The court of the Avtozavodsky district of Togliatti recently sentenced hacker Roman Lukin to four and a half years of probation for robbing one of the largest private banks in Turkey. According to Turkish bankers, he and his accomplice Ilya Baloga stole more than 500 thousand dollars from them.
Experts do not consider this case out of the ordinary. The current virtual world carries real dangers for our wallets. According to Kaspersky Lab, last year hackers’ earnings exceeded those of drug dealers for the first time.
Investigators from Togliatti found that hackers needed special equipment and programs to illegally get into the pockets of 75 clients of the Turkiye Garanti Bankasy Anonim Shirketi bank. Baloha, whom investigators call the leader of the group, was the one who splurged. The accomplices gained access to a desktop in a U.S. data center that provides many network services, and from there to the Turkish bank’s accounts.
In the coming year, the virtual world will not become less dangerous for users. At the beginning of 2008, experts’ expectations that attackers would use the holiday theme to infect users’ PCs were confirmed. According to Kaspersky Lab, before Valentine’s Day, the Internet was flooded by a wave of spam mailings with a link to a site where users were offered to download a postcard with an “exe” extension. After downloading it, malicious programs appeared in computers.
Spammers were generally creative when it came to holiday gifts. For example, as one of the presents for February 23, they heavily advertised the ensemble of drummers.
In February, spammers most often advertised medicines, health products and services (24.5% of the total volume), education (15.8%), recreation and travel (10.4%). They did not forget computers (4.4%) and legal services and auditing (4.3%).
One of the most common types of fraud were fake notices of lottery winnings and offers to get free gifts. The scheme of the theft is quite simple. When trying to register, the “lottery participant” was shown the amount of winnings and was offered to send a “free” SMS message to a short number in order to confirm his/her location (only recipients who are located in Russia or Ukraine can participate in the drawing). The funds for sending the SMS went to the fraudsters, and the “randomly selected participant” was left with only unfulfilled dreams of the coveted prize.
Experts note that the main driving motive behind the creation of new malicious programs (viruses, worms and Trojans) is not curiosity, self-assertion or simple hooliganism, but the desire to make money.
– Modern malicious programs provide their creators with the widest opportunities to generate criminal income – that’s what they are created for,” Alexander Gostev, a leading expert at Kaspersky Lab, told Trud. – Last year this trend practically led to the disappearance of “non-commercial” malicious programs: not a single notable epidemic or widespread malicious program of non-financial nature was observed in the world in 2007. In 2006, hooligan viruses were still making their presence felt, but this was apparently their swan song.
Last year, Kaspersky Lab registered more new malware than in the previous 15 years combined. There were twice as many as in 2006. The number of such programs is already in the millions. There is reason to believe that the number will double again this year.
– A special threat lurks in malicious programs for smartphones and other mobile devices,” continues the LC expert. – Now the number of such programs is hundreds of times lower than those written for PCs, but the rapid growth in the number of “smart” phones and the development of various paid mobile services make them an increasingly tempting target for virus writers. Today, the Symbian and Windows Mobile platforms are the main targets of virus writers. We should not forget about the very popular Apple iPhone and the upcoming open mobile platform Google Android: criminals will not ignore them.
CYBER RISK RATING
l Hacker DDoS attacks. As a result, websites and users’ computers are infected. Malware spreads instantly across the Internet. This is the most serious threat among hacker inventions today.
l Attacks on corporate and government structures. As a result, confidential information is stolen. The number of such attacks is growing year by year.
l Attacks on the new Windows Vista operating system. The system contains many vulnerabilities and bugs that allow hackers to steal information and infect computers.
l Spam. Today, it accounts for up to 94% of all incoming e-mail.
l Hacker tools. Allow for complex system hacking. They are freely available on the Internet.
ACCORDING TO SYMANTEC
Points
1. hacker. Originally – someone who makes furniture with an axe. An intruder who performs unauthorized actions in computer networks.
2. Spam. Messages that are mass-mailed to people who have not consented to receive them. The term “spam” refers primarily to e-mails containing advertising of one kind or another.
3. Utilities. Hacker utilities are designed to penetrate into remote computers and further control them or introduce malicious programs into them. In doing so, some utilities exploit vulnerabilities in operating systems or applications installed on the attacked computer. 4.
