Russian extradited to US for hacks that stole 160 million credit card numbers (IT World)
A Russian man accused of high-profile cyberattacks on Nasdaq, Dow Jones, Heartland Payment Systems and 7-Eleven has been extradited to the U.S. and appeared in court in Newark, New Jersey, Tuesday.
Evil CSS injection bug warning: Say hello to a fascinating vulnerability in web scripts (TheRegister)
Developers should check their websites for path-relative stylesheet import (PRSSI) vulnerabilities, which can allow miscreants to hijack web pages and steal login cookies, security researchers have urged.