Cybercrime causes $41.6 million in 

losses in Perak

NST, Wednesday 26 Feb 2016

26/2/2016
Cybercrime caused losses of RM108 million (S$41.6 million) in Perak last year. This was revealed in a seminar organised by Batu Gajah police to raise awareness on the growing threat of cybercrime.

Cybercrime is increasingly causing us huge losses from year to year. In 2013, a sum of RM 108 million was reported by Batu Gajah Police (in Perak) which was revealed in a seminar arranged by the authority in year 2014.

From the statistics, love scam contributed 70 percent losses from reported cybercrime cases nationwide, and is on increasing trend. It was also reported that there is a 35 percent increase of love scam cases in the past 2 years (i.e in 2012 & 2013). this is due to the rapid technological advancements that allows white collar criminals to easily locate their victims. More than 70 percent of the victims are female, as the criminals normally lure mature and more successful women under the pretense of romance connections.

Therefore, it is the responsibility of the general public to be aware on this scam and stay alert.

GameOver Zeus Botnet Disrupted

Collaborative Effort Among Internation

al Partners

06/02/14

On June 2, 2014, the Department of Justice and the FBI declared a multinational push to upset the GameOver Zeus botnet, accepted to be in charge of the robbery of a large number of dollars from organizations and customers in the U.S. also, around the globe. 

Additionally reported was the unlocking of criminal accusations in Pittsburgh and Omaha against charged botnet head Evgeniy Mikhailovich Bogachev of Anapa, Russian Federation. 

GameOver Zeus is an amazingly modern kind of malware composed particularly to take keeping money and different qualifications from the PCs it taints. It's predominately spread through spam email or phishing messages. 

We can se how the cyber crime happen in complicated process. Unbeknownst to their legitimate proprietors, the contaminated PCs turn out to be a piece of a worldwide system of traded off PCs known as a botnet a capable online instrument that digital crooks can use for their own accursed purposes. On account of GameOver Zeus, its main role is to catch keeping money accreditation from tainted PCs, then utilize those qualifications to start or re-direct wire exchanges to accounts abroad that are controlled by the crooks. Misfortunes owing to GameOver Zeus are evaluated to be more than $100 million. 

Not at all like prior Zeus variations, GameOver has decentralized, shared summon and control foundation instead of brought together purposes of inception, which implies that directions to the contaminated PCs can originate from any of the tainted PCs, making a takedown of the botnet more troublesome. In any case not unimaginable. 

Authorities reported that notwithstanding the criminal allegations for the situation, the U.S. gotten common and criminal court orders in elected court in Pittsburgh approving measures to separate correspondences between the tainted PCs, re-coordinating these PCs far from criminal servers to substitute servers under the administration's control. 

The requests approve the FBI to character the IP locations of the casualty PCs connecting with the substitute servers and to give that data to Computer Emergency Readiness Teams (CERTs) around the globe, and in addition to Internet administration suppliers and other private segment parties who can help casualties in expelling GameOver Zeus from their PCs. 

Vital note: No substances of casualty interchanges are caught or available in the interruption procedure. 

The GameOver Zeus examination, as indicated by U.S. Agent Attorney General James Cole, joined "customary law requirement methods and front line specialized measures important to battle profoundly advanced digital plans focusing on our subjects and organizations." 

In a related activity declared recently, U.S. also, outside law requirement authorities seized Cryptolocker command and control servers. Cryptolocker is a kind of ransom ware that bolts casualties' PC documents and requests a charge consequently to unlock them. PCs contaminated with Cryptolocker are regularly likewise tainted with GameOver Zeus.

A Byte Out of History

$10 Million Hack, 1994-Style

01/31/14
This case started in July 1994, when a few corporate bank clients found that a sum of $400,000 was absent from their records. When bank authorities understood the issue, they quickly reached the FBI. Programmers had clearly focused on the foundation's money administration PC framework—which permitted corporate customers to move stores from their own particular records into different banks far and wide. The offenders obtained entrance by misusing the information transfers organize and bargaining legitimate client IDs and passwords.

