The US Federal Reserve Board chairman has become the latest high-profile public figure to fall victim to identity theft.

Ben Bernanke, whose day job leaves him in charge of the US money supply, became the victim of fraud after a pick pocket stole his wife’s handbag from a Starbucks shop in Washington’s Eastern Market. Credit cards, cheque books, cash and a driver’s license were taken as a result.

This information was used to pass fraudulent cheques in Bernanke’s name. Despite his status in the banking industry, no immediate alarm bells appear to have rung. The fraud was eventually detected and linked to a wider bank fraud racket that led to the indictment of 22 suspects earlier this week. Mail theft, pickpocketing and corrupt insiders were all allegedly used by the gang in order to build up profiles on prospective marks before establishing fraudulent lines of credit.

Bernanke, via a spokesman at the Federal Reserve, commented on the ID theft, telling CNN: “Our family was but one of 500 separate instances traced to one crime ring.”

Public figures, despite their notoriety, are by no means immune to ID theft. Our favorite example in this category is an attempt by fraudsters to impersonate French president Nicolas Sarkozy. Stolen payment card details in Sarkozy’s name were reportedly used to make mobile phone subscription payments. Six people, including workers at a mobile phone store, were arrested over the alleged scam  in October

SOURCE: http://www.theregister.co.uk/2009/08/28/fed_chair_id_theft_scam/

LOS ANGELES (Reuters) — Actress Jessica Biel has overtaken Brad Pitt as the most dangerous celebrity to search in cyberspace, according to internet security company McAfee Inc.

For the third consecutive year, McAfee surveyed which A-list celebrity was the riskiest to track on the internet after Pitt topped the list last year and Paris Hilton in 2007.

Biel, 27, who shot to fame in the TV show 7th Heaven and most recently starred in Easy Virtue, was deemed the most dangerous, with fans having a one-in-five chance of landing at a website that has tested positive for online threats, such as spyware, adware, spam, phishing and viruses.

“Cybercriminals are star watchers too — they latch onto popular celebrities to encourage the download of malicious software in disguise,” McAfee’s Jeff Green said in a statement. “Consumers’ obsession with celebrity news and culture is harmless in theory, but one bad download can cause a lot of damage to a computer.

“Every day, cybercriminals use celebrities’ names and images, like Kim Kardashian and Rihanna, to lure surfers searching for the latest stories, screen savers and ringtones to sites offering free downloads laden with malware,” the statement added.

Coming second in the list for the second year running was pop star Beyonce, with McAfee finding that putting “Beyonce ringtones” into a search engine yielded a dangerous website linking to a distributor of adware and spyware.

Actress Jennifer Aniston was third, with more than 40 percent of the Google search results for “Jennifer Aniston screensavers” containing nasty viruses.

Young Hollywood stars Miley Cyrus, Ashley Tisdale and Lindsay Lohan all edged out Heidi Montag and Jessica Alba who appeared on last year’s list.

They also ranked higher than other young personalities including Twilight stars Robert Pattinson who came 30th and Kristen Stewart who was 20th, the Jonas Brothers, Taylor Swift, Lauren Conrad, Vanessa Hudgens and Zac Efron.

Megan Fox and Angelina Jolie tied as the eighth most dangerous celebrities on the web, while newlyweds Tom Brady and Gisele Bundchen came in fourth and sixth respectively.

However, President Barack Obama and First Lady Michelle Obama, who have featured on most celebrity list this year, were not at the top of risky public figures to search.

The Obamas ranked in the bottom third of this year’s results, at No. 34 and No. 39 respectively.

Brad Pitt came 10th in the list this year.

The top 15, according to McAfee, with their annotations:

- Jessica Biel – Major buzz about her figure and high-profile relationship with Justin Timberlake makes Jessica Biel an easy target for spammers and hackers. When “Jessica Biel screensavers” was searched, almost half of the sites were identified as containing malicious downloads with spyware, adware and potential viruses.

- Beyoncé – Beyonce tops the MTV Video Music Award nominee list and McAfee’s results as the most frequent, highly-ranked celebrity. Inputting “Beyoncé ringtones” into a search engine yielded a dangerous Web site linking to a distributor of adware and spyware.

- Jennifer Aniston – Hollywood’s favorite leading lady should be searched with caution. More than 40% of the Google search results for “Jennifer Aniston screensavers” contained nasty viruses, including one called the “FunLove virus.

- Tom Brady – The New England Patriot seems to attract many fans who want a free download of the athlete in action, but not the Trojan that comes with it, as identified by McAfee SiteAdvisor technology.