4. DoS programs. Attack remote servers by sending multiple requests to them. This leads to denial of service if the resources of the attacked server are insufficient to handle all incoming requests (DoS – Denial of Service).
DDoS programs (Distributed DoS) attack from different computers without the knowledge of their users. To do this, a DDoS program is sent by any means to the computer of the “victim-intermediary” and after launching it, depending on the current date or on a command from the “host” starts a DDoS attack.
5. Phishing (English – phishing, from password – password – and fishing – fishing). A type of Internet fraud aimed at obtaining user identification data. The organizers of phishing attacks use mass emails. In them, they insert links to fake sites that are exact copies of the real ones. Once on such a site, the user can provide valuable information to the criminals, allowing them to manage their account from the Internet.
SPAMMING LEADERS
Place Country Percentage of spam sent
1 USA 11.2
2 Russia 10.8
3 Poland 6.6
4 South Korea 6.4
5 Turkey 5.8
6 Germany 5.3
7 India 4.7
8 Spain 4.4
9 China 4.4
10 Great Britain 3.3
according to Kaspersky Lab data
Expert recommendations
Eugene Kaspersky, Head of Kaspersky Labs
RECOMMENDATIONS BY EUGENE KASPERSKY
– We cannot say that the situation for ordinary users is hopeless and that it is impossible to avoid virus threats without being an expert in computer security. Today there are a sufficient number of effective programs that can provide reliable computer protection not only from viruses, but also from direct attacks by hackers. An absolutely necessary component of protection is a modern antivirus, which regularly updates its antivirus databases via the Internet. In addition, it is not unreasonable to install a network screen (another name – firewall). If you are annoyed by unwanted advertising emails, one of the anti-spam solutions will help you cope with this problem. Many companies produce complex solutions that immediately include all these components – antivirus, firewall, anti-spam, etc. Of course, such a purchase will be more profitable than buying components separately, and such a solution will work faster and more reliable.
Well, the most important barrier against cybercriminals is in the head of each user. Remember that free cheese is only in a mousetrap, and be critical of everything that is offered to you for free on the network. Another tip: never post your personal data on the Internet, there is a high probability that your gullibility will be used by criminals. Remember that the Internet has long ceased to be an abstract virtual world and has become part of our lives with all the pros and cons that entails.
HACKER KLOPOV FACES 100 YEARS IN PRISON
The most famous Russian hacker Igor Klopov, arrested last year in the United States, faces up to 100 years in prison.
“Trud“ has already reported (”Klopov’s Bite”, August 18, 2007) about a group of computer hackers, which in addition to the Russian included several Americans. The criminals hacked into the databases of American billionaires. The hackers managed to steal 1.5 million dollars.
It is curious that Klopov climbed into the wallets of rich Americans, sitting in his Moscow apartment. During the last attempt, he was exposed. Klopov tried to pass himself off as Texas billionaire Samuel Wiley (354th place in the Forbes 2006 ranking) and place an order online at an American jewelry store. The order was worth several million dollars. The store employee decided to be on the safe side and called Wiley. He said he knew nothing about the deal. The police developed a scheme to catch the fraudster. Klopov was convinced that the purchase had taken place and invited to the States for the loot. In May 2007, he flew to New York, where he was arrested. Four of his accomplices were detained later. The gang members were charged with theft, money laundering and other crimes. According to Klopov’s Lawyer Bukh, the Russian hacker faces up to 100 years in prison.
PENTAGON HIT BY “TITANIUM RAIN”
NATO is preparing for cyber warfare. Such a statement was made at a congress held in London and dedicated to the fight against Internet crime (E-Crime). According to The Guardian newspaper, NATO experts started talking about cyber warfare after a number of high-profile international Internet attacks. Two of them took place last year. The first one resulted in the hacking of computer networks of the governments of Great Britain, Germany, India and Australia, as well as an attack on the Pentagon’s servers. Washington said that the action was carried out by a group of hackers from China (it was called “Titan Rain” – Titan Rain) and that it was patronized by the Chinese authorities. Beijing categorically denied these accusations. The second attack paralyzed the Estonian government’s computer network. The servers were attacked almost immediately after the relocation of a monument to a Soviet liberator in Tallinn. Estonian authorities attributed it to Russian hackers. However, the investigation did not confirm this version.
Source: https://www.trud.ru/article/26-03-2008/127272_ograblenie_ru.html