Working with the bank, they started checking the records for more unlawful exchanges. They in the long run recognized roughly 40 illicit exchanges from late June through October, for the most part going to abroad financial balances and eventually signifying more than $10 million. In the meantime, the bank could get the abroad records solidified so no extra cash could be pulled back.

The main area where cash was really exchanged inside the U.S. was San Francisco. Agents pinpointed the financial balances there and recognized the proprietors as a Russian couple who had beforehand lived in the nation. At the point when the spouse flew into San Francisco and endeavoured to pull back assets from one of the records, the FBI captured her and, before long, her significant other. Both collaborated in the examination, letting us know that the hacking operation was based inside a St. Petersburg PC firm and that they were working for a Russian named Vladimir Levin.

They collaborated with Russian powers—who gave remarkable participation days after another FBI legitimate attaché office had been opened in Moscow—to accumulate proof against Levin, including evidence that he was getting to the bank's PC from his own particular tablet. 

They additionally worked with other law requirement accomplices to capture two co-plotters endeavoring to pull back money from abroad records; both were Russian nationals who had been selected as messengers and paid to take the stolen reserves that had been exchanged to their own records.

[In March 1995, Levin was attracted to London, where he was captured and later removed back to the United States. He pled guilty in January 1998.]

Accepted to be the main online bank burglary, the virtual robbery and following examination were a required wakeup require the monetary business and for law authorization. The casualty bank set up remedial measures to shore up its system security. In spite of the fact that the hack didn't include the Internet, the case generated media scope that got the consideration of web security specialists.


Source: https://www.fbi.gov/news/stories/2014/january/byte-out-of-history-10-million-hack-1994-style/byte-out-of-history-10-million-hack-1994-style

Business E-Mail Compromise
An Emerging Global Threat

8/28/15
The bookkeeper for a U.S. organization as of late got an email from her CEO, who was in the midst of some recreation out of the nation, asking for an exchange of assets on a period delicate securing that required finishing before the day is over. The CEO said a legal counsellor would contact the bookkeeper to give further subtle elements.

How the cyber crime movement:
"It was not abnormal for me to get messages asking for an exchange of assets," the bookkeeper later composed, and when she was reached by the legal counsellor by means of email, she noticed the suitable letter of approval—including her CEO's mark over the organization's seal—and took after the guidelines to wire more than $737,000 to a bank in China.

The following day, when the CEO happened to call with respect to another matter, the bookkeeper said that she had finished the wire exchange the day preceding. The CEO said he had never sent the email and knew nothing about the charged securing.

The organization was the casualty of a business email bargain (BEC), a developing monetary misrepresentation that is more complex than any comparative trick the FBI has seen before and one in its different structures that has brought about genuine and endeavoured misfortunes of more than a billion dollars to organizations around the world.

"BEC is a genuine risk on a worldwide scale," said FBI Special Agent Maxwell Marker, who administers the Bureau's Transnational Organized Crime–Eastern Hemisphere Section in the Criminal Investigative Division. "It's a prime case of sorted out wrongdoing bunches taking part in substantial scale, PC empowered misrepresentation, and the misfortunes are stunning."

Since the FBI's Internet Crime Complaint Center (IC3) started following BEC tricks in late 2013, it has assembled measurements on more than 7,000 U.S. organizations that have been misled with aggregate dollar misfortunes surpassing $740 million. That does exclude casualties outside the U.S. what's more unreported misfortunes.

The con artists, accepted to be individuals from sorted out wrongdoing bunches from Africa, Eastern Europe, and the Middle East, fundamentally target organizations that work with remote suppliers or consistently perform wire exchange installments. The trick succeeds by bargaining honest to goodness business email accounts through social building or PC interruption strategies. Organizations of all sizes are focused on, and the extortion is multiplying.

As per IC3, since the start of 2015 there has been a 270 percent expansion in distinguished BEC casualties. Casualty organizations have originated from each of the 50 U.S. states and about 80 nations abroad. Most of the false moves wind up in Chinese banks.