- Jessica Simpson - Jessica Simpson is as dangerous to search online as she is famous. Searching for “Jessica Simpson videos” can mislead unsuspecting surfers to sites with potentially damaging downloads.

- Gisele Bundchen – The world’s highest-paid supermodel is a popular target for cybercriminals. A search for “Gisele Bundchen photos” can direct users to red-ranked sites that breached browser security in McAfee’s tests.

- Miley Cyrus – Cybercriminals are using Web sites related to Miley Cyrus’ image to link to other harmful sites containing spyware.

- Megan Fox, Angelina Jolie – Both tabloid fixture Megan Fox and American icon Angelina Jolie resulted in an equal number of risky download Web sites, proving cybercriminals are in the business of capitalizing on the world’s most famous faces.

- Ashley Tisdale – The “High School Musical” star is a popular search term when it comes to searching for screensavers. A host of screensaver Web sites contained numerous malware-laden downloads.

- Brad Pitt – Appearing in the top spot last year, Brad Pitt fell towards the bottom of this year’s list, resulting in a few less, but just as dangerous, red and yellow-ranked Web sites.

- Reese Witherspoon – Risky Web sites were identified when searching for “Reese Witherspoon” and “Reese Witherspoon photos” promoting free files with hidden malware.

- Britney Spears - McAfee SiteAdvisor technology found a single site promoting free Britney Spears wallpaper that was embedded with more than 50 potentially infected downloads.

- Rihanna - Free Rihanna ringtones are some of the most sought after, but some shady vendors mislead those who subscribe by gathering and selling their personal information.

- Lindsay Lohan - McAfee SiteAdvisor flagged Lindsay Lohan screen saver sites as offering a combined 50+ free screen savers infected with Trojans, viruses and spyware.

- Kim Kardashian - The biggest reality star in recent months is now susceptible to Internet lurkers too. A search for Kim Kardashian wallpaper and screen savers generated numerous downloads veiled with malware.

SOURCE: http://www.wired.com/epicenter/2009/08/jessica-biel-tops-brad-pitt-as-internets-most-dangerous-search/

A mass compromise that has hit tens of thousands of English-language webpages is probably part of a much larger wave of attacks that’s been under way since June by a sophisticated band of criminals, a security researcher said Wednesday.

As reported Monday, the latest mass infection causes websites operated by health-care organizations, charities, and other groups to silently direct visitors to servers that host a potent cocktail of exploits. Since then, the number of pages has grown from about 57,000 to 70,000, said Mary Landesman, a researcher at ScanSafe, a company that protects end users from malicious websites.

Landesman has also discovered that the exploits and registration information for the domain names used in the attack bear a striking resemblance to two other mass compromises, including one from June that seized more than 3 million Chinese pages and exploited a previously unknown vulnerability in ActiveX components provided by Microsoft.

The revelation means the group behind the attacks is probably much better organized than previously believed.

“The fact that this was a compromise campaign to deliver a zero day, at least originally, certainly is cause for concern,” Landesman told The Register. “It gives an indication that it is possibly a more sophisticated level of criminal activity. That particular vulnerability was not something that had been widely publicized or known about.”

The mass compromise of the Chinese sites remains active, although the number of webpages has fallen to about 100,000.

A separate mass attack in July that compromised about 40,000 webpages of sites, mostly located in India, also bears the hallmarks of the same crew, Landesman said. All of them use SQL injection attacks to plant iframes in pages that, when visited, silently pull down malicious code from websites under the control of the attackers.

While the exploits are frequently different, similarities in the file names and domain names leads Landesman to conclude they have been perpetrated by the same people.

The analysis comes a day after a Google security researcher said the number of compromised websites the search giant tracks has more than doubled in the first seven months of this year.

On January 1, the number of entries in Google’s safe browsing malware list was a little more than 150,000. By the beginning of August, the number had mushroomed to more than 325,000. The list is used to warn users of the Google Chrome, Mozilla Firefox and Apple Safari browsers when they try to visit sites believed to contain malicious exploits.

SOURCE: http://www.theregister.co.uk/2009/08/27/mass_web_infection/

High-profile websites including Google, Facebook and Twitter have been targeted by hackers in what is described as a “massively co-ordinated attack”. Reports suggest the strike may have been aimed at a single user, pro-Georgian blogger known as Cyxymu. Twitter was taken offline for more than two hours whilst Facebook’s service was “degraded”, according to the firms. Google said it had defended its sites and was now working with the other firms to investigate the attack. “Google systems prevented substantive impact to our services,” the company said in a statement. The company has not confirmed which services were targeted in the attack, but it is thought that its e-mail service Gmail and and video site YouTube were under fire. “We are aware that a handful of non-Google sites were impacted by [an]… attack this morning, and are in contact with some affected companies to help investigate this attack,” the company said. Other sites such as blogging platform Live Journal were also reportedly targeted in the attack on Thursday. Twitter co-founder Biz Stone wrote on its own blog: “Twitter has been working closely with other companies and services affected by what appears to be a single, massively co-ordinated attack.”

