Businessman hackers brought down in USA and Europe
Cybercrooks run their organizations like businesses these days. They have multinational offices, marketing departments, business development, and technical support teams. Maybe they also need some security...
One such malware entrepreneur, Alex Yucel, sold malware through a website that he operated, to other hackers. The Blackshades malware allowed hackers to remotely control their victims' computers. They could do such things as log the victim's keystrokes, spy through webcams, and steal usernames and passwords for email and other services. They could also turn their computers into bots which were used to perform Distributed Denial of Service (DDoS) attacks on other computers, without the knowledge of the victim.
Manhattan U.S. Attorney Preet Bharara said: “Alex Yucel created, marketed, and sold software that was designed to accomplish just one thing – gain control of a computer, and with it, a victim’s identity and other important information. This malware victimized thousands of people across the globe and invaded their lives. But Yucel’s computer hacking days are now over.” See the Department of Justice press release here.
Yucel sold the software for as little as $40 on PayPal and various black market forums. The profits from sales of the malware is estimated to be at $350,000. Yusel plead guilty to computer hacking and was sentenced to almost five years in a New York prison. Last year more than 100 customers of Blackshades were arrested in massive raids in Europe and Australia.
In Europe, a joint investigation team brought down a major cybercriminal group in Ukraine. These high-level cybercrooks are suspected of developing, exploiting, and distributing well-known banking Trojans Zeus and SpyEye. The malware they developed attacked online banking systems in Europe and elsewhere. The damages are estimated to be over 2 million euros.
Their business was organized into specialty groups. Some ran a network of tens of thousands of computers, others harvested victims banking credentials such as passwords and account numbers, and others laundered their ill-gotten gains through money mule networks. This group of cybercrooks also had a marketing team that advertised on underground forums, sold their hacking services to other cybercrooks, and had a business development department seeking cooperation partners.
It took investigators and judicial authorities from six different European countries, supported by Eurojust and Europol, to stop this major cybercrime organization.
"In one of the most significant operations coordinated by the agency in recent years Europol worked with an international team of investigators to bring down a very destructive cybercriminal group," said Rob Wainwright, Director of Europol.
Our Aposemat Team has been testing the capabilities of IPv6 and how malware could take advantage of it. One of the topics explored was exfiltration of data via the IPv6 protocol, which we discuss in this post.
Popular banking services, including PayPal, Revolut and Venmo, allow users to request money from others with a few easy steps. Although simple, this functionality could increase the likelihood of related spearphishing attacks.