Hack Blotter

FROM THE EDITORS AT CYBERSECURITY VENTURES

Q1 2017

HackBlotter.com provides chief information security officers (CISOs), IT security teams, and the cyber community with a quarterly diary of noteworthy cybercriminal investigations, apprehensions, arrests and convictions.

CRIME WATCH

Cybercrime arrests lead to more prison sentences for hackers globally

ATM hacks and cyberpolice takedowns persist.

bradcaseyheadshotBrad Casey

Menlo Park, Calif. – Mar. 31, 2017

Arrests and convictions for cyberattacks on citizens, email and social media accounts, banks, retailers, and airports persisted in the first quarter of 2017.

Numerous perpetrators were nabbed in connection with ATM hacks, which continue to be a lucrative target for cybercrooks.

“As we noted at the end of last year, local police and government cybercrime squads continue to invest heavily into the pursuit, capture, and arrest of hackers” says Steve Morgan, founder and Editor-In-Chief at Cybersecurity Ventures.

RAP SHEET

March

Mar. 25.  Pakistani woman arrested under Pakistan’s new cybercrime law for blackmailing others via social media.  First female arrested under new law.

Mar. 23.  Israeli police arrest 19-year-old Israeli-American hacker for various bomb threats against Jewish Community Centers nationwide.  Law enforcement won’t comment on motive.

Mar. 21.  Evaldas Rimasauskas arrested for tricking various companies and individuals into wiring over $100 million to numerous bank accounts under his control.  Accused allegedly carried out his attacks via phishing scams.

Mar. 21.  Jamaican activist arrested under Jamaica’s Cybercrime act.  Arrested accused alleged perpetrators of sexual violence on social media.

Mar. 21.  Cybercrime detectives in India arrest 2 members of Hyma Consultancy firm for taking semi-nude videos of another woman at the firm.  

Mar. 21.  Computer Science student from Isabela State University arrested in CAUAYAN CITY, Philippines for credit card scam.  Accused allegedly developed fake bank websites to lure victims into giving credit card information.

Mar. 21.  Cybercrime unit of Papua arrests 3 suspected of running an online gambling site.  Gambling apparently illegal in Papua.

Mar. 20.  Twenty-nine Nigerians arrested in Ghana for engaging in cyber fraud.  Group may have diversified their resume by committing murder as well.

Mar. 17.  Dallas police arrest man for sending malicious GIF to journalist Kurt Eichenwald via Twitter.  GIF contained strobe light that induced seizure.

Mar. 15. Two Russian Spies and two hackers arrested due to linkage to the infamous Yahoo intrusion of 2013.  Extradition of spies questionable.

Mar. 15.  “Kolypto” extradited from Norway and arraigned before a U.S. judge.  Accused of developing and maintaining Malware-as-a-Service software, Citadel.

Mar. 10.  Three arrested in Kenya by Cybercrime unit for hacking several banks in country.  Banks fear customers will begin panic withdrawals due to lack of confidence in bank security.

Mar. 9.  Gang of bank hackers arrested in Nairobi.  2 Americans among those arrested.

Mar. 7.  Man from Ft. Myers arrested by FBI for holding San Diego software company ransom.  Many allegedly took company’s website offline and refused to bring it back up until a bribe was paid.

February

Feb. 24.  British hacker, BestBuy, arrested for taking down of sites such as Twitter and Reddit.  Suspect arrested as he was about to board plane in London.

Feb. 24.  Florida man pleads guilty to computer hacking charges.  At the time of arrest, accused claimed he was investigating financial links between various charities and jihadists groups.

Feb. 23.  British hacker of Deutsche Telekom routers arrested.  Approximately 900,000 routers taken off line.  Mirai malware suspected.

Feb. 17.  Ukranian hacker who fraudulently sent heroin to home of Brian Krebs sentenced to 41 months in prison.  Accused called cops after heroin arrived at house.

Feb. 16.  Ukranian hacker receives 41 months in prison for stealing usernames and passwords.  Sentencing was done in federal court in New Jersey.

