Language Selection

English French German Italian Portuguese Spanish

Security Software Company Discovers Possible ID-Theft Ring

Filed under

A Florida security software company says it has stumbled across what may be a major identity-theft effort.

Sunbelt Software Inc., which makes software used to protect computers from spyware, says it has discovered a server holding passwords and other personal information that may have been illegally collected using keylogging software.

"One of our researchers here, while doing some research for our anti-spyware tool, came across a server that happened to have a file on it that turns out to be a log file from a keylogger that's been deployed, it looks like, all over the world," David Bove, Sunbelt's director of spyware research, said in an interview.

Bove wouldn't provide more details about how the server was found or where it's located. Sunbelt has contacted the FBI about the discovery, he says. The FBI didn't immediately return calls seeking comment.

Keyloggers, whether hardware- or software-based, are used to capture information typed into computers, typically without the knowledge of the computer user. Used by law enforcement, they're a valuable tool for obtaining passwords criminals use to encrypt incriminating information. Used by criminals, they're a valuable tool for emptying online bank accounts and perpetrating identity-theft fraud. Keylogging software is usually distributed through Trojan software, worms, or viruses.

In July 2003, Juju Jiang pleaded guilty in federal court to computer fraud charges for using a keylogging program called Invisible KeyLogger Stealth at a number of Kinko's locations in Manhattan. In March, the British Hi-Tech Crime Unit foiled an attempt to steal some $420 million from a London branch of Japanese bank Sumitomo Mitsui. The thieves reportedly hacked the bank's systems through information obtained from a keylogger.

Bove says the log file contains user IDs, passwords, and associated URLs, along with IM chat logs that have been captured and transmitted over the Internet by the keylogger. Whoever is responsible has been periodically harvesting the suspected stolen data and resetting the file size, he says. When the file was discovered a week ago, it had 22 Mbytes of data. It currently has 4 Mbytes and is growing at a rate of 200 Kbytes per hour, Bove says.

Sunbelt president Alex Eckelberry brought the discovery to light through a Sunbelt blog posting. "We're sitting upon literally thousands of pages of stolen identities that are being used right now," Eckelberry wrote Friday afternoon.

"There is a LOT of bank information in here, including one company bank account with over US$350,000 and another small company in California with over $11,000 readily accessible," Eckelberry wrote. "This list goes on and on and on."

"We were trying to figure out if this was real or not," Bove says. "And we actually logged into those accounts. That's how we knew how much money was in there. Then we immediately attempted to contact the individuals to let them know."

By Thomas Claburn

More in Tux Machines

today's howtos

Linux Kernel News

  • Applying the Linus Torvalds “Good Taste” Coding Requirement
    In a recent interview with Linus Torvalds, the creator of Linux, at approximately 14:20 in the interview, he made a quick point about coding with “good taste”. Good taste? The interviewer prodded him for details and Linus came prepared with illustrations. He presented a code snippet. But this wasn’t “good taste” code. This snippet was an example of poor taste in order to provide some initial contrast.
  • DTrace for Linux 2016
    With the final major capability for BPF tracing (timed sampling) merging in Linux 4.9-rc1, the Linux kernel now has raw capabilities similar to those provided by DTrace, the advanced tracer from Solaris. As a long time DTrace user and expert, this is an exciting milestone! On Linux, you can now analyze the performance of applications and the kernel using production-safe low-overhead custom tracing, with latency histograms, frequency counts, and more.
  • The initial bus1 patch posting