In the relatively recent past, email tricks were genuinely simple to spot. The Nigerian lottery and other extortion endeavors that touched base in individual and business email inboxes were straightforward in their awkwardness. Presently, the con artists' strategies are to a great degree complex.

"They know how to propagate the trick without raising suspicions," Marker said. "They have fabulous tradecraft, and they get their work done. They utilize dialect particular to the organization they are focusing, alongside dollar sums that loan authenticity to the extortion. The times of these messages having awful linguistic use and being effectively recognized are generally behind us."

To exacerbate matters, the lawbreakers regularly utilize malware to invade organization systems, accessing true blue email strings about charging and solicitations they can use to guarantee the suspicions of a bookkeeper or budgetary officer aren't raised when a false wire exchange is asked.

Rather than making an installment to a trusted supplier, the tricksters direct installment to their own records. Once in a while they succeed at this by exchanging a trusted financial balance number by a solitary digit. "The lawbreakers have ended up specialists at mirroring solicitations and records," Marker said. "What's more, when a wire exchange happens," he included, "the window of time to distinguish the misrepresentation and recuperate the assets before they are moved out of scope is to a great degree short."

For the situation specified above—answered to the IC3 in June—after the bookkeeper addressed her CEO on the telephone, she quickly assessed the email string. "I saw the principal email I got from the CEO was missing one letter; rather than .com, it read .co." On nearer investigation, the connection gave by the "legal advisor" uncovered that the CEO's mark was manufactured and the organization seal gave off an impression of being cut and stuck from the organization's open site. Further helping the culprits, the site additionally recorded the organization's official officers and their email addresses and distinguished particular worldwide media occasions the CEO would go to amid the logbook year.

The FBI's Criminal, Cyber, and International Operations Divisions are organizing endeavors to recognize and disassemble BEC criminal gatherings. "We are applying all our investigative methods to the danger," Marker said, "counting scientific bookkeeping, human source and covert operations, and digital viewpoints, for example, following IP addresses and breaking down the malware used to do arrange interruptions. We are working with our outside accomplices also, who are seeing the same issues." He focused on that organizations ought to make themselves mindful of the BEC risk and take measures to abstain from getting to be casualties.

Source: https://www.fbi.gov/news/stories/2015/august/business-e-mail-compromise/business-e-mail-compromise

Syrian Cyber Hackers Charged

Two From ‘Syrian Electronic Army’ Added to Cyber’s

 Most Wanted

03/22/16
Three individuals from a Syrian programmer aggregate that commandeered the sites and online networking stages of noticeable U.S. media associations and the U.S. military were charged today in government court with numerous intrigues identified with PC hacking.

In two criminal protests unlocked in the Eastern District of Virginia, Amad Umar Agha, Firas Dardar, and Peter Romar were accused of criminal schemes identified with their parts focusing on Internet destinations in the U.S. what's more abroad in the interest of the Syrian Electronic Army (SEA), a gathering of programmers that backings the administration of Syrian President Bashar al-Assad. The influenced destinations—which included PC frameworks in the Executive Office of the President in 2011 and a U.S. Marine Corps enrollment site in 2013—were esteemed via SEA to be adversarial toward the Syrian government.  

As per the charges, Agha, 22, referred to online as "The Pro," and Dardar, 27, occupied with a multi-year scheme that started in 2011 to gather usernames and passwords that gave them the capacity to mutilate sites, divert spaces to destinations controlled by the plotters, take email, and commandeer online networking accounts. To acquire the login data they utilized a method called "lance phishing," where they deceived individuals who had favored access to their associations' sites and online networking channels into volunteering touchy data by acting like a real element.

Dardar, referred to online as "The Shadow," additionally worked with Peter "Pierre" Romar, 36, on a plan starting in 2013 to coerce U.S. organizations for benefit. As indicated by the grumbling, the pair would hack into the casualties' PCs and after that debilitate to harm PCs, and erase or offer the information unless they were paid a payment.

