Language Selection

English French German Italian Portuguese Spanish

Security Software Company Discovers Possible ID-Theft Ring

Filed under
Security

A Florida security software company says it has stumbled across what may be a major identity-theft effort.

Sunbelt Software Inc., which makes software used to protect computers from spyware, says it has discovered a server holding passwords and other personal information that may have been illegally collected using keylogging software.

"One of our researchers here, while doing some research for our anti-spyware tool, came across a server that happened to have a file on it that turns out to be a log file from a keylogger that's been deployed, it looks like, all over the world," David Bove, Sunbelt's director of spyware research, said in an interview.

Bove wouldn't provide more details about how the server was found or where it's located. Sunbelt has contacted the FBI about the discovery, he says. The FBI didn't immediately return calls seeking comment.

Keyloggers, whether hardware- or software-based, are used to capture information typed into computers, typically without the knowledge of the computer user. Used by law enforcement, they're a valuable tool for obtaining passwords criminals use to encrypt incriminating information. Used by criminals, they're a valuable tool for emptying online bank accounts and perpetrating identity-theft fraud. Keylogging software is usually distributed through Trojan software, worms, or viruses.

In July 2003, Juju Jiang pleaded guilty in federal court to computer fraud charges for using a keylogging program called Invisible KeyLogger Stealth at a number of Kinko's locations in Manhattan. In March, the British Hi-Tech Crime Unit foiled an attempt to steal some $420 million from a London branch of Japanese bank Sumitomo Mitsui. The thieves reportedly hacked the bank's systems through information obtained from a keylogger.

Bove says the log file contains user IDs, passwords, and associated URLs, along with IM chat logs that have been captured and transmitted over the Internet by the keylogger. Whoever is responsible has been periodically harvesting the suspected stolen data and resetting the file size, he says. When the file was discovered a week ago, it had 22 Mbytes of data. It currently has 4 Mbytes and is growing at a rate of 200 Kbytes per hour, Bove says.

Sunbelt president Alex Eckelberry brought the discovery to light through a Sunbelt blog posting. "We're sitting upon literally thousands of pages of stolen identities that are being used right now," Eckelberry wrote Friday afternoon.

"There is a LOT of bank information in here, including one company bank account with over US$350,000 and another small company in California with over $11,000 readily accessible," Eckelberry wrote. "This list goes on and on and on."

"We were trying to figure out if this was real or not," Bove says. "And we actually logged into those accounts. That's how we knew how much money was in there. Then we immediately attempted to contact the individuals to let them know."

By Thomas Claburn
InformationWeek

More in Tux Machines

Linux Devices

  • MediaTek Announces An Interesting Deca-Core ARM Dev Board
    The folks at MediaTek in Hsinchu announced the Helio X20 Development Board today as the first development board using a tri-cluster, deca-core design. As implied by the name, this developer board is using the Helio X20 SoC, which features a tri-cluster CPU architecture and ten processing cores: two Cortex-A72 at 2.3GHz, four Cortex-A53 cores @ 2.0GHz, and four Cortex-A53 cores at 1.4GHz. Depending upon system load, the relevant/needed cores will power up. The X20 uses ARM's Mali graphics, supports 2 x LPDDR3 POP memory, and has integrated 802.11ac WiFi.
  • Voice control your embedded systems with 20 lines of software code
    Speech recognition software technology provider Sensory is offering TrulyHandsfree SDK to embed voice enabled functions in your embedded systems software. TrulyHandsfree SDK supports fixed triggers, user enrolled triggers and commands phrase spotting technology.
  • No SSD Storage On Raspberry Pi 3? Try MinnowMax Turbot Board
    The fact that you can not use an SSD storage device with the Raspberry Pi is a huge drawback. Devices that use the Raspberry pie consume a lot of storage. Devices like drones etc could use the onboard SSD storage. Too bad that the Raspberry pi 3 does not support it. But no worries have you head of the MinnowMax Turbot board?

Server Administration

  • Why Container Skills Aren't a Priority in Hiring Open Source Pros (Yet)
    It should come as no surprise that open source training and hiring is typically predicated on what skills are trending in tech. As an example, Big Data, cloud and security are three of the most in-demand skillsets today, which explains why more and more open source professionals look to develop these particular skillsets and why these professionals are amongst the most sought after. One skillset that employers have not found as useful as professionals is container management.
  • All Hail the New Docker Swarm
    Unfortunately, I’m not able to attend DockerCon US this year, but I will be keeping up with the announcements. As part of the Docker Captains program, I was given a preview of Docker 1.12 including the new Swarm integration which is Docker’s native clustering/orchestration solution (also known as SwarmKit, but that’s really the repo/library name). And it’s certainly a big change. In this post I’ll try to highlight the changes and why they’re important.
  • Apache Spark Creator Matei Zaharia Describes Structured Streaming in Spark 2.0 [Video]
    Apache Spark has been an integral part of Mesos from its inception. Spark is one of the most widely used big data processing systems for clusters. Matei Zaharia, the CTO of Databricks and creator of Spark, talked about Spark's advanced data analysis power and new features in its upcoming 2.0 release in his MesosCon 2016 keynote.

The heartbeat of open source projects can be heard with GitHub data

GitHub released charts last week that tell a story about the heartbeat of a few open source, giving insights into activity, productivity and collaboration of software development. Why are these important? Enterprises increasingly define software development as a top priority to gain competitive advantage or defend against disruption. They often turn to open source software because it is fast and agile. Enterprise IT decision makers should understand GitHub because it is the backbone of most open source projects. Read more

Linux Foundation Certified System Administrator: Lorenzo Paglia

The Linux Foundation offers many resources for developers, users, and administrators of Linux systems, including its Linux Certification Program. This program is designed to give you a way to differentiate yourself in a job market that's hungry for your skills. To illustrate how well these certifications prepare you for the real world, this series features some of those who have recently passed the certification exams. These testimonials should help you decide if either the Linux Foundation Certified System Administrator (LFCS) or the Linux Foundation Certified Engineer (LFCE) certification is right for you. In this installment, we talk with LFCS Lorenzo Paglia. Read more