Romanian Hackers Breached 500k Australian Credit Cards

In a news information from ExtratTorrent site Australian authorities have verified that the Romanian hackers have somehow managed to steal over $25,000,000 from 500,000 Australian credit cards.  According to the report  there are only four people involved in the crime and they are still at large.

The country’s Federal Police is currently working with international law enforcement agencies an attempt to arrest the organized hackers. The intrusion seems to have come after the attackers took out a number of merchants whose individual computer systems appeared to be compromised.

Media data say that there’s indications that the same hacker group has been responsible for a hack of the American chain of Subway restaurants.

Four citizens of Romania have now been charged over millions of dollars in credit card fraud that affected around 80,000 bank customers. The so-called “syndicate” used to find its targets by simply scanning the site for vulnerable point of sale terminals. The Australian Police claimed that the borderless nature of this criminal act would definitely initiate much of the new head aches for the law enforcement authorities. The matter is that not only do the police need to co-operate with other police forces, but also require international and private sector co-operation in order to track and to take down the criminals.

However, this is obviously not easy to work. The police officers can’t take down the cyber criminals because they are searching even softer victims with local chippies with unsafe point of sale machines than the attackers do with either banks or supermarket chains. So, the bank customers are still under threat, and the police can’t promise the safety for their money.

Tips for a Secure Internet Banking

Internet banking users should carefully monitor Trojan Spyware attacks because they can lead to financial fraud on their online accounts.

Kasikornbank recommends its K-Cyber Banking users take the following precautionary measures before conducting any financial transactions:

- You must always check the third-party account number and/or name shown in your opt-in SMS message to make sure the third-party information is correct before entering the OTP (one-time password) to confirm the transaction.

If your computer is infected with a Trojan, the instruction sent to the K-Cyber Banking system as well as information shown on the computer screen will be altered by the virus.

- You must always check the third-party account number and/or name shown in the e-mail confirmation sent to you from K-Cyber Banking after each transaction is completed.

If you find any irregularity in the OTP SMS or e-mail, you should immediately call the K-Contact Centre (02-888-8888) to suspend your K-Cyber Banking service until you are certain the Trojan has been eliminated from your computer.

- You should set your preferences to let the system notify you by e-mail every time you log in to K-Cyber Banking.

- In order to minimise risks from Trojans on your computer, you should follow security tips shown on the log in page. For example, regularly update your computer programmes (for example, operating systems, browers, and antivirus programmes), do not click on any URL links in any e-mails to access the bank's online banking system, and do not visit any dubious websites or run any suspicious programmes.

KBank said if customers follow its security measures, they will not be asked to participate in any security tests.

Therefore, users must not follow any requests to enter their user ID and password, especially by OTP SMS sent to their mobile phones to perform security testing.

read the rest of the story at BangkokPost

WARNING: New Android Malware

A new piece of malware is trying to take advantage of Opera's popularity as a mobile browser alternative on Android smartphones. Cybercriminals have created a new variant of Opfake that bundles the real Opera Mini version 6.5 so as to further mask what the malware is actually doing (earning its creators money from unsuspecting users by sending international text messages). GFI, which first discovered the malware, is calling this particular threat Trojan.AndroidOS.Generic.A. The package is named "com.surprise.me" while the file name is "opera_mini_65.apk" (both can easily be changed).

As you can see above, two sets of "Permission to Install" pages are displayed during installation. The first (above in the middle), comes from the malware itself: it asks for read and modify rights to all SMS and MMS messages, read rights to all contacts stored on the smartphone, modify or delete rights to the SD card, and so on. The second (above on the right) one appears once users agree to install the first, which is simply the permissions required for the legitimate Opera Mini browser.

This particular threat is interesting because it shows that OpFake is evolving. Instead of trying to mimic a popular app, OpFake now simply installs the real version. As a result, the user is less suspicious that something is wrong. "More than likely, users will not be aware that something might have infiltrated their phones until the bill arrives," a GFI spokesperson said in a statement.


Read the rest of the story at ZDNET