ATM thief sentenced after $1million theftSorin Condrache, a 36-year-old Romanian national, has been sent to prison by a court in Florida. Seventy months behind bars and a further three years of supervised release has been deemed an appropriate punishment for his role in a card skimming operation that targeted SunTrust Bank ATMs in Florida, Maryland, Georgia, Tennesee and North Carolina.The skimmers, which included card data recorders and pinhole cameras designed to capture PINs, helped the fraudsters obtain information that they could use to make counterfeit cards. The counterfeit cards were then used to withdraw a total of more than $900,000.China arrests Wooyun founderChinese authorities have arrested the founder (Fang Xiaodun) and nine other senior members of Wooyun, one of China’s largest ethical hacking communities. The website of the organisation has also been taken down by its members as a precautionary measure. Although, as of July 29th, the site was only supposed to be taken down for “the shortest possible time”, it remains offline.According to Zhao Zhanling, Internet Society of China's legal consultant, the charges that Wooyun is facing may not be related to criminal liability. Instead they are possibly for disclosing vulnerabilities of hacked websites. According to reports [1], Wooyun is a non-profit website, which helps organisations strengthen security by testing for vulnerabilities.Possible Yahoo data breach under investigationTech giant Yahoo is investigating a potential data breach as 200 million user accounts were uploaded to a Dark Web marketplace by a hacker using the pseudonym “Peace”. Usernames, hashed passwords and date of births appear to have been leaked.The credentials are being sold for three bitcoins ($1,838). Based on the sample, a number of the records correspond with real accounts, while others do not. However, this is to be expected if Peace’s claim that the records are from 2012 is accurate.In an interview an individual behind the “Peace” persona claimed to once have been part of a Russian hacking group that targeted major technology firms. Once the group reportedly split, data dumps from 2012/13 that were previously only shared with an "inner circle" started to appear online. These included 160 million accounts from LinkedIn, 100 million from Russian social media platform VK.com and 360 million from Myspace.Turkish hackers breach Chennai college websiteA hacking group from Turkey has claimed the breach DG Vaishnav College in Chennai’s website. The hack happened last week during one of the site’s busiest periods. Each time the college’s authorities tried to get the site up and running again, it was immediately re-hacked.A message left on the site by the group called redturk.org. read “Everyone will know the power of Turkish and Islam – How happy is the one who says I am Turkish - I think dear admin, you must close this site because this is fun-Hacked again/redturk.org”. It also displays the flag of redturk.org and of Turkey.B.Muthukumaran, a cyber expert and general manager, ITMR, Chennai said the attackers used the mass defacement tools to hack the website: “The attack might be retaliation for attacks by Indian hackers or they just intended to show their technical prowess or they just did it for fun”.Nigerian behind $60m scam arrestedA 40-year-old Nigerian known as “Mike” has been arrested in Port Harcourt, River State, after a joint Interpol and Economic and Financial Crimes Commission operation uncovered his/her role in scams totalling more than $60 million involving hundreds of victims worldwide.“The network compromised email accounts of small to medium scale businesses around the world including in Australia, Canada, India, Malaysia, Romania, South Africa, Thailand and the United States,” said Interpol.More details here [2].Android Trojan downloaded over 2.8 million times via Google Play StoreA new malware that has infected over 150 applications in Google Play, Android.Spy.305.origin [3], has been discovered by security researchers at Doctor Web.The Trojan is implemented as an advertising software development kit (SDK) that should enable developers generate income from application downloads. Affected applications range from live wallpapers to image catalogs, utilities, photo editors, radio applications, and other types of software. researchers say, 155 dangerous applications were created using the aforementioned SDK, and they were downloaded over 2.8 million times.When one of the compromised applications is launched, the malware attempts to connect to the command and control (C&C) server. When successfully connected, it receives a command to download another module, detected as Android.Spy.306.origin.According to Doctor Web, this module contains the malicious payload that Android.Spy.305.origin uses. This attempts to steal user information and send it to a remote server.More details here [4]. The Silobreaker TeamDisclaimer: Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.
[1] http://companies.caixin.com/2016-07-28/100972002.html?cxw=IOS&Sfrom=ShortMessage
[2] http://www.thisdaylive.com/index.php/2016/08/02/nigerian-behind-60m-internet-scam-nabbed/
[3] https://my.silobreaker.com/view360.aspx?item=11_1047276833#?q=Keyphrase:%22Android.Spy.305.origin%22&rd=true
[4] http://news.drweb.com/show/?i=10115&lng=en