STE WILLIAMS

The two ringleaders of a gang that siphoned more than £2.8m from bank accounts were jailed on Monday following an investigation by the Met’s Central E-Crime Unit (PCeU).

Ukrainian nationals Yuriy Konovalenko, 29, and Yevhen Kulibaba, 33, both resident at the same address in Chingford, Essex, were each jailed for four years and eight months at a sentencing hearing at Croydon Crown Court. Both pleaded guilty to conspiracy to defraud at an earlier hearing.

The duo are among 13 jailed over a sophisticated banking fraud that succeeded in compromising the online banking accounts of hundreds of victims, as explained in a PCeU statement on its investigation into the scam, codenamed Operation Lath.

The fraud was perpetrated through the use of banking ‘Trojans’ to infect the personal computers of bank account holders and subsequently secure funds from them. The malicious software programme was able to capture confidential information, such as usernames, passwords and account numbers. These details were then used to access those accounts without the knowledge of the owners. Funds were then transferred to a large number of receiving accounts controlled by the group.

Konovalenko was based in the Ukraine, while Kulibaba was his chief lieutenant in the UK. Collectively the pair ran a network of phishing mules who set up local bank accounts to receive funds from compromised accounts. The gang made £2,884,000 through the scam between September 2009 and March 2010. A further £1.4m in attempted transfers were blocked. Victims included individuals and businesses in the UK and US.

During its investigation into the case the PCeU worked closely with UK banks as well as agents from the FBI and the US Department of Justice. The investigation led to a series of raids at addresses in London and the Home Counties that resulted in the arrest of 20 people. During house searches, computers, mobile telephones, false passports, banking documents and other items were seized and later examined.

The PCeU’s Detective Inspector Colin Wetherill said: “The investigation involved unprecedented levels of cooperation between the Metropolitan Police, the UK banks, the FBI and other UK and international law enforcement agencies. We are working hard to reduce the harm caused by these activities, to put fear into the minds of those contemplating these conspiracies and to bring such offenders to justice.” ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/11/01/banking_trojan_ring_leaders_jailed/

LCC Twitter and Facebook didn’t start the revolutions in the Middle East, but they did accelerate them, according to Yemeni activist Atiaf Alwazir.

Speaking at the London Conference on Cyberspace, Alwazir told delegates that people were the real agents of change in the region, but the internet has helped to speed up their movements.

“Twitter really helps in spreading the news,” she said, adding that Facebook worked well as a place to organise meetings between activists.

Alwazir highlighted how the web helped to educate Yemenis, allowed protestors to document human rights violations and gathered global support for their protests.

As an example, she said she had received an online threat from someone on YouTube when she uploaded video footage of a protest.

“I snapped a screenshot of the threat and put it on Twitter and two hours later on YouTube, people I didn’t know had messaged this person telling him or her you can’t threaten people and eventually the person’s account was so full they deleted it,” she laughed.

However, she pointed out that the internet also has huge challenges in the Middle East.

In Yemen, there is a high incidence of illiteracy and low penetration of internet access.

“We face many challenges, mainly this urban/rural divide and the digital divide,” she said. “In countries where there’s high illiteracy rates and low internet access how can we engage the people?”

She said for the most part, Yemenis use radio and SMS to mobilise, not social networks.

She also pointed out that online activities like live-streaming protests or human rights violations were great for documenting and spreading information, but could also backfire on the activist.

“There are security issues. Live-streaming is a great tool to document events but it’s also a great tool to find where the live-streamer is,” she said. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/11/01/yemeni_activist_middle_east_protests/

LCC UK Prime Minister David Cameron has insisted that government “doesn’t own the internet, run the internet or shape the internet”, despite having said that he was considering shutting down social media during the London riots.

Cameron said in a speech to the London Conference on Cyberspace (LCC) today that the task of the international community was to strike the right balance in protecting net users from criminals and terrorists and allowing freedom online.

“Governments must not use cyber security as an excuse for censorship, or to deny their people the opportunities that the internet represents,” the prime minister said, echoing earlier sentiments from Foreign Secretary William Hague at the conference.

“We cannot go the heavy-handed route. Do that and we’ll crush all that’s good about the internet – the free flow of information, the climate of creativity that gives life to new ideas and new movements.”

However, Cameron told Parliament after the riots that “we are working with the police, the intelligence services and industry to look at whether it would be right to stop people communicating via these websites and services when we know they are plotting violence, disorder and criminality”.

