Analysis

Trends and Analysis

Cybercriminals Will Target Apple In 2016, Say Experts

Image copyright Getty Images Image caption ...

US Embassy Worker Hacked For Sex Images

Image copyright Thinkstock Image caption Ford committed the crimes while working at the US embassy in London A former US official has admitted stalking women and extorting sexually explicit material from them after hacking into their emails.Michael Ford, who worked in the American embassy in London, pleaded guilty to nine charges of cyber-stalking, seven of computer hacking to extort and one of wire fraud.He preyed on sorority members at US universities and aspiring models.Ford used the details he learned after hacking the women to find new victims.Women undressingThe 36-year-old, from Atlanta, in the American state of Georgia, posed as technical support staff from a well-known email company and sent phishing messages to thousands of potential victims.Pretending to be a member of the non-existent account-deletion team, he told them their accounts would be closed unless they sent him their passwords.He then accessed their email and social media accounts in search of explicit photos and other personal information, such as home and work addresses, employment information and details about family members.He used that information to demand additional sexually explicit material, such as videos of the women undressing in changing rooms at pools and shops.Explicit photos If they refused, Ford would respond with escalating threats that included messages such as: "Don't worry, it's not like I know where you live."He also posted explicit photos of the women online or sent them to friends and family.Between January 2013 and May 2015, while employed at the embassy, he hacked into more than 400 online accounts belonging to at least 200 victims and forwarded at least 1,300 messages to himself from those accounts.Arrested in May at Atlanta's airport, preparing to board a flight to London, he was charged in August and had initially pleaded not guilty in September.He will be sentenced on 16 February 2016. The cyber-stalking and hacking charges each carry a maximum of five years in prison, while the wire fraud charge carries up to 20 years in prison. Each of the 17 charges is punishable by a fine of up to $250,000 (£165,000).

Hacked Independent Blog Is Churning Out Malware

A BLOG PAGE ON THE WEBSITE OF UK newspaper The Independent has been accused of giving readers access to ransomware. Trend Micro brings the breakfast-ruining news, and says that the newspaper has a problem with malvertising and the TeslaCrypt ransomware terror. It seems that it is the use of WordPress - a thing we often hear has security issues – is at least part of the problem, as is out-of-date Flash software. "The blog page of one of the leading media sites in the United Kingdom, The Independent has been compromised, which may put its millions [really?] of readers at risk of getting infected with ransomware," it reports. "We have already informed The Independent about this security incident. However, the site is still currently compromised and users are still at risk. It should be noted that only the blog part of the website - which uses WordPress - is impacted; the rest of The Independent's online presence seem unaffected." We have attempted to get in contact with the paper, but this has proved harder that we expected, although we will keep trying. In a statement to the BBC, the newspaper's management managed to reveal that it has dropped advertising on some pages as part of a clean-up operation. "It appears that an advert appearing on that blogsite may have included malware," said a spokesman. "There is no suggestion or evidence that any of our users have been affected by this." Trend Micro says that The Independent is routing people away from the potentially poisoned pages and redirecting them to the main site. It adds that the page was open and serving the malware as recently as Tuesday, and has been for a good few weeks. "Based on my investigation, since at least November 21, the compromised blog page redirected users to pages hosting the said exploit kit," explained Joseph C Chen, a fraud researcher with Trend Micro. "If a user does not have an updated Adobe Flash Player, the vulnerable system will download the Cryptesla 2.2.0 ransomware". µ

Cryptolocker Ransomware: What You Need To Know

A new version of Cryptolocker—dubbed Cryptolocker 2.0—has been discovered by ESET, although researchers believe it to be a copycat of the original Cryptolocker after...

Cybercrime Exposed: Cybercrime-as-a-Service (McAfee)

There’s no doubt that cybercrime is on the increase. That is the message from multiple sources across both the public and private sectors. Indeed,...

The World of Financial Trojans (Symantec)

Financial institutions have been fighting malware that targets online banking for over ten years. During that timeframe, banks have had to evolve their security...