Most of those charged by the US authorities, including many Russian nationals, acted as “money mules,” or money-laundering agents, merely concerned with moving stolen funds for their Zeus-armed clients.
“The mule organization typically recruited mules from Eastern Europe who were either planning to travel to or were already present in the United States on J1 visas,” reads one of the complaints in the matter.
"The mules kept a portion of the fraudulent proceeds for themselves -- usually 8 to 10 percent -- and transferred the rest to other participants in the fraudulent scheme."
The trojan, which mainly spreads through phishing and drive-by download attacks, is said to have helped thugs rake in over $200 million since 2006.
If you're an NBA fan, then you've undoubtedly heard of the 'hack-a-Shaq' method of playing defense, but have you ever heard of Shaq the hacker?
Otherwise known as The Big Diesel, The Big Cactus, and more recently The Big Shamrock (who, incidentally, will help the Boston Celtics reign in their 18th Championship -- that's right, this editor's calling it), Shaquille O'Neal stands accused of hacking into a computer and trying to frame former employee Shawn Darling for possessing child porn, the Boston Herald reports.
The 15-page complaint alleges Shaq committed a number of crimes, including dumping his iMac in a lake behind his house to destroy evidence, breaking into the voice mail of a mistress to erase messages and change her password, hacking into Darling's voice mail, and using his law enforcement connections to frame Darling for multiple crimes.
"Mr. O'Neal has made it crystal clear that he will never respond to these outrageous tactics," Shaq's legal team said in a statement. "As a result, Darling filed a lawsuit which seeks only to embarrass, harass, and extract money from Mr. O'Neal."
The insurgent network administrator assumed absolute control over the city's network for a 12-day period in 2008. Although he locked out the city from its own network during this period, Childs was kind enough to let the network run unhindered. But that gesture of generosity wasn't enough to prevent his arrest in June, 2008 guilty. He was finally convicted on one felony count of network tempering on April 27, 2010.
Childs is effectively half way through his sentence, having already served more than two years in custody.
Had 45-year-old Barry Ardolf, an accused hacker living in Minnesota, been on an episode of "Deal or No Deal," the audience would have been screaming for him to take the deal. Only in this case, Howie Mandel was no where to be seen and the stakes were decidedly higher.
The deal was for 2 years in prison in connection to charges accusing him of hacking into a neighbor's computer and using it to send Vice President Joe Biden a threatening email. His lawyer said the decision to reject the plea "was a difficult one," and those words may come back to haunt Ardolf.
According to authorities, Ardolf now faces up to 20 years in prison after additional charges were tacked on. He's looking at up to 10 years for two child-porn accusations, and five years each for two hacking charges.
Ardolf is currently out on $25,000 bail with the conditions that he be denied Internet access and must surrender his electronic devices, including his iPhone.
With all the damage hackers are capable of inflicting on your system, you might be under the impression that they're using the most sophisticated software tools on the planet. You'd be wrong, security experts say.
On the contrary, researchers claim that many of the malware kits out in the wild are filled with security holes, sort of a software version of Swiss cheese. And as it turns out, these same bugs can be used not only to identify who it is on the other side of the attack, but also to launch a counter-attack, researchers say.
There are some cyber criminals who code their own software, but the majority of them just go out and grab one of the many available malware kits. Laurent Oudot, a French security expert from Tehtri Security, took apart several of the more popular kits and found a bunch of loopholes he says are relatively easy to exploit, which would allow researchers to "hack the web hackers."
The downside? Doing so might "lead to legal issues," Oudot admits.
Andrew Auernheimer, a 24-year-old authorities believe is one of the hackers who participated in Goatse Security's shenanigans in which some 114,000 iPad owners' emails were obtained through a security flaw and then posted online for all to see, has been arrested. Want to venture a guess as to why?
If you said "drugs," then you cheated, but you're also correct. By way of an FBI search warranty, Auernheimer, who goes by the name "Escher" and the hacker handle "Weev," had his home raided earlier this week. It's unclear what prompted the warrant, but during the search, authorities claimed to have found drugs.
Auerner faces four felony charges of possession of a controlled substance and one misdemeanor possession charge. According to Lt. Anthony Foster of the Washington County Detention Center in Fayetteville, Arkansas, the drugs included cocaine, ecstasy, LSD, and schedule 2 and 3 pharmaceuticals.