Shortly after, representatives from Facebook, Twitter and BlackBerry were called in front of a Home Affairs committee to talk about their services’ role in the rioting and looting that took place in August, but no action was taken in the end.

The Prime Minister also said in the speech that the Foreign Secretary had told him there were “some detailed and productive conversations so far today” between the delegates at the conference, hinting that the UK is looking to start meaningful agreements on the future of cyberspace rather than just chat.

Cameron reiterated the UK’s commitment to cyber security during his speech, saying it was a “real and pressing concern”.

“These are attacks on our national interest. They are unacceptable. And we will respond to them as robustly as we do any other national security threat,” he said.

“Internationally, we’re inviting others to join us in a network wide enough and powerful enough to face this threat down,” he added. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/11/01/pm_supports_net_freedom_when_no_riots/

Josh Holly, the self-confessed Miley Cyrus hacker, has avoided jail for unrelated computer crimes, receiving three years’ probation at a sentencing hearing on Monday.

Holly, 22, from Murfreesboro, Tennessee, pleaded guilty last April to possessing about 200 stolen credit card numbers as well as running a celebrity MySpace pages spam scam that earned him an estimated $100,000. Holly was spared jail time because he’d agreed to inform on his former hacking cohorts to the FBI. Defence arguments that he was a “first-time offender of immature mental age,” may also have counted in his favour.

We doubt the bizarre defence contention that Holly’s diminutive height made him unsuitable for the Big House cut any ice with the judge. Holly stands at 5 feet 6 inches, 1.68m, or the same height as celebrated oil-rig firefighter Paul “Red” Adair.

Holly (AKA TrainReq) boasted in 2008 that he had cracked the Gmail account of Miley Cyrus and stole provocative pictures of the then 15-year-old before posting them online. The Hannah Montana star supposedly sent the sexually suggestive pics – which featured the teen in a wet T-shirt – to singer Nick Jonas of the Jonas Brothers before Holly raided them from the compromised account. He was never charged with this particular crime but was instead arrested and charged over unrelated cyberscams, following an FBI raid on his flat in October 2008.

Wired has more details on Holly’s various misdeeds, alongside a copy of his mugshot, in a story on his sentencing here. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/11/01/miley_cyrus_hacker_probation/

Asian countries collectively relayed more than half (50.1 per cent) of the world’s spam last quarter.

Although the USA remains the single worst offender, lax security in Asian nations meant many of the botnet drones spewing junk mail were located in countries such as South Korea and India. Asian countries disgorged 50.1 per cent of the world’s junk mail last quarter, compared to 30 per cent of all spam, according to latest junk mail stats from net security firm Sophos.

A ‘Dirty Dozen’ of spam-relaying countries for Q3 2011 blames South Korea for 9.6 per cent of all global spam emails, second behind only the US in the list of shame. Several other Asian nations – Indonesia, Pakistan, Taiwan and Vietnam – have joined the Dirty Dozen since Q3 2010. Meanwhile India, a longer-term fixture on the list, dropped to third place behind South Korea while still being responsible for relaying 8.8 per cent of the world’s spam.

By contrast, Europe contributes over 10 per cent less spam in Q311 than it did during the same period last year, a development that meant several European nations exited the Dirty Dozen. For example, the UK dropped from fifth place in the list in Q3 2010 to 16th place overall in Q311 as its spam relaying output fell from 5 per cent of global total to just 1.6 per cent over the intervening 12 months.

What hasn’t changed over recent years is that vast majority of spam emails continue to be distributed via botnets.

Sophos reckons greater availability of internet access in Asia is fuelling the increase in spam from the continent. “These latest statistics suggest that, as more people get online in Asia, they are not taking the right measures to protect their computers from infection, which results in the growth of botnets,” said Graham Cluley, senior technology consultant at Sophos. ®

Top 12 spam-relaying countries for July to September 2011, according to Sophos

1. United States – 11.3 per cent
2. S Korea – 9.6 per cent
3. India – 8.8 per cent
4. Russia – 7.9 per cent
5. Brazil – 5.7 per cent
6. Taiwan – 3.8 per cent
7. Vietnam – 3.5 per cent
8. Indonesia – 3.3 per cent
9. Ukraine – 3.1 per cent
10. Romania – 2.8 per cent
11. Pakistan – 2.0 per cent
12. Italy – 1.9 per cent

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/11/01/asian_spam_deluge/

Air travellers in the US can rest easy that they can happily pack sex toys in their luggage after the Transportation Safety Administration began a “removal” action on an errant employee.

