Cybercrime stories

[Al-khiyal]

MySpace hoax leads to suicide, but no laws broken

ST. CHARLES, Missouri, December 3, 2007 (AP) - No criminal charges will be filed against people who sent cruel Internet messages to a 13-year-old girl before she committed suicide, the St. Charles County prosecutor said Monday.

The parents of Megan Meier of Dardenne Prairie, who hanged herself last year, said her suicide came minutes after she received mean messages through the social networking site MySpace.

County Prosecutor Jack Banas said at a news conference there was no applicable statue to file charges in the case. Banas said he looked at laws related to stalking, harassment and child endangerment, but found no repeated incidents of threats to someone's life or health, and no organized conspiracy.

A police report said that a mother from the neighborhood and her 18-year-old employee fabricated a profile for a teenage boy online who pretended to be interested in Megan before he began bullying her. The police report indicates others gained access to the profile, and it is not clear who was sending Meier messages just before her death.

Banas said based on additional interviews, the fake MySpace page was not created by the mother of one of Megan's friends. He said the page was created by the 18-year-old employee, though the mother and her 13-year-old daughter knew about the page. He said he was unable to speak directly with the 18-year-old, whom he said has been hospitalized for psychiatric treatment.

After the case became public, Missouri Governor Matt Blunt asked lawmakers to review state law to see if changes were necessary to better deal with cases that involve Internet bullying. Some municipalities have also considered or passed statutes to strengthen laws that deal with Internet harassement.

No charges in MySpace suicide case

[gn4dz]

Satellite.jpg By Ahmed Fathy, IOL Staff

IOL has taken precautionary measures to head off potential attacks, including a special software a radar-like Internet tool.

CAIRO — Just a week after its launch, IslamOnline.net's educational hajj program on Second Life has come under an attack that reflected a rising Islamophobia in the virtual world.

"We heard on Wednesday, December 11, an avatar at Al-Haram Al-Makki area pleading for help," Frozen Fire, a member of IOL's educational hajj program, told IOL's correspondent in the Internet-based virtual world.

"We then rushed to the Hajj Information Center to find a number of griefers encircling it."

Frozen Fire said the griefers (Persons who are harassing others by using any offensive language or doing subversive or immoral acts in Second Life) started making several insults about Islam and Muslims.

"They said, 'we will not leave this place unless this island is shut and Muslims are out,' and 'we are fed up with Muslims in Second Life. They must leave this world immediately,'" the virtual hajj guide recalled one of the attacker as shouting.

The griefers also inundated the hajj training area for Second Life Muslim visitors, with pornographic materials and slogans reading "Hey Muslims, sop racism".

More and more, they briefly seized the 3D-modelled area and did not let Muslim avatars in before IOL's hajj team rushed to the area and forced the attackers out.

Second Life, created in 2003 by the American Linden Research, Inc., is entirely built and owned by its booming population of over 11 million registered, active users.

In the animated world, real people use their avatars to "live" alternate identities in a virtual community, complete with homes, cars, shopping malls and a virtual currency, known as Linden Dollars. (One US dollar has been stable since February 2007 at L$2.60)

Within Second Life, there are two main methods of text-based communication: local chat, and global instant messaging known as IM. The latter is used for private conversations, either between two avatars (residents) or among the members of a group.

Rising Islamophobia

Muslim avatars said the latest anti-Muslims attack is evidence on rising Islamophobia in the graphics-based, earth-like world.

"It is an attempt to destroy any Muslim feature (in Second Life)," said Abdullah AlFord.

"It is unjustified Islamophobic attack," added a Muslim preacher in Second Life, requesting anonymity.

Only a few days after its launch, IOL's Ramadan tent inside Second Life was the target of two attacks of intended destruction and vandalism.

Now, the IOL hajj team has taken precautionary measures to head off potential attacks, including a special software a radar-like Internet tool.

Since its launch on December 6, IOL's educational hajj program on Second Life has drawn nearly 7,000 visitors.

The program is designed to be as accurate to real life as possible, giving visitors a feeling of the real hajj experience.

One of the five pillars of Islam, hajj starts this year on Monday, December 17, with some two million white-clad pilgrims moving into the arid valley of Mina in a ritual known as "Yawm at-Tarwiya."

Hajj will climax on Tuesday when the pilgrims climb Mount `Arafat, asking for God's forgiveness.

Every able-bodied adult Muslim — who can financially afford the trip — must perform hajj, at least once in their lifetime.

Second Life Hajj Program Attacked

[Al-khiyal]

DETROIT, January 4, 2008 (AP) - A man described as one of the nation's most prolific senders of spam e-mail was among 11 people accused in an indictment unsealed Thursday of defrauding people by manipulating Chinese stock prices.

Alan Ralsky, 52, of suburban West Bloomfield Township, made about $3 million through the scheme in summer 2005 alone, U.S. Attorney Stephen Murphy said.

Federal agents seized computers, computer disks and financial records in a raid on Ralsky's home in September 2005. But Ralsky, who said at the time that he had gathered at least 150 million e-mail addresses, was not arrested then.

In a 41-count indictment, Ralsky and the other defendants sent tens of millions of e-mail messages to computers worldwide, trying to inflate prices for Chinese penny stocks. The defendants then sold the stocks at inflated prices, Murphy said.

The defendants used a variety of illegal methods "that evaded spam-blocking devices and tricked recipients into opening, and acting on, advertisements in the spam," Murphy said in a news release.

