Tag Archive for: Crimes

Hackers are threatening to leak World-Check, a huge sanctions and financial crimes watchlist

/in


A financially motivated criminal hacking group says it has stolen a confidential database containing millions of records that companies use for screening potential customers for links to sanctions and financial crime.

The hackers, which call themselves GhostR, said they stole 5.3 million records from the World-Check screening database in March and are threatening to publish the data online.

World-Check is a screening database used for “know your customer” checks (or KYC), allowing companies to determine if prospective customers are high risk or potential criminals, such as people with links to money laundering or who are under government sanctions. The hackers told TechCrunch that they stole the data from a Singapore-based firm with access to the World-Check database, but did not name the firm.

A portion of the stolen data, which the hackers shared with TechCrunch, includes individuals who were sanctioned as recently as this year.

Simon Henrick, a spokesperson for the London Stock Exchange Group, which maintains the database, told TechCrunch: “This was not a security breach of LSEG/our systems. The incident involves a third party’s data set, which includes a copy of the World-Check data file. This was illegally obtained from the third party’s system. We are liaising with the affected third party, to ensure our data is protected and ensuring that any appropriate authorities are notified.”

LSEG did not name the third-party company, but did not dispute the amount of data stolen.

The portion of stolen data seen by TechCrunch contains records on thousands of people, including current and former government officials, diplomats, and private companies whose leaders are considered “politically exposed people,” who are at a higher risk of involvement in corruption or bribery. The list also contains individuals accused of involvement in organized crime, suspected terrorists, intelligence operatives and a European spyware vendor.

The data varies by record. The database contains names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers, and more.

World-Check is currently owned by the London Stock Exchange Group following…

Source…

Hackers are threatening to publish a huge stolen sanctions and financial crimes watchlist

/in


A financially motivated criminal hacking group says it has stolen a confidential database containing millions of records that companies use for screening potential customers for links to sanctions and financial crime.

The hackers, which call themselves GhostR, said they stole 5.3 million records from the World-Check screening database in March and are threatening to publish the data online.

World-Check is a screening database used for “know your customer” checks (or KYC), allowing companies to determine if prospective customers are high risk or potential criminals, such as people with links to money laundering or who are under government sanctions. The hackers told TechCrunch that they stole the data from a Singapore-based firm with access to the World-Check database, but did not name the firm.

A portion of the stolen data, which the hackers shared with TechCrunch, includes individuals who were sanctioned as recently as this year.

Simon Henrick, a spokesperson for the London Stock Exchange Group, which maintains the database, told TechCrunch: “This was not a security breach of LSEG/our systems. The incident involves a third party’s data set, which includes a copy of the World-Check data file. This was illegally obtained from the third party’s system. We are liaising with the affected third party, to ensure our data is protected and ensuring that any appropriate authorities are notified.”

LSEG did not name the third-party company, but did not dispute the amount of data stolen.

The portion of stolen data seen by TechCrunch contains records on thousands of people, including current and former government officials, diplomats, and private companies whose leaders are considered “politically exposed people,” who are at a higher risk of involvement in corruption or bribery. The list also contains individuals accused of involvement in organized crime, suspected terrorists, intelligence operatives and a European spyware vendor.

The data varies by record. The database contains names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers, and more.

World-Check is currently owned by the London Stock Exchange Group following…

Source…

Maltese suspected hacker to be extradited to United States for computer malware crimes

/in


A Maltese man is waiting to be extradited to the United States after an operation by the Maltese police assisting the FBI in investigations led to his arrest.

Daniel Joe Meli, who is 27 years old is believed to have worked with people who are not Maltese in connection with the sale of illegal malware on the dark web. The accused, who is from Żabbar, was also said to have been involved in mentoring services on a hack forum, an internet forum for hacker culture and computer security.

The malware, a remote access trojan or RAT, is used by criminals to gain access to computers and servers and control their operation. The police said there were several victims in the United States who had fallen prey to this RAT, with no reported victims in Malta so far.

Meli’s social media profiles suggests that he used to work with Air Malta as a check-in agent, and that he now works with Aviaserve.

The investigations in Malta, overseen by the police cybercrime unit, were initiated following a request for assistance from the United States, which indicated that the prime suspect in the sale of this RAT is Maltese.

Investigations revealed the identification of the Maltese suspect and his association with other criminals who are not Maltese and do not reside in Malta.

The suspect was arrested at his workplace in Gudja on 7 February, and during searches conducted at various locations related to the suspect, numerous items linked to this investigation were seized.

The 27-year-old man appeared in court on Thursday afternoon before Magistrate Dr. Giannella Camilleri Busuttil LL.D, to begin extradition proceedings to the United States, where he will face charges before the American court.

He has consented to extradition and is being held in custody at the Correctional Facility in Kordin.

In connection with this investigation, a Nigerian accomplice, residing in Nigeria, was also arrested.

Operations in various countries related to the same illegal malware trade on the dark web were being coordinated by Europol, involving several other states, including the Australian Federal Police, the Canadian Police, Croatian Police, Finnish Police, Dutch Police, Romanian Police, German Police, and Nigerian…

Source…

Ex-CIA Officer Imprisoned For ‘Heinous Crimes Of Espionage’

/in


CIA 3d rendering of American flag cyber

iStockphoto

Ex-CIA officer Joshua Adam Schulte sent to prison for “committing some of the most brazen, heinous crimes of espionage in American history.”

The 35-year-old Schulte was sentenced to 40 years in prison for crimes of espionage, computer hacking, contempt of court, and making false statements to the FBI.

Schulte was employed by the CIA as a software developer in the Center for Cyber Intelligence (CCI) from 2012 to 2016.

“Mr. Schulte severely harmed U.S. national security and directly risked the lives of CIA personnel, persisting in his efforts even after his arrest,” Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division, said in a statement.

In March 2016, Schulte was moved within branches of CCI as a result of personnel disputes between Schulte and another developer. Following that transfer, in April 2016, Schulte abused his administrator powers to grant himself administrator privileges over a development project from which he had been removed as a result of the branch change. Schulte’s abuse of administrator privileges was detected, and CCI leadership directed that administrator privileges would immediately be transferred from developers, including Schulte, to another division. Schulte was also given a warning about self-granting administrator privileges that had previously been revoked.

Schulte had, however, secretly opened an administrator session on one of the servers before his privileges were removed. On April 20, 2016, after other developers had left the CCI office, Schulte used his secret server administrator session to execute a series of cyber-maneuvers on the CIA network to restore his revoked privileges, break in to the backups, steal copies of the entire CCI tool development archives (the Stolen CIA Files), revert the network back to its prior state, and delete hundreds of log files in an attempt to cover his tracks. Schulte’s theft of the Stolen CIA Files is the largest data breach in CIA history.

From his home computer, Schulte then transmitted the Stolen CIA Files to WikiLeaks, using anonymizing tools recommended by WikiLeaks to potential leakers, such as the Tails operating system and the…

Source…