News briefs: The latest breaches, malware and hacktivist activities

Share this article:
»Spammers have amassed the first-known Android botnet, which consists of compromised devices running on all the major U.S. mobile networks. The botnet is grown when users unwittingly install a malicious game app that contains the SpamSoldier trojan – malware capable of blocking incoming and outgoing texts from unknown numbers in case users or mobile service providers try to alert victims of their spamming. 

»A Hayden, Idaho-based hospice is the first health care organization to be fined for sustaining a breach that affected fewer than 500 individuals. The Hospice of North Idaho (HONI) will pay the U.S. Department of Health and Human Services (HSS) $50,000 to avoid more costly penalties for violating the Health Insurance Portability and Accountability Act of 1996 (HIPAA) due to a 2010 incident when an unencrypted laptop was stolen containing the sensitive data of 441 patients. In the past, HHS has gone after companies that experienced larger breaches – those that occurred at HIPAA-covered entities involving 500 or more individuals – which must be reported to HHS within two months.

»Members of the Carberp crime network returned to the market, pricing the banking malware at $40,000 per trojan kit. RSA researchers found that Carberp perpetrators began offering the trojan again in December; it had been sold last in February 2011 in closed online forums for $10,000. The botnet, among the world's largest banking networks detected at that time, was believed to have caused $4.5 million in loses as of 2011, primarily impacting users in Russia.

»Barrett Brown, one of the public faces of the online collective Anonymous, pleaded innocent to all 12 charges filed against him in connection with the theft of credit card information from Austin, Texas-based intelligence firm Stratfor. Brown, 31, is accused of possessing and posting a link to credit card information allegedly stolen by Anonymous in the 2011 attack. If found guilty, Brown, who is not accused of taking part in the intrusion, could face 40 years in prison.

»A Turkish certificate authority (CA) accidentally issued two intermediate, or chained, digital certificates, one of which was used by the holder to mimic legitimate websites. This prompted browser makers Google, Microsoft and Mozilla to revoke trust in the offending certs issued by the company, named TURKTRUST. It's unclear who was targeted or behind the attacks, which permits the cert holder to potentially spy on communications and steal credentials. 

»A hacktivist group thought to be behind earlier attacks against the financial industry claimed responsibility for outages affecting nine U.S. bank websites. The campaign, part of a distributed denial-of-service (DDoS) operation that began last fall, is being led by the Martyr Izz ad-Din al-Qassam Cyber Fighters, which said it staged the attacks in protest of anti-Muslim film, Innocence of Muslims. Website disruptions allegedly affected JPMorgan Chase, Bank of America, Citigroup, Wells Fargo, U.S. Bancorp, PNC Financial Services Group, BB&T, SunTrust Banks and Regions Financial Corp from late 2012 into this year. On Dec. 21, the Office of the Comptroller of the Currency (OCC), a regulating body for national banks, issued an alert about the apparent uptick in DDoS attacks being waged in the industry.

Share this article:

Sign up to our newsletters

More in News

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.

Report: DDoS up in Q4 2013, vulnerability scanners leveraged to exploit sites

Report: DDoS up in Q4 2013, vulnerability scanners ...

Researchers observed 346 DDoS attacks in the final quarter of 2013 and attackers used Vega and Skipfish vulnerability scanners to exploit web flaws at financial companies.