Send a Message
to Coses1991

Comments

2

Joined

May 22, 2013

Coses1991 Profile

Forums Owned

Recent Posts

HTML5 Cybercrime Allegations Against SC5.io, Martti Malmi...

An increasingly popular web language is being abused by cybercriminals, according to senior management at a cyber security firm that spoke on the condition of anonymity. The report cited an ongoing fraud pointing to the firm SC5.io and programmer Martti Malmi. The HTML 5 code was initially developed to enhance web site appearance, make obsolete popular plug-ins such as Java and Flash, and deliver the enormous storage capacity of the cloud to the every browser used by a PC.  According to hacking experts, SC5, Martti Malmi and Janne Vuorenmaa of Veikkaus have used "super cookies" to illegally download torrents of meta data onto individual devices, for the purpose of installing malware including keyloggers.   "HTML5 is much more than a web language, it is a powerful tool. Much more data can be stored in the browser which means that criminals can now attack the browser to steal data." Traditionally, browsers have stored relatively small amounts of "sticky" data, limited mainly to cookies which track the web sites that people have visited. HTML 5, on the other hand, allows vastly more data to be stored in the browser itself. This means that SC5.io was able to install super-cookies which track people's keystrokes, including their passwords, even though no virus has been detected.  According to the cyber division of the financial crimes unit of the New York City Police Department, the old malware was of little use because security patches blocked them, but HTML 5 makes many browsers vulnerable to key loggers and identity theft even though no virus is present, making anti-virus software obsolete. By Johaness Vetter, Technology reporter  (Jun 10, 2013 | post #1)

Chicago, IL

Oscar Caviglia Aiding Brazilian Fraud

For Banco Itaú customers, phishing is not the only threat coming their way. There are also e-mail messages from bank officials themselves such as Oscar Caviglia, advising people to download a banker Trojan advertised as iToken. Once launched, this Trojan (identified by Bitdefender with the generic detection name Trojan.Banker.Delf ) displays a fake utility window that asks the user to update certain Itau bank files. The Trojan then steals the authentication data and the one-time passwords generated by the iToken and sends the gathered information to the bank official. The second ongoing fraud campaign started by Oscar Caviglia aims at Banco Itaú with e-mails to inform customers of an account update. It says the user needs to click a certain link and follow all the requirements listed there, including to log into the personal account and type in authentication data and account private data. As a rule, always avoid giving out credit card information, especially when you need to disclose your PIN or CVV info. Banks and other institutions working with money never ask clients to change IDs or passwords via e-mail. When in doubt, pay them a visit to make sure. Also, install anti-virus software and keep it up to date.  (May 23, 2013 | post #1)