He said that the motivation for the attack was unclear and that the company would “prefer not to speculate”.

However, Max Kelly, chief security officer at Facebook, told technology website CNET News that the attack was a strike targeted at a Georgian blogger known as Cyxymu.

“It was a simultaneous attack across a number of properties targeting him to keep his voice from being heard,” he told the website.

Friday marks one year since the outbreak of war between Russia and Georgia.

Writing on his blog, Graham Cluley of security firm Sophos said: “This raises the astonishing thought that a vendetta against a single user caused Twitter to crumble, forcing us to ask serious questions about the site’s fragility.”

Spam attack

The popular sites were subject to a so-called denial-of-service (DOS) attacks on Thursday, the companies believe.

DOS attacks take various forms but often involve a company’s servers being flooded with data in an effort to disable them.

“Attacks such as this are malicious efforts orchestrated to disrupt and make unavailable services such as online banks, credit card payment gateways, and in this case, Twitter for intended customers or users,” wrote Mr Stone.

These often use networks of computers – known as botnets -under the control of hackers.

The strategy is often employed by protestors against, for example, government websites, said Roger Thompson, chief research officer at security firm AVG.

“Those behind this latest attack may be using it as a means of highlighting the vulnerability of the sites we take for granted.

“There is no profit to be made from DOS and those who do carry out an attack like this will lose their botnet, showing there is no gain to be had.”

Some unconfirmed reports have suggested that it was not a DOS attack but the result of a spam campaign containing links to Cyxymu’s web pages on the various affected services.

Archived pages on Cyxymu’s blog claim he was victim to this sort of attack, known as a “Joe Job”.

But Mr Cluley said he didn’t think that was a likely scenario. “Most people wouldn’t have bothered clicking on the link,” he wrote.

“However, I think it is possible that the spam campaign was either run alongside the denial-of-service from compromised computers around the world, or that someone who wasn’t responsible for the Joe Job decided to wreak revenge on whoever they believed to have spammed them (and they might have imagined it was Cyxymu) by launching a DOS from their botnet.”

Protest tool

All of the affected services were keen to stress that user’s data had not been put at risk in the attacks.

“Please note that no user data was compromised in this attack,” wrote Twitter’s Biz Stone.

“This activity is about saturating a service with so many requests that it cannot respond to legitimate requests thereby denying service to intended customers or users.”

Twitter has had a meteoric rise since its launch in 2006.

A ComScore study suggests that Twitter had around 45 million users worldwide as of June 2009.

However, as many users interact with the service through mobile phones or third-party software, the actual number of users is likely to be higher.

However, that pales in comparison to Facebook, which claims to have 250m active users worldwide.

Both recently garnered worldwide attention when they were used by Iranians to co-ordinate demonstrations following the election of Mahmoud Ahmadinejad as president.

Many protesters believed there was electoral fraud and opposition leader Mir Hossein Mousavi should have won.

Twitter chose to delay upgrade work during the protests to allow communication to continue.

In a BBC interview, co-founder Evan Williams denied the move had been a response to a US state department request.

SOURCE: http://news.bbc.co.uk/1/hi/technology/8189162.stm

Gangs are stealing taxpayers’ passwords and submitting claims for tax refunds to be paid to them, HM Revenue and Customs has warned.

A series of attempted fraudulent claims through the self-assessment repayments system has been discovered.

No figures have been released outlining the extent of the fraud, but a HMRC spokesman said this was a new method of trying to extract money.

He urged people to ensure passwords sent to them by HMRC were kept secure.

“They should treat these details as carefully as they would a Pin for their bank account,” he said.

Attempt

More than 9.5 million taxpayers are in the self-assessment system, which was changed this year to encourage more people to submit their details via the internet.

Two-thirds of all filings for 2007-08 were submitted via the internet, rather than on paper.

When people apply to use the system they are sent a password through the mail which is then used when the taxpayer logs onto the HMRC website over the following 30 days.

However, fraudsters have been getting hold of these passwords and other personal details. This could have been by stealing the mail, tricking people out of the details or even finding the letters discarded in bins.

