Tag Archives: FBI

Not A Ghost Click Of A Chance

Posted on by

Late yesterday it was announced that the largest cybercrime takedown, dubbed Operation Ghost Click, had been carried out.  A gang of 6 people were arrested in a joint operation by the FBI and Estonian police.  The six people were arrested in Estonia while the FBI raided a number of datacentres within the US and seized equipment allegedly used by those arrested.  The six people arrested are alleged to have participated in a scheme which saw over 4 million computers worldwide infected with a computer virus that made those computers part of a botnet and generate more than $14 million for the criminals.

The criminals used the computer virus to change the DNS settings on the infected computers allowing the criminals to redirect the victims’ Internet traffic to Internet servers under the control of the criminals.  So if the people using an infected computer wanted to go to a certain website the criminals could point the DNS record to a fake replica site under their control and use that to scam money from the victims.

In order to ensure minimum impact on the infected computers the authorities, together with TrendMicro, were able to replace the DNS servers under the criminals’ control with legitimate servers.  While this ensures the affected users can continue to use the Internet their computers still remain infected with the computer virus.

The FBI have set up a page where you can check if your system is infected,  TrendMicro provide more details herewith links to their HouseCall software for a free scan and clean-up should your system be infected.

More details on the operation can be found in the FBI’s press release.  A very interesting thing to note that a number of Apple Mac computers were infected as part of this botnet.  Showing that no matter what operating system you use you still need to take precautions to ensure your system is secure.  Brian Kreb’s, as usual, has an excellent article on this operation.

Well done to TrendMicro, the FBI and the Estonian police for their work on this case.  A prime example of how sharing and working together we can eliminate threats.

A Sight for Sore Eyes

Posted on by

For those of us working in the field of information security the job can sometimes be very negative in its outlook. We are viewed as people who stop things.  We stop the hackers, we stop the viruses, we stop people having fun by blocking their favourite Internet sites and we sometimes get to stop projects that may not be secure enough. 

It can sometimes be disheartening to then read the news articles as to the latest threats, online criminal techniques or data breaches.  So it was today as I trawled through my news and RSS feeds until I saw that the Romanian Police and the FBI have arrested over 20 people suspected of being heavily involved in cybercrime.  The good thing about the story is the cooperation demonstrated between the police forces to bring these criminals to justice.  For too long criminals have been working on the assumption that international borders will protect them.  So it is good to see police forces working together to stop these people.

Now many of us when we picture hackers probably think of the stereotypical acne ridden, greasy haired geeky looking teenager.  Well thanks to the blog of Gary Warner, director of research in computer forensics at the University of Alabama, we get to see this footage of these criminals being arrested.  (note the video is in Romanian but worth the wait at the end to see these guys being hauled away).

Nice to put a face to the type of people we battle against each day.