Feb. 16.  Louisiana man sentenced to 34 months in prison for hacking into former employer’s computer system.  Must also pay back $1 million in damages.

Feb. 10.  Turkish hacker convicted for hacking ATMs around the globe.  Wanted millions in cash, but instead received 8 years in U.S. prison.

Feb. 10.  Alexander Tverdokhlebov arrested in Los Angeles for hacking various bank accounts.  Caught by law enforcement after they began to monitor online chats.  Apparently, Tverdokhlebov was very chatty.

Feb. 9.  American youth from Pittsburgh confesses to computer hacking attempt against Brussels Airport night after airport bombing of March 22, 2016.  Authorities say the hacking attempt was unsuccessful.

Feb. 8. Nine Russians arrested from several different regions across Russia in connection with hacking group Lurk.  Members alleged to have stolen approximately $17 million from bank accounts.

Feb. 4.  British man and woman arrested in London for hacking CCTV cameras in Washington D.C. one day before President Trump’s inauguration.  Couple may have had a problem with making America great again.

Feb. 4.  Mumbai police raid residence in Vasant Kunj.  Accused charged with defrauding city-based event manager through fraudulent online transactions.

Feb. 3.  U.S. Capitol Police investigating activities of several IT contractors who worked for various U.S. Congressmen.  IT access already pulled for 5 individuals.

Feb. 2.  Three Russian cyber security experts charged with treason.  Kremlin will not reveal the basis for said charges.

Feb. 1.  Infamous hacker, Phineas Fisher, may be among 3 arrested by Spanish police for allegedly hacking the Catalan police union.

January

Jan. 31.  Arrested former St. Louis Cardinal’s executive throws curveball into the MLB hacking investigation by claiming that the Houston Astros had previously hacked into the Cardinal’s computer system.  

Jan. 27.  Five international cyber criminals arrested for hacking various ATMs around the globe.  Group began the hack by sending spear phishing emails to unsuspecting bank employees.

Jan. 25.  Four hackers arrested at 5-star hotel in India for electronically stealing vouchers from sites such as Amazon, Domino’s Pizza, and Flip Kart.  

Jan. 25.  Three European hackers arrested and sentenced to 5 years in Taiwanese prison for hacking ATM network of First Commercial Bank.

Jan. 24.  Celebgate hacker receives 9 months in prison for hacking the iCloud and Gmail accounts of various celebrities, to include Jennifer Lawrence and Kaley Cuoco.

Jan. 21.  Russian hacker arrested in Spain.  Suspected of stealing information to millions of credit and debit cards.

Jan. 19.  Customers at various Popeye’s Chicken restaurants in Houston have credit card information stolen.   

Jan. 14.  21-year old hacker Zachary Shames shows off his James Madison University education by selling Keylogger tool to over 3,000 people.  Then gets arrested.

Jan. 10.  Brother and sister duo arrested in Italy for hacking email accounts to various political leaders and financial power brokers.  Motive undetermined.

Jan. 10.  Bitcoin exchange operator sentenced for JP Morgan Chase hack.  Receives 12-and-a-half years.

Jan. 9.  Securities and Exchange Commission granted preliminary injunction and asset freeze against 4 Chinese hackers accused of illegally reaping $4 million from insider knowledge gained after hacking computer systems of New York law firms.  Computer systems contained information pertaining to pending corporate deals.

Jan. 6.  Justin Liverman pleads guilty to hacking AOL account of former CIA Director John Brennan.  Legal team of the accused wonders why Brennan isn’t held accountable for allowing himself to be hacked.

Jan. 3.  Miami college student finds time during her studies to cyberstalk a California woman.  Will have to postpone her studies until she completes 22-month prison sentence.

Jan. 3.  Person who hacked into actress, Kareena Kapoor’s, tax information arrested by Mumbai Cyber Cell.  Accused wanted Kapoor’s number.  Instead receives book thrown at him.

Stay tuned for the Q2 2017 edition of the Hack Blotter.

Brad Casey is a freelancer writing about any and all things IT and cybersecurity related.

grayfooterline

Q4 2016

HackBlotter.com provides chief information security officers (CISOs), IT security teams, and the cyber community with a quarterly diary of noteworthy cybercriminal investigations, apprehensions, arrests and convictions.