They then used these details to make fraudulent repayment claims, requesting funds be sent to other bank accounts.

The HMRC spokesman said this was different from so-called phishing e-mails which pretended to be from the tax authority and aimed to discover taxpayers’ banking details so their accounts could be raided.

Liability for any losses would be judged on a case-by-case basis, he added.

SOURCE: http://news.bbc.co.uk/1/hi/business/8186509.stm

Britons are more willing to cut back on holidays and meals out than on spending on communication technology during the recession, an Ofcom review suggests.

The watchdog’s annual report says spending on mobiles, the internet and TV is regarded as a higher priority than almost anything except food.

In a poll of 862 people, over 40% said they would save on holidays and eating out and 19% chose spending on mobiles.

Ofcom’s Peter Phillips said people were “more canny” about paying for services.

The study also highlights a major rise in the use of social networking websites.

Some 19m people in the UK, 50% of internet users, visit Facebook, spending an average of six hours a month on the site, it says.

This is an increase from four hours in May 2008.

The report said the proportion of 25 to 34-year-olds who said they had a social networking site profile grew by six percentage points in a year to 46%, while the figure also rose among 35 to 54-year-olds to 35%.

But the proportion of 15 to 24-year-olds with such a profile dropped from 55% from the first quarter of 2008 to the first quarter of 2009, the study added.

Ofcom researchers asked consumers where they were most likely to be cutting back on spending during the recession, as part of its communications market report.

Of those asked, 47% said going out for dinner, 41% said DIY and 41% holidays.

This compared with 19% who said they would cut back on mobile phone spending, 16% who said TV subscriptions and 10% who highlighted broadband services.

The report says the trend is supported by the fact communications are costing less, with longer, cheaper mobile phone contracts and the bundling of services such as television and internet at reduced prices.

Ofcom’s Peter Phillips said: “Despite the recession, people are spending more time watching TV, using their mobile phone or accessing the internet.

“They would rather do without meals out or holidays than give up their phone, broadband or pay TV package.

“Meanwhile, we are becoming more canny about the way we pay for these services.

“Almost half of us economise by taking a bundle of communications services from a single supplier, while one-fifth opt for cheaper mobile contracts which don’t include an expensive new phone.”

Catch-up TV boost

The report’s other findings include:

• In May 2009, consumers spent an average of 25 minutes a day online at home – up from nine minutes in 2004
• Average household spending on internet services fell in real terms between 2007 and 2008
• Nearly a quarter of households, 23%, were watching catch-up TV online in 2008, compared with 17% in 2007
• This was driven by the BBC iPlayer, with 15% of internet users, 5.2 million, watching the service in 2008
• Overall take up of broadband across the UK reached 68% of households by the end of the first quarter of 2009, up from 58% on the previous year
• In May of this year there were more than 250,000 new mobile broadband connections, up from 139,000 new connections in May 2008.

Ofcom also published a report into communications in the nations and regions, which showed take up of services was rising rapidly.

Use of broadband in Scotland was up from 53% to 60%, in Northern Ireland take up rose from 52% to 64%, and in Wales from 45% to 58%.

SOURCE: http://news.bbc.co.uk/1/hi/uk/8186127.stm

One of Israel’s main political parties has shut down its website following an attack by Palestinian hackers, according to reports.

Attackers on the official Kadima website posted images of wounded Palestinians and the aftermath of suicide bombings in Israel.

Slogans in both Hebrew and Arabic were also placed on the site, including threats to party leader Tzipi Livni.

The website was back online early Thursday morning.

The Jerusalem Post, quoting an Israel Army Radio report, said the pictures included one of Livni, with the words “We promise you – we’re coming”.

According to AP news agency, the hacked web page was signed Gaza Hacker Team.

The images were removed shortly after the attack and the site was then shut down. It was brought back online at about 0830 BST.

Kadima, a centrist political party that favours a two-state solution to the Middle East conflict, is the largest party in the Israeli parliament.

It was unable to form a government, and is currently in opposition.

SOURCE: http://news.bbc.co.uk/1/hi/technology/8187002.stm

The White House’s acting cyber-security tsar has resigned from her post, according to the Wall Street Journal.

Melissa Hathaway told the paper she was leaving for “personal reasons” and would return to the private sector.

The former strategist was appointed as acting national cyber-adviser in February and was expected to be offered the post of full time.

President Barack Obama has said that cyber-security is a high priority for his administration.

In May, the President announced plans for securing American computer networks against cyber attacks.

In recent years, US government and military bodies have reported attempts to infiltrate systems by hackers.

He announced the creation of a cyber-security office in the White House, and said he would personally appoint a “cyber-tsar”.

