News briefs: The latest breaches, malware and hacktivist activities»Spammers have amassed the first-known Android botnet, which consists of compromised devices running on all the major U.S. mobile networks. The botnet is grown when users unwittingly install a malicious game app that contains the SpamSoldier trojan – malware capable of blocking incoming and outgoing texts from unknown numbers in case users or mobile service providers try to alert victims of their spamming.
»A Hayden, Idaho-based hospice is the first health care organization to be fined for sustaining a breach that affected fewer than 500 individuals. The Hospice of North Idaho (HONI) will pay the U.S. Department of Health and Human Services (HSS) $50,000 to avoid more costly penalties for violating the Health Insurance Portability and Accountability Act of 1996 (HIPAA) due to a 2010 incident when an unencrypted laptop was stolen containing the sensitive data of 441 patients. In the past, HHS has gone after companies that experienced larger breaches – those that occurred at HIPAA-covered entities involving 500 or more individuals – which must be reported to HHS within two months.
»Members of the Carberp crime network returned to the market, pricing the banking malware at $40,000 per trojan kit. RSA researchers found that Carberp perpetrators began offering the trojan again in December; it had been sold last in February 2011 in closed online forums for $10,000. The botnet, among the world's largest banking networks detected at that time, was believed to have caused $4.5 million in loses as of 2011, primarily impacting users in Russia.
»Barrett Brown, one of the public faces of the online collective Anonymous, pleaded innocent to all 12 charges filed against him in connection with the theft of credit card information from Austin, Texas-based intelligence firm Stratfor. Brown, 31, is accused of possessing and posting a link to credit card information allegedly stolen by Anonymous in the 2011 attack. If found guilty, Brown, who is not accused of taking part in the intrusion, could face 40 years in prison.
»A Turkish certificate authority (CA) accidentally issued two intermediate, or chained, digital certificates, one of which was used by the holder to mimic legitimate websites. This prompted browser makers Google, Microsoft and Mozilla to revoke trust in the offending certs issued by the company, named TURKTRUST. It's unclear who was targeted or behind the attacks, which permits the cert holder to potentially spy on communications and steal credentials.
»A hacktivist group thought to be behind earlier attacks against the financial industry claimed responsibility for outages affecting nine U.S. bank websites. The campaign, part of a distributed denial-of-service (DDoS) operation that began last fall, is being led by the Martyr Izz ad-Din al-Qassam Cyber Fighters, which said it staged the attacks in protest of anti-Muslim film, Innocence of Muslims. Website disruptions allegedly affected JPMorgan Chase, Bank of America, Citigroup, Wells Fargo, U.S. Bancorp, PNC Financial Services Group, BB&T, SunTrust Banks and Regions Financial Corp from late 2012 into this year. On Dec. 21, the Office of the Comptroller of the Currency (OCC), a regulating body for national banks, issued an alert about the apparent uptick in DDoS attacks being waged in the industry.