The indictment also alleges that the defendants tried to send spam using "botnets" - networks of computers that have been infected with malicious software coding that in turn would instruct infected computers to relay spam, the release said.

Spam is the sending of unwanted bulk e-mails touting goods and services. Ralsky is considered to be one of the nation's most prolific spammers, sending tens of thousands of e-mails to Internet users every day, authorities said.

"A lot of people don't ignore or delete spam," Murphy told reporters. "Unsuspecting people can be duped ... that they were looking at legitimate stock tips."

Ralsky's son-in-law, Scott Bradley, 46, of West Bloomfield Township, and Judy Devenow, 55, of Lansing were arraigned Thursday on charges of conspiracy, fraud in connection with electronic mail, computer fraud, mail fraud and wire fraud.

A third defendant, Hon Wai John Hui, 49, of Vancouver, British Columbia, and Hong Kong, was arrested at Kennedy Airport in New York and was expected to be brought to Michigan within days, Murphy said. Murphy's office did not return telephone messages inquiring whether Bradley, Devenow or Hui had lawyers.

Seven other defendants remained at large, including Ralsky, who was believed to be in Europe. His attorney, Philip Kushner of Cleveland, told The Detroit News that Ralsky would surrender to federal authorities in a few days.

"We didn't know that an indictment was coming," Kushner said. "Mr. Ralsky intends to fight these charges, which are brought under a new federal statute that has not been interpreted by the courts."

A message seeking comment was left with Kushner by The Associated Press.

The other defendants named in the indictment are from California, Arizona and Russia.

Conviction on the most serious charges, mail fraud and wire fraud, carries as many as 20 years in prison and a $250,000 fine. Other charges include money laundering, fraud in connection with electronic mail and computer fraud.

The government also seeks forfeiture of real estate, brokerage accounts, bank accounts and life insurance policies worth a combined $2.7 million.

Ralsky has been a target of anti-spam efforts for years.

Verizon Communications Inc. sued him in 2001, saying he shut down its networks with millions of e-mail solicitations. He settled in 2002 and promised not to send spam on its networks to more than 1.6 million customers in 40 states.

A federal law that took effect in 2004 bans the use of misleading subject lines and the sending of commercial e-mail messages that appear to be from friends. It also bans use of multiple e-mail addresses or domain names to hide senders' identities.

The FBI raided Ralsky's house in 2005, with agents seeking evidence that Ralsky and Bradley used at least 14 domain names to send commercial e-mail.

Purported spammer accused of stock fraud

[Al-khiyal]

The evolution of CyberCrime Inc.

PARIS, April 6, 2008: There is no storefront or corporate headquarters for Cybercrime Inc., but savvy salesmen in a murky, borderless economy are moving merchandise by shilling credit card numbers - "two for the price one."

"Sell fresh CC," promised one salesman who offered teaser credit card numbers for samples in New Jersey and Canada. "Visa, MasterCard, Amex. Good Prices. Many countries!!!!!"

Electronic crime is maturing, according to security experts, and with its evolution, clever criminals are adopting conventional approaches that reflect cold business sense - from supermarket-style pricing to outsourcing to specialists acting as portfolio managers, coders, launchers, miners, washers and minders of infected "zombie" computers.

"It's a remarkable development of a whole alternative business environment that's occurred over the last couple years," said Richard Archdeacon, a senior director of global services for Symantec, an Internet security company with 11 research centers around the world tracking crime trends. "What's been so astonishing is the speed with which it's developed and the effect with which the market has grown and matured."

In the United States alone, victims of reported Internet fraud lost $239 million in 2007, with average losses running about $2,530 per complaint recorded by a special Web-based hot line operated by the FBI and the National White Collar Crime Center, a nonprofit corporation focusing on electronic crime.

The most common frauds were fake e-mail messages and phony Web pages and the crimes were organized from the United States, England, Nigeria, Canada, Romania and Italy, according to an FBI report issued last week.

Yet despite the increasing sophistication and elusiveness of e-criminals, judges remain reluctant to order much jail time for computer crime, according to some national law enforcement officials and such major companies as Microsoft.

A case in point is Owen Thor Walker, a self-taught computer wizard from New Zealand who, at 18 years old, pleaded guilty last week to criminal charges arising from his development of a vast international network of individual computers that he had hijacked and infected with hidden software or "malware" and remotely controlled.

In the parlance of the trade, he was a "bot herder" who offered his "robot network" for hire to a company in the Netherlands to covertly install their adware. Walker's borderless network first surfaced in an FBI investigation of a computer attack in 2006 that caused the crash of a computer server at the University of Pennsylvania in the United States. The FBI singled out a Pennsylvania student in the attack who ultimately led investigators to Walker, nicknamed Akill.

Walker's sentencing is scheduled for late May, but the judge on the case indicated that he would consider community detention and work release or some home detention for punishment of the teenager, who suffers from Asperger Syndrome, a mild form of autism marked by poor social skills and compulsive behavior.

"Most of the time it's very difficult for a judge to understand what's going on and what the risks are," said Eric Loermans, chief inspector of a Dutch high-tech crime unit, noting though that private companies that are not satisfied can also take civil action against offenders.

Loermans was part of the Council of Europe's cybercrime forum in Strasbourg last week to develop guidelines for closer international cooperation between law enforcement and Internet service providers. More than 200 people representing government agencies and private companies from the Europe, the United States, Africa and South America participated in the conference.

Many came from countries where the police are regrouping: like India, where officers in New Delhi are being sent for cybercrime training in e-mail tracking and digital fraud; or the Netherlands, where the government is spending