Ms Hathaway was widely regarded as the person to fill that post after taking on the role as acting senior director for cyberspace for the National Security and Homeland Security Councils in February.

In April she completed a review of cyber-security for the Obama administration.

At the time, Ms Hathaway said the job ahead was “a marathon, not a sprint.”

Her successor has not yet been named by the White House.

SOURCE: http://news.bbc.co.uk/1/hi/technology/8182931.stm

The buyers and sellers converse cheerfully in the international language of commerce: negotiating prices, swapping samples, issuing quality assurances and loyalty discounts. One vendor, a Russian, offers a Chinese customer free translations of the product’s instruction manual; another promises “friendly technical support”.

It is here, in this polite, super-exclusive online marketplace, that the world’s most dangerous cybervillains plot to make your life a misery and get fabulously rich in the process. This is where your debit card PIN is bought and sold, your e-mail inbox engorged with spam, your identity touted to the highest bidder and the company you work for blackmailed or incapacitated.

From here, a rogue IT engineer can sell access to the tills of 50 high street stores or a Taiwanese factory worker can be bribed to install spy software in a dozen credit card readers. Botnets, trojans, worms — and worse — are fomented here.

Forums such as this, say analysts of cybercrime, have become the hubs of a £30 billion-a-year global industry that in 2008 alone spirited nearly 300 million items of supposedly secure information from the internet.

On one such forum, to which The Times gained access, a seller offers eBay accounts that appear to have impeccable reputations and 100 per cent buyer satisfaction levels — a disguise that could be used to perpetrate multiple frauds across the globe. Another is offering, for $10 (£6), a list of 30,000 “clean” British e-mail addresses that have not yet received spam and would therefore make easy targets. Skype accounts are also available, at a charge of 50 per cent of whatever financial gain the customer is able to make from them.

Over the past 18 months there has been an unprecedented growth not just in the volume of data theft, but in the sophistication of the attacks.

The problem, explained Bryan Sartin, head of the investigative response team at the US-based IT company Verizon Business, is that black-market forums have done their job too well: supply-and-demand economics have imposed themselves with catastrophic success. With the market now saturated with available data on tens of millions of credit card accounts, the online cost of a single credit card has plunged from $16 to 50 cents in a few months.

The glut of credit card information has prompted the hackers to go in quest of more valuable data loot, Mr Sartin said. The big money now is in stealing PINs and mothers’ maiden names along with the associated accounts. This has led to the successful execution of complex attack strategies previously thought only theoretically possible, he said.

The leap in sophistication of cybercrime is clear from the amount of verbal traffic on the forums. Analysts at TrendMicro, a Japanese company specialising in internet security, watched as a vendor sold software that can defeat the “breaker” programs that enable websites to differentiate between a human user and an automated disseminator of spam.

Verizon Business investigators watched an online auction for software that would give access to a particular cash register in a particular US branch of a large fast-food chain. Any time a customer used a debit or credit card to pay for their burgers, the PIN data would be diverted to the criminals. The hacking software eventually sold for $60,000.

Along with the complexity of the data heisting, the profile of the hackers has changed too. The dominance of the Russian Business Network — a much-feared association of cybercriminals rumoured to enjoy official protection in Moscow — has given way to new players, many operating from China.

This trend has accelerated as companies in the developed world have increasingly outsourced elements of their businesses to China. Stuart Witchell, senior vice-president of FTI-International Risk, an Asian-based risk consultancy, said that while hackers represent a significant threat to businesses, many data breaches are carried out by company insiders.

Investigators of one recent spate of PIN thefts believe that the enabling “sleeper” code was inserted into the software of a batch of credit card readers produced in a Chinese electronics factory on behalf of a European company.

Raimund Genes, the chief technical officer of TrendMicro, whose main business is protecting companies against viruses and other forms of online assault, says that since 2007 the average number of new “malware” samples his company has to process each month has risen from 270,000 to more than one million.

Mr Genes fears that the online cybercrime marketplaces have become so sophisticated that it may soon be impossible for the likes of TrendMicro and government agencies to penetrate them effectively.

“In the past, we were able to watch the market extremely closely, but that is getting difficult because the bad guys know we are monitoring them,” he said. “They have developed an eBay of the underground, where the buyers and sellers have reputations. As a seller, you have to prove that your software works, but as a buyer you have to show that you have used the information to commit a crime. Without doing that, you can’t access the higher layers of the forum where the really good stuff is being sold.”

SOURCE: http://www.timesonline.co.uk/tol/news/world/asia/article6735085.ece