Tag Archive for: Fraudulent

MalwareTech’s legal defense fund bombarded with fraudulent donations

/in

Enlarge / Marcus Hutchins. (credit: Bloomberg via Getty Images)

Marcus Hutchins, the popular British security researcher, has a new legal headache beyond the criminal charges against him.

Hutchins, AKA “MalwareTech,” pleaded not guilty two weeks ago to criminal charges in Wisconsin that accuse him of creating and distributing the Kronos malware that steals banking credentials. Now comes word that his legal defense fund was riddled with illicit donations.

At least $ 150,000 in donations originated from stolen credit cards or fake credit card numbers, according to Tor Ekeland, a  criminal defense attorney who is not on Hutchins’ defense team. Ekeland, who became popular in hacking circles for successfully defending Andrew “weev” Auernheimer, had started a legal fund on Hutchins’ behalf.

Read 7 remaining paragraphs | Comments

Biz & IT – Ars Technica

Watch out! App Store scammers are earning MILLIONS through fraudulent software – Komando

/in

Komando

Watch out! App Store scammers are earning MILLIONS through fraudulent software
Komando
The Apple App Store is still considered one of the safest places from which to download your mobile apps. Apps are curated, reviewed and any security concerns are almost always immediately addressed by Apple. However, there's new emerging scheme …

and more »

mobile security – read more

Attackers could use Internet route hijacking to get fraudulent HTTPS certificates

/in

Inherent insecurity in the routing protocol that links networks on the Internet poses a direct threat to the infrastructure that secures communications between users and websites.

The Border Gateway Protocol (BGP), which is used by computer network operators to exchange information about which Internet Protocol (IP) addresses they own and how they should be routed, was designed at a time when the Internet was small and operators trusted each other implicitly, without any form of validation.

If one operator, or autonomous system (AS), advertises routes for a block of IP addresses that it doesn’t own and its upstream provider passes on the information to others, the traffic intended for those addresses might get sent to the rogue operator.

To read this article in full or to leave a comment, please click here

Network World Security

Chrome, Firefox, IE to block fraudulent digital certificate

/in

Google, Microsoft and Mozilla announced on Jan 3 that they are revoking trust in two digital certificates accidentally issued by Turkish certificate authority (CA) TURKTRUST. When you start talking about another CA fiasco, there are many people whose eyes glaze over when reading technical details because they know it’s bad, but really have no idea why it is so dangerous for digital certificates that…
Ms. Smith’s blog