What's interesting about all this is there doesn't seem to be any indication that Auernheimer faces charges for the hacking incident, even though he's believed to be a key member of the Goatse Security group that discovered the security flaw in an AT&T website for iPad users. In a letter sent out last week to iPad owners, AT&T said it would assist in the investigation of any illegal activities related to the security breach.
In what's being described as AT&T's worst security breach in recent history, the wireless company went and left sensitive information on 114,067 owners of the iPad 3G exposed on the Web. The subscriber data was obtained by a group calling itself Goatse Security, who then published the personal email addresses of the victims, including military officials, CEOs, prominent politicians, and celebrities.
AT&T, which has confirmed the breach, insists that only email addresses were lifted, and that more sensitive data like credit cards and home addresses were not compromised.
"AT&T was informed by a business customer on Monday of the potential exposure of their iPad ICC IDS," AT&T said in a statement. "The only information that can be derived from the ICC IDS is the e-mail address attached to that device. This issue was escalated to the highest levels of the company and was corrected by Tuesday; and we have essentially turned off the feature that provided the e-mail addresses. The person or group who discovered this gap did not contact AT&T. We are continuing to investigate and will inform all customers whose e-mail addresses and ICC IDS may have been obtained. We take customer privacy very seriously and while we have fixed this problem, we apologize to our customers who were impacted."
While this one falls on AT&T's shoulders, the breach doesn't look good for Apple, either. This latest incident comes just weeks after an Apple employee left an iPhone prototype in a bar.
This should come as a suprise to absolutely no one, but underground merchants in China are cashing in on weak Wi-Fi encryption by selling network key cracking kits. What is a little surprising, however, is how brazen the sellers have become. Available both online and at China's electronics bazaars, the kits consist of a Wi-Fi USB adapter with a Linux OS, key-breaking software, and an easy-to-follow user manual. The whole shebang is being marketed as free Internet.
It doesn't take a whole of tech savvy to use one of these kits, nor do they require a hefty investment. Some merchants are selling Wi-Fi cracking kits for as little as US$24, and sellers offer free setup from an associate on the opposite end of the building.
Both WEP and WPA keys are vulnerable, the former by exploiting a long-known weakness in the protocol and the latter by way of a brute-force attack.
"Depending on many factors, WEP keys can be extracted in a matter of minutes," said one of the kit's developers who goes by the name Muts. "I believe the record is around 20 seconds."
A 9-year-old student attending a Fairfax County Public School in Falls Church, Virginia, created quite the scare for his school district. Faculty thought it was the victim of a hacker attack after someone had been changing teacher passwords on the school district's Blackboard system.
Local police were called in to investigate, who then traced the incident to the home of a 9-year-old student. The kid didn't actually hack the system, but had simply swiped a teacher's password from a desk.
"This was a case where an individual...got hold of a teacher's password, and the passwords had administrative rights," said Paul Regnier, a school board spokesman.
The rebellious student used the administrative account to change enrollment lists and alter other teachers' passwords. Much to the student's chagrin, however, he wasn't able to alter grades or access other machines on the school's system.
"Nothing bad happened this time, but we have to make sure that...it doesn't happen again," said Regnier.
Not writing down high-level passwords and putting them in an unlocked desk might be a start.
The real victim here might be Fancois Cousteix, an unemployed Frenchman who goes by the online handle "Hacker Croll." Sure, he's accused of hacking into Twitter and poking around the accounts of President Barack Obama and singers Britney Spears and Lily Allen, but he's a nice guy - just ask him.
"I'm a nice hacker," Cousteix told France 3 television on Thursday, a day after he was released from police questioning.
According to "Hacker Croll," there was no malicious intent, and in fact he wanted to warn Internet users about data security. By breaking into celebrity and high profile accounts. On Twitter.
"He says it's the challenge, the game, that made him do it," said Jean-Yves Coquillat, prosecutor in Clermont-Ferrand, where the suspect will go to trial in June for hacking.
Though he didn't profit from the hacked accounts, Cousteix stands to serve up to two years in prison and a fine of nearly $41,000 if convicted on the charge of breaking into a data system.