OSS Leftovers

  • Pitt, partners create open source software for cancer genome data
    Researchers at the University of Pittsburgh, UPMC and the Pittsburgh Supercomputing Center have created software to help investigators more easily navigate genomic cancer data. The free, open-source software, profiled Thursday in the journal PLOS ONE, processes data generated by The Cancer Genome Atlas project. Funding for the new software was provided by the Institute of Precision Medicine and the University of Pittsburgh Cancer Institute.
  • Starting a Career as an Open Source Developer
    "Disney, John Deere and Walmart. Any idea what these three companies have in common?" The question was asked on Wednesday by Brandon Keepers, GitHub's head of open source. He was about three minutes into a session he was conducting called "Contributing to Your Career" at the All Things Open conference. "All three of these companies are actually software companies," he answered after taking a moment to tease the audience. "They do other things. They build tractors, protect trademarks and build amusement parks, and sell groceraies and things that you need everyday. But they've also become software companies and they've become really active in open source -- and they're not alone."
  • A look at how retail giant Walmart is becoming open source first
    It’s rare that we speak to large, global enterprises that are redesigning their technology stack and culture around an open source first policy. More often than not companies stick to their legacy vendors of choice, or they shift to ‘reliable’ cloud/digital vendors where similar buying rules apply. However, that’s exactly what Walmart is doing. Since acquiring performance lifecycle management start-up OneOps four years ago, in order to implement a DevOps approach to its e-commerce environment, the retailer is also prioritising open source over everything else – with it having made a big investment in OpenStack for its infrastructure.
  • Open source no longer scares the enterprise
    Open source breaks the rules on corporate procurement, but developers never play by the rules and now open source has sneaked in through the back door A study by Vanson Bourne for Rackspace reports that businesses are making big savings by using open source. In the survey of 300 organisations, three out of five respondents cited cost savings as the top benefit, reducing average cost per project by £30,146.
  • Defining MANO: Open Source vs. Standards
    As service providers are working to deploy NFV-based services, they are finding that management and orchestration (MANO) is a pain point. One of the big questions about MANO is how we go from a high-level architecture diagram to interoperable implementations. Do we take the traditional telco path and work through standards bodies? Or do we take a cloud-centric path and focus on open source development projects?
  • Eclipse Kapua IoT Project Gets Code from Eurotech and Red Hat
    The nascent Eclipse Kapua project got a big boost this week from its chief sponsors, open source solutions provider Red Hat and M2M/IoT platform provider Eurotech. The two companies announced their first official code contributions to the recently approved project, through which they are developing a modular, cloud-based platform for managing IoT gateways and smart edge devices. Red Hat and Eurotech collaborated to propose the project last June.

Red Hat and Fedora

  • ESDS Teams Up With Red Hat On Managed Cloud Hosting Services
    ESDS Software Solution has announced that it has joined hands with Red Hat to bring together the benefits of cloud solutions to legacy applications and enterprise databases. Customers can now avail managed data and cloud hosting services on ESDS eNlight Cloud platform that allows vertical auto scaling of virtual machines. ESDS can now offer needed agility to enterprises that may not otherwise reap the benefits of cloud, given the architecture of their systems. eNlight Cloud is a state-of-the-art cloud hosting solution with a built-in ability to automatically scale CPU and RAM on-the fly. Customers can now access the benefits of automatic load sensing and scaling, pay-per-consumption metered billing, root access to enterprise databases and managed OS, database and network services by using Red Hat Enterprise Linux on patented eNlight Cloud. This solution is targeted at customers across several verticals including aviation, banking, manufacturing, oil & gas, shipping and telecommunications.
  • Swisscom, UKCloud Adopt Red Hat OpenStack Platform
    Red Hat announced today that both Swisscom and UKCloud will be leveraging its OpenStack platform as the companies transition toward cloud computing. Swisscom will use the platform to develop its own cloud platform, and UKCloud will provide its customers with the ability to deliver digital services directly to UK citizens.
  • Red Hat Inc. (RHT) Stake Increased by Rail Splitter Capital Management LLC
  • Bodhi 2.3.0 released
    Bodhi 2.3.0 is a feature and bug fix release.
  • Fedora at Ohio Linuxfest 2016
    We arrived at the our hotel around 1PM on Friday. After checking in we headed over to find the new site in the Hyatt Regency Hotel. The first things we noticed was the Columbus Convention Center is doing a major renovation and one of those renovations was they removed the escalators from the food court to the second floor. At first we thought this may be a issue to move the event stuff in but there was an elevator close by. Also no signage for OLF in the Food Court area. After getting off the elevator on the second floor there was a sign pointing around the corner to the Ohio Linuxfest registration table. This year Ohio Linuxfest charged $10 for general attendees (free to students with student ID). We checked in and out our badges (yes insert favorite Blazing Saddles joke here). We walked down to the Vendor Expo hall which this year had a grand total of 28 exhibitors (see website for vendor lists). While the Expo was setup ready for Vendors to move in but the Vendor Expo was not open to the public on Friday.