The TSA found itself impaled on the horns of a dilemma last week when Jill Filipovic, a New York-based lawyer and blogger, revealed that a TSA screener had left a hand-written note attached to the vibrator she had slipped into her checked baggage.

The scrawl, on the standard note left in bags that have been screened, read “get your freak on girl”.

Rather than simply freaking, Filipovic posted the note onto Twitter, prompting a frenzy of tweets about “vibration of privacy” along with warnings never to use the device again.

For its part, the TSA’s inhouse “Blogger Bob” announced an investigation into the “highly inappropriate note” which quickly identified the smirking individual responsible.

Bob reassured readers that they can safely pack their silver bullets and rampant rabbits in their checked luggage, saying “The handwritten note was highly inappropriate and unprofessional, and TSA has zero tolerance for this type of behavior.”

Intriguingly, Bob added that “Agency officials have also reached out to the passenger to personally apologize for this unfortunate incident.”

In a postscript he added that the investigation was now complete, and the TSA “has initiated action to remove the individual from federal service”.

The employee was entitled to due process, but “[p]ending the completion of the removal action, the employee will not perform any screening duties”.

But the guardians of public safety have used the opportunity, and no doubt rush of readers to its blog, to warn that it still takes a dim view of passengers who try to sneak shooters and shanks onto planes hidden in their nuts.

On a post on Friday, Bob detailed the week’s haul of loaded weapons from passengers’ hand luggage, including seven loaded pistols on the 25th alone. One passenger apparently tried to slip in a knife by secreting it in their nuts. Peanuts that is. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/11/01/tsa_privacy/

Amazon has played down the significance of a recently discovered vulnerability affecting its flagship Amazon Web Services cloud computing platform.

Interlinked security shortcomings created a theoretical mechanism for hackers to issue rogue admin requests, such as stopping virtual machines in an EC2 virtual environment or either create or deleting images. The technique relied on manipulating digitally signed SOAP messages in such a way as to avoid detection.

The attack was potentially possible because application signature verification and XML interpretation were handled separately by Amazon’s SOAP interface. Eucalyptus, an open-source based framework for creating private cloud installations, was similarly vulnerable to the same kind of signature-wrapping attacks, according to a team of computer scientists from Germany’s Ruhr University. The Ruhr team only went public last week after both Amazon and Eucalyptus had fixed the flaws, which arose from the possibility of modifying partially signed XML documents.

In addition, the researchers discovered cross-site scripting gaps between the AWS interface and the Amazon store, creating a possible means to inject malicious script code, creating a potential way to lift users’ digital certs.

In a statement, Amazon said that none of its customers had actually been affected by the “potential vulnerability”. Amazon goes on to point out the obstacles that would have stood in the way of a practical attack, even before it plugged the underlying security vulnerability highlighted by the Ruhr team.

This potential vulnerability involved a very small percentage of all authenticated AWS API calls that use non-SSL endpoints and was not a potentially widespread vulnerability as has been reported. Additionally, customers fully implementing the AWS security best practices were not susceptible to these vulnerabilities.

The [Amazon] team works with security researchers around the world to identify potential vulnerabilities and to inform and educate cloud users of the importance of maintaining strong security processes in the cloud.  When a potential vulnerability is identified, we work with researchers to quickly address the vulnerability and inform customers via the AWS Security Center. The potential vulnerabilities reported by researchers at Ruhr-University Bochum have been corrected and no customers have been impacted. The AWS security center provides a summary of the research findings and reminder of best practices for proper user validation.

Contrary to the headline in our original story, the admitted security would never have allowed hackers to take over AWS.

An Amazon security advisory, published on the Thursdsy in the weekend before the Ruhr team went public, explains why the now-plugged security weaknesses are nothing to lose sleep over. “The research showed that errors in SOAP parsing may have resulted in specially crafted SOAP requests with duplicate message elements and / or missing cryptographic signatures being processed,” the advisory explains, adding that the XSS flaw created a potential means to snatch customer’s public X.509 certificate, allowing exploitation of the primary vulnerability.

“Both the SOAP and XSS vulnerabilities have been corrected and extensive log analysis has determined that no customers were impacted,” Amazon’s security advisory concludes. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/11/01/amazon_downplays_cloud_crypto_flaw/

LCC Too many countries are interfering in their citizens’ right to internet freedom, the Foreign Secretary told the London Conference on Cyberspace (LCC).

“[These states] are seeking to go beyond legitimate interference or disagree with us about what constitutes ‘legitimate’ behaviour,” William Hague said.