CRIME WATCH

Local law enforcement agencies invest into new cybercrime units and labs

bradcaseyheadshotBrad Casey

Menlo Park, Calif. – Jan. 3, 2017

Cyber crooks were caught and convicted for hacks on airports, banks, governments, hospitals, and universities during the last quarter of 2016. The perpetrators included a former Marine, a slew of teenagers, solo hackers and hacktivists, and organized cybercrime groups in the U.S. and internationally.

Millions of dollars were invested into new cybercrime units in Atlanta, Ga. and New York City — which are aiding in investigating and prosecuting cybercriminals.

“We expect to see more cyber combat units opening and expanding across the U.S.” says Steve Morgan, founder and Editor-In-Chief at Cybersecurity Ventures. “Street criminals have shifted to the web, and the local police are catching up” adds Morgan.

RAP SHEET

December

Dec. 29. Former Shelton, Conn. high school student was arrested and charged with computer crimes in the third degree after launching DDoS attacks through a cell phone.

Dec. 27. Nine teenaged hackers associated with Anonymous hacktivism arrested in Thailand.

Dec. 27. Cyber security meets securities fraud as 3 Chinese hackers charged by Manhattan U.S. Attorney’s Office.

Dec. 26. Thai hackers seek revenge for new cybercrime law by hacking government systems.  Thai officials seek revenge by arresting them.

Dec. 21. Saudi hacking group hacks Netflix and Marvels Entertainment Twitter accounts.  

Dec. 20. A new Atlanta cybercrime unit will be aiding in prosecuting cybercriminals who hack into private networks and steal proprietary data, according to the U.S Attorney’s Office Northern District of Georgia.

Dec. 19. The U.S. Department of Justice reports 3 Romanian Nationals allegedly infected more than 60,000 computers, sent out over 11 million fraudulent emails and stolen at least $4 million.

Dec. 18. Nigerian hacker arrested for hacking Los Angeles County email system.  Personally identifying information of approximately 750,000 possibly exposed.

Dec. 15. One arrested for hacking applications for Honk Kong toymaker, VTech.  Personally identifying information of approximately 200,000 children possibly exposed.

Dec. 14. Culprit in largest theft of customer bank data arrested at John F. Kennedy Airport as he returns from overseas.

Dec. 13. Thirty-four suspects arrested in 13 countries in massive DDoS-for-hire-scam.  Many suspects were teenagers.

Dec. 13. 17-year-old sentenced to 12 months rehabilitation after hacking British telecom as a 16-year-old.  Hack done with an iPhone.

Dec. 13. Bulgarian man who used GozNym malware as part of a bank fraud scheme brought before U.S. Federal Court in Pittsburgh.

Dec. 12. 5 arrested by FBI and Europol in take down of Avalanche phishing network.  Millions of computers infected prior to take down thanks to double fast flux method.

Dec. 8. 17-year-old evil genius sentenced to four years in Massachusetts state custody for leading a group of villainous hackers.

Dec. 7. Bahamian hacker who stole unreleased celebrity sex tapes sentenced to 5 years in federal prison by judge in U.S. Southern District of New York.

Dec. 5. Aaron Glende, a.k.a. IcyEagle, of Winona, Minn. was sentenced to 4+ years for selling stolen login credentials on the dark web – including usernames and passwords to bank accounts.

Dec. 4. Alleged hackers Office of Personnel Management arrested by Chinese government.  Whether hack was directed by Chinese government still unclear.

Dec. 1. U.S. and European officials put five key suspects in custody as part of a cybercrime takedown involving a group accused of causing hundreds of millions of dollars in losses worldwide.

November

Nov. 28. 19-year-old autistic Australian arrested for hack of air traffic control system at Tullamarine Airport.  One plane forced to abort scheduled landing during the hack.

Nov. 26. Rangers arrest 4 individuals associated with hacking group that commits millions of dollars worth of financial fraud.

