Friday, November 4, 2016

Ne’er-Do-Well News and Cyber Justice

Way back in the last millennium when I was a lowly copy aide at The Washington Post, I pitched the Metro Section editor on an idea for new column: “And the Good News Is…” The editor laughed me out of her office. But I still think it’s a decent idea — particularly in the context of cybersecurity — to periodically highlight the good news when people allegedly responsible for spewing so much badness online are made to face justice.

NCA officials lead away a suspect arrested in this week's raids. Image: NCA.

NCA officials lead away a suspect arrested in this week’s raids. Image: NCA.

In the United Kingdom this week, 14 people were arrested on suspicion of laundering at least £11 million (~USD $13.7M) on behalf of thieves who stole the money using sophisticated banking Trojans like Dridex and Dyre. A statement issued by the U.K.’s National Crime Agency (NCA) said 13 men and a woman, aged between 23 and 52, were arrested in the roundup, including a number of foreign nationals.

The NCA warned in a report released this year that cybercrime had overtaken traditional crime in the United Kingdom. According to the U.K.’s Office of National Statistics, there were 2.46 million cyber incidents and 2.11 million victims of cybercrime in the U.K. in 2015.

Also in the U.K., 19-year-old Adam Mudd pleaded guilty to operating and profiting from Titanium Stresser, an attack-for-hire or “booter” service that could be hired to knock Web sites offline. When U.K. authorities arrested Mudd at his home last year, they found detailed records of the attack service’s customers and victims, which included evidence of more than 1.7 million attacks. Prosecutors say Mudd launched the service when he was 15 years old.

TitaniumStresser[dot]net, as it appeared in 2014.

TitaniumStresser[dot]net, as it appeared in 2014.

As I noted in this 2014 story, the source code for Titanium Stresser was later used by miscreants with the Lizard Squad hacking group to power their Lizard Stresser attack service. Happily, two other 19-year-olds were arrested earlier this month and accused of operating the Lizard Stresser attack service. It’s nice to see authorities here and abroad sending a message that operating booter service can land you in jail, full stop.

Back stateside, a Florida man has pleaded guilty to hacking and spamming the world with ads for online pharmacies and other businesses eager to buy dodgy customer leads. Timothy Livingston, 31, acknowledged that he and his company — aptly named “A Whole Lot of Nothing LLC” — earned more than $1.3 million using countless hacked email accounts and huge collections of compromised computers to rely the junk missives.

Livingston could hardly be a better caricature of the typical spammer. Living in Florida (Boca Raton) and lavishly spending his ill-gotten gains on a flashy lifestyle. As part of his plea, Livingston agreed to forfeit $1,346,442, as well as a 2009 Cadillac Escalade and a 2006 Ferrari F430 Spider.

A 2006 Ferrari F430 Spider. Image: Flickr, via Davocano.

A 2006 Ferrari F430 Spider. Image: Flickr, via Davocano.



from
https://krebsonsecurity.com/2016/11/neer-do-well-news-and-cyber-justice/

No comments:

Post a Comment