Different case of the plotters' hacks include:
1.     Compromising the Twitter record of a conspicuous U.S. media association in 2013 and discharging a tweet guaranteeing that a bomb had blasted at the White House and harmed the President.
2.     Gaining control of a U.S. Marine Corps enrolling site and posting a message encouraging Marines to "Deny [their] orders."

In an announcement, Assistant Attorney General for National Security John Carlin said the plotters' coercion plans undermine their own cases of working for a respectable purpose—to bolster the beset administration of their leader. "While a portion of the movement looked to hurt the financial and national security of the United States for the sake of Syria, these point by point affirmations uncover that the individuals likewise utilized coercion to attempt to line their own pockets to the detriment of reputable individuals everywhere throughout the world," Carlin said.

Source: https://www.fbi.gov/news/stories/2016/march/two-from-syrian-electronic-army-added-to-cybers-most-wanted/two-from-syrian-electronic-army-added-to-cybers-most-wanted

International Cyber Crime

Iranians Charged with Hacking U.S. Financial Sector

03/24/16

Seven Iranians dealing with benefit of the Iranian government have been prosecuted for a progression of digital wrongdoings that cost U.S. budgetary organizations a huge number of dollars and bargained basic controls of a New York dam.

Utilizing botnets and different pernicious PC code, the people utilized by two Iran based PC organizations supported and coordinated by the Iranian government occupied with an efficient battle of disseminated disavowal of administration (DDoS) assaults against almost 50 establishments in the U.S. monetary area between late 2011 and mid2013. The rehashed, composed assaults impaired bank sites and kept clients from getting to their online records.

The prosecutions were unlocked today in government court in New York City. The respondents are all accepted to be in Iran, yet Interpol Red Notices have been issued for their captures and removals to the U.S. on the off chance that they go outside of Iran.

"The FBI will locate those behind digital interruptions and consider them responsible, wherever they are, and whoever they are," said Director James B. Comey at a question and answer session today at the Department of Justice in Washington, D.C., where the charges were declared. Lawyer General Loretta Lynch included, "We will keep on pursueing national security digital dangers using all accessible devices, including open criminal allegations."

The DDoS assaults, which overpowered servers and consequently denied Internet access to honest to goodness clients, all in all required a huge number of dollars to alleviate. The assaults started in December 2011, and by September 2012 were happening on about a week after week premise. On certain days, a huge number of clients were sliced off from online access to their financial balances.

As indicated by court reports, one of the programmers who constructed the botnet utilized as a part of a portion of the assaults got credit for his PC interruption work from the Iranian government toward finish of his obligatory military administration prerequisite. Different respondents have asserted obligation regarding hacking servers having a place with NASA and for interruptions into a large number of different servers in the U.S., the United Kingdom, and Israel.

Attorney General Loretta Lynch—joined by (from left) Assistant Attorney General for National Security John Carlin, FBI Director James Comey, and U.S. Attorney Preet Bharara of the Southern District of New York—announces indictments against seven Iranian hackers for cyber crimes against the U.S. financial sector at a press conference on March 24, 2016 at the Department of Justice in Washington, D.C.

Since the assaults, the FBI and the Department of Justice have worked with the private area to kill and remediate the botnets. The Bureau likewise directed broad effort to Internet administration suppliers to help with expelling the malware from influenced servers. Through these endeavors, more than 90 percent of the risk has been effectively killed.

"By getting out the people and countries who use digital assaults to undermine American venture, as we have done in this arraignment, we will change conduct," Comey said. Alluding to the way that the litigants are right now out of U.S. achieve, he included, "The world is little, and our recollections are long. Regardless of where programmers are on the planet and regardless of how hard they attempt to disguise their personalities, we will discover approaches to puncture that shield and recognize them. That is the message of this case."

Notwithstanding focusing on the U.S. budgetary part, one of the respondents over and again accessed PC frameworks of the Bowman Dam in Rye, New York in 2013. Despite the fact that the litigant never picked up control of the dam, his entrance permitted him to learn basic data about the dam's operation, including insights about entryways that control water levels and stream rates. The break underscored the potential vulnerabilities of the country's basic base to outside programmers and could have represented "a reasonable and present threat to the general wellbeing and security of Americans," said Attorney General Lynch.