Nov. 25. Fifth arrest made in conjunction with TalkTalk hack when police arrest 18-year-old in Wales.

Nov. 25. Hacktivist, Deric Lostutter pleads guilty to illegally accessing a computer without authorization when he attempted to bring attention to sexual assault case involving 2 of Steubenville High School’s athletes.

Nov. 18. 3 hackers arrested for mobile upgrade scam against mobile operator Three customers.  Database containing personally identifying information of 8.8 million customers possibly exposed.

Nov. 17. A $10 million 17,000 square foot cybercrime lab has opened in the Manhattan (NYC) District Attorney’s office. The lab is involved with investigating cybercrime and identity theft.

Nov. 14. 31-year-old man with Aspergers syndrome extradited to U.S. for stealing data from FBI, NASA, and Federal Reserve.

Nov. 10. Former Marine arrested for conducting a man-in-the-middle attack against Google Maps and the FBI.  Recorded private phone conversations in the process.

Nov. 4. Jonathan Powell, 29, was arrested by the FBI for trying to hack approximately 2,000 email accounts at two universities in the New York City area.

Nov. 4. 14 arrested, mostly in London, for conducting massive cyber bank fraud scam.  11 million Euros laundered.

Nov. 2. Arizona man arrested for hacking email accounts at 1 university in New York and another in Pennsylvania.  Also tried to hack 75 other universities.

Nov. 2. Commanding Officer of NYPD’s 10th Precint reports a significant uptick in grand larcenies over the last 28-day period — comprised largely of cyber crime.

Nov. 2. Former teen Canadian hacker serving 4-year prison sentence for hacking U.S. federal agencies.

October

Oct. 31. Ryan Collins sentenced to 18 months in jail after hacking 50 iCloud accounts of celebrities.  Some celebrities included Jennifer Lawrence and Kirsten Dunst.  

Oct. 31. Arizona man arrested for DDoS-ing 9-1-1 emergency system by utilizing JavaScript exploit.

Oct. 28. Dwayne Cartouche Hans Jr, of Richland, Washington arrested after stealing $134,000 from a bank.  Utilized Home IP address, and personal e-mail account in scam.

Oct. 26. 29-year-old Russian hacker arrested in Prague after hacking LinkedIn and Dropbox.

Oct. 24. Martin Gottesfeld charged with DDoS-ing Boston Children’s Hospital and Wayside Youth Family Support.  Claims he did it to fight the wrongful treatment of children.

Oct. 19. Russia demands that suspected LinkedIn hacker be returned home to Russia.

Oct. 17. Justice Department charges Ardit Ferizi with stealing personal information of military troops and passing the information along to ISIS.  Believed to be the leader of Kosova Hacker’s Security.

Oct. 14. You could be arrested for bringing a Samsung phone onto an airplane. You can’t even place your phone in checked luggage.

Oct. 13. Chinese hackers arrested at the request of U.S. government for hacking U.S. businesses.

Oct. 11. Perpetrator in world’s largest bank hack arrested in Russia.  Extradition process a little hazy.

Oct. 11. Hacker of Hillary Clinton’s illicit email server transferred from U.S. to Bucharest where he will serve a separate sentence for hacking in Hungary.  

Oct. 10. 2 Dutch members of hacking group Lizard Squad charged with hacking in Chicago District Court.  Suspected of hacking Playstation and Xbox Live networks during Christmas 2014.

Oct. 7. After being fired from the IT department of Lucchese Bootmaker, ex-employee hacks into company server and essentially shutsdown network.  Arrested by FBI.  

Oct. 5. Indonesian man arrested in Jakarta after displaying porn on digital public billboard.  Accused claims it was an accident.

Stay tuned for the Q1 2017 edition of the Hack Blotter.

Brad Casey is a freelancer writing about any and all things IT and cybersecurity related.

grayfooterline

© 2016-2017 Cybersecurity Ventures. All rights reserved. Federal copyright law prohibits unauthorized reproduction of this Report by any means and imposes fines up to $150,000 for violations. Reproduction in whole or in part in any form or medium without expressed written permission of Cybersecurity Ventures is prohibited.