Besides the Russian Hacker being found guilty for the most part in a bazarre case, we've got other pieces of news I didn't talk about but have here. I could've put that in the blog post about that, but these are other cases.
Feds indict ‘fxmsp’ in connection with million-dollar hacking operation is a very interesting story I just almost decided not to cover it. A man was charged after hacking related crimes when an investigation in to scammers targeting more than 300 different companies. The companies are throughout the world according to the article.
Prosecutors in the Western District of Washington charged Andrey Turchin, who resides in Kazakhstan, with five felony counts in connection with a year-long
fraud effort. Last known to be in Kazakhstan, Turchin allegedly sold remote access hacking tools on cybercriminal forums, typically charging tens of thousands
of dollars for access to data that would cost victims tens of millions of dollars.Turchin went by a series of aliases, including “fxmsp,” according to the Justice Department.
To see the full story, including links to other content, feel free to click on through.
The Satori Botnet has been around for quite awhile, and recently, an article came across my desk from Cyberscoop which is entitled New Charges, Sentencing in Satori IoT Botnet Conspiracy.
The U.S. Justice Department today charged a Canadian and a Northern Ireland man for allegedly conspiring to build botnets that enslaved hundreds of thousands
of routers and other Internet of Things (IoT) devices for use in large-scale distributed denial-of-service (DDoS) attacks. In addition, a defendant in
the United States was sentenced today to drug treatment and 18 months community confinement for his admitted role in the botnet conspiracy.Indictments unsealed by a federal court in Alaska today allege 20-year-old Aaron Sterritt from Larne, Northern Ireland, and 31-year-old Logan Shwydiuk
of Saskatoon, Canada conspired to build, operate and improve their IoT crime machines over several years.Prosecutors say Sterritt, using the hacker aliases “Vamp” and “Viktor,” was the brains behind the computer code that powered several potent and increasingly
complex IoT botnet strains that became known by exotic names such as “Masuta,” “Satori,” “Okiru” and “Fbot.”Shwydiuk, a.k.a. “Drake,” “Dingle, and “Chickenmelon,” is alleged to have taken the lead in managing sales and customer support for people who leased access
to the IoT botnets to conduct their own DDoS attacks.
Krebs On Security goes on to talk about a third man in this group that links to other things, so for complete details, please feel free to go ahead and check out this story on all of the juicy details.
Finally, a FEMA employee is charged with something as you’ll see in an article also written by Krebs on Security. FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy is the article.
An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource
databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on
the dark web.On June 16, authorities in Michigan arrested 29-year-old Justin Sean Johnson in connection with a 43-count indictment on charges of conspiracy, wire fraud
and aggravated identity theft.Federal prosecutors in Pittsburgh allege that in 2013 and 2014 Johnson hacked into the Oracle PeopleSoft databases for UPMC, a $21 billion nonprofit health
enterprise that includes more than 40 hospitals.According to the indictment, Johnson stole employee information on all 65,000 then current and former employees, including their names, dates of birth,
Social Security numbers, and salaries.According to the article, the suspect also made off with W2 form data that held income tax and withholding data which he sold on the dark web.
To learn more about the Federal Emergency Management Company, visit Fema on the web. The web site was searched for the URL on July 14, 2020. There may be something of interest that you can learn from the site itself.
Are you surprised that an information technology specialist is charged with this type of thing? Why or why not?
Krebs on Security also covered a very interesting story while we’re talking about arrests and other types of good news as part of this blog. Ukraine Nabs Suspect in 773M Password ‘Megabreach’ is the article from Mr. Krebs.
I’m thinking that this must the biggest breach to date dating all the way back to 2008 according to a short blog post I posted covering the schools.
In January 2019, dozens of media outlets raised the alarm about a new “megabreach” involving the release of some 773 million stolen usernames and passwords
that was breathlessly labeled “the largest collection of stolen data in history.” A subsequent review by KrebsOnSecurity quickly determined the data was
years old and merely a compilation of credentials pilfered from mostly public data breaches. Earlier today, authorities in Ukraine said they’d apprehended
a suspect in the case.The Security Service of Ukraine (SBU) on Tuesday announced the detention of a hacker known as Sanix (a.k.a. “Sanixer“) from the Ivano-Frankivsk region
of the country. The SBU said they found on Sanix’s computer records showing he sold databases with “logins and passwords to e-mail boxes, PIN codes for
bank cards, e-wallets of cryptocurrencies, PayPal accounts, and information about computers hacked for further use in botnets and for organizing distributed
denial-of-service (DDoS) attacks.”
MThis is only the beginning of this one to boot.
KrebsOnSecurity is covering Sanix’s detention mainly to close the loop on an incident that received an incredible amount of international attention. But
it’s also another excuse to remind readers about the importance of good password hygiene. A core reason so many accounts get compromised is that far too
many people have the nasty habit(s) of choosing poor passwords, re-using passwords and email addresses across multiple sites, and not taking advantage
of multi-factor authentication options when available.There are other links that may be of interest, and you may want to check out this story as well.
Found anything about arrests in the cybercrime field? Feel free to pass it along to me by sending an email my way. I look forward in hearing from you!
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.