Source: https://www.fbi.gov/news/stories/2016/march/iranians-charged-with-hacking-us-financial-sector/iranians-charged-with-hacking-us-financial-sector

Lottery Fraud

Scammers Target the Elderly

The Washington, File FBI Post |  March 08, 2016 

03/08/16

The phone originated from all of a sudden. The man on hold told the 83-year-old resigned teacher she had won a significant lottery prize. All that was required to guarantee the godsend was to pay charges and different expenses.

Before it was over, the casualty—a Virginia occupant who had carefully put something aside for her retirement—was out more than $500,000 in a trick that has turned into very commonplace among the elderly.

The crooks behind these lottery fakes and other telemarketing tricks prey on senior nationals for an assortment of reasons, as per Special Agent John Gardner, who explored the lady's case out of the FBI's Washington Field Office and in the end put the Jamaican man who misled her in a correctional facility.

["The main thing to know is that lottery con artists have no sympathy for the elderly," Gardner said. "For them, it's about the cash." Seniors can be baited into the trick since they have money related challenges or they may have enough for themselves however need to leave a legacy for their youngsters. Some might experience the ill effects of mental decrease or dementia. "Others are so forlorn, they simply need somebody to converse with," Gardner clarified. "A few tricksters turn out to be 'closest companions' with their casualties.]

There is likewise the issue of innovation. The hoodlums—numerous who do their wrongdoings from Jamaica—use Internet apparatuses to cover their calls so they give off an impression of being originating from U.S. numbers with specific zone codes, for example, Las Vegas.

"Elderly individuals grew up during an era when individuals weren't swindling individuals via telephone," Gardner said. "They don't know about these Internet covering innovations and are for the most part not suspicious when the phone rings."

The fraudsters are as influential as they are advanced. "The Jamaican lottery tricksters resemble a sorted out digital wrongdoing bunch," Gardner said. "They are nearly sew, very organized, and have U.S. partners—cash donkeys—who launder their cash."

The con artists who make the calls talk magnificent English and utilize all around rehearsed scripts complete with counters. They are experienced and amazingly manipulative. To target casualties of a particular age, they purchase lead records that are broadly accessible on the web.

Gardner got the Virginia lady's grumbling in 2011. The following examination inevitably brought about the recognizable proof of seven subjects, every one of whom were accused in association of the lottery plan. Six of those people have been indicted, and one is a criminal. The instigator, Paul Laing, 31, of Sandy Bay, Jamaica, was sentenced a month ago to 10 years in jail for his authority part in the plan.

Laing pled liable in October 2015, conceding that he duped various elderly casualties, including the lady from Virginia who lost her life investment funds. Laing taught casualties to send reserves through wire exchanges, the U.S. mail, and different means specifically to him in Jamaica or to co-plotters in the U.S. Those co-plotters—the cash donkeys—kept a part of the returns and exchanged the rest to Laing. The illegal assets rushed to a huge number of dollars from more than 23 known casualties, Gardner said, including that there were likely numerous more casualties who never approached.

The Federal Trade Commission—the country's shopper security office—offers the accompanying exhortation to abstain from succumbing to lottery tricks and other telemarketing cheats: - Don't pay cash to gather assumed lottery or sweepstakes rewards. On the off chance that you need to pay to gather, you are not winning, you are purchasing. Genuine sweepstakes don't oblige you to pay protection, expenses, or delivering and taking care of charges to gather your prize. - Scammers weight individuals to wire cash through business cash exchange organizations since wiring cash is the same as sending money. 

At the point when the cash's been sent, there's next to no possibility of recuperation. In like manner, oppose any push to send a check or cash request by overnight conveyance or dispatch. Scalawags suggest these administrations so they can get their hands on your cash before you understand you've been bamboozled. - Remember that telephone numbers can swindle. Web innovation permits con artists to camouflage their territory code so it would appear that they're calling from your neighborhood, they could call from anyplace on the planet.

Source: https://www.fbi.gov/news/stories/2016/march/lottery-fraud/lottery-fraud