“Some governments block online services and content, imposing restrictive regulation, or incorporate surveillance tools into their internet infrastructure so that they can identify activists and critics. Such actions either directly restrict freedom of expression or aim to deter political debate.”

The LCC kicked off this morning with discussions on internet freedom, cybercrime legislation and international development, as the UK seeks to bring businesses and governments from around the world together to try to reach agreements on the future of cyberspace.

Hague said that the UK’s message on the internet was simple: “That behaviour that is unacceptable in the ‘real’ world is also unacceptable in cyberspace.”

“This emphatically includes the curtailing of human rights,” he said.

“Human rights are universal, and apply online as much as they do offline… Everyone has the right to free and uncensored access to the internet. States should only interfere with these rights in exceptional situations and then only if it is appropriate, effective, proportionate and in accordance with international legal obligations,” he added.

Despite recent government talks with social network outfits following the London riots, Hague seems to be firmly on the side of freedom of expression online as well.

“We saw in Tunisia, Egypt and Libya that cutting off the internet, blocking Facebook, jamming Al Jazeera, intimidating journalists and imprisoning bloggers does not create stability or make grievances go away,” he said. “Journalists and bloggers must be allowed to express themselves freely and safely and within international standards.”

The Foreign and Commonwealth Office is running the LCC and Hague will be returning to the conference about 11.30am to make a keynote speech, which will be live-tweeted from @regvulture.

A keynote speech from US Secretary of State Hillary Clinton has been cancelled as she decided to stay in the US after her mother fell ill. Clinton was also due to visit Turkey, but will instead be staying at her 92-year-old mother’s side. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/11/01/foreign_secretary_internet_freedom/

LCC As various bods gather in London for a conference on cyber-security, leading online rights campaigners have penned a letter to Foreign Secretary William Hague urging the government to maintain freedom and privacy while promoting security.

“We call for the UK government to seize this opportunity to reject censorship and surveillance that undermines people’s rights to express themselves, organise or communicate freely,” the letter states.

Of particular concern to the e-activists, who include Cory Doctorow of the Electronic Frontier Foundation and Simon Davies of Privacy International, are new laws on filtering out porn and terrorist material that are now under government consideration.

The campaigning gang are upset over MP Claire Perry’s crusade to require Brit netizens to opt in to view online grumble flicks, which is currently working its way around Parliament, and the new PREVENT counter-terrorism strategy, which includes proposals that will similarly remove legal but undesirable content from the net.

The letter also shoots down the Prime Minister’s suggestion of a social networking crackdown, a move mulled in the aftermath of the summer riots, and more generally the government’s “plans for more pervasive powers to surveil and access people’s personal information online”.

Eleven groups are represented on the letter, including names from The Index on Censorship and openDemocracy.

It looks like Hague might be taking the arguments on board, kicking off the cyber-security conference with a speech railing against net censorship. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/11/01/internet_freedom_letter/

LCC The UK seems to be hoping for some sort of lasting agreement from its gathering of governments and businesses at the London Conference on Cyberspace (LCC).

Speaking at the conference, Foreign Secretary William Hague said it was time to “build on our common interests, developing firm ideas and proposals with real political and diplomatic weight”, which would seem to indicate that the UK is hoping for some lasting agreements from the conference.

The LCC has been billed by the Foreign Office as the first step in a long process of getting governments and businesses to agree on how to promote and protect the internet, although whether any of accord the conference will be binding remains to be seen.

Hague also said that despite concerns about cybercrime, the internet shouldn’t be under government control.

“Nothing would be more fatal or self-defeating than the heavy hand of state control on the internet, which only thrives because of the talent of individuals and of industry within an open market for ideas and innovation,” he said.

“The internet must remain open and not become fragmented and ghettoised, subject to separate rules and processes in different regions set by isolated national services, with state-imposed barriers to trade, commerce and the free flow of information and ideas.”

However, cybercrime and the digital divide are both hampering this goal and action needs to be taken to help those countries that aren’t as well defended or internet-capable, Hague said.

He also echoed his statements from earlier in the conference that social media should remain free and open as well, despite their role in global unrest.

“We reject the view that government suppression of the internet, phone networks and social media at times of unrest is acceptable,” he said.

“Cultural differences are not an excuse to water down human rights, nor can the exploitation of digital networks by a minority of criminals or terrorists be a justification for states to censor their citizens.”

The LCC is taking place over today and tomorrow. A follow-up conference on cyberspace is going to be held in Hungary next year and in the Republic of Korea in 2013, according to the Foreign Secretary. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/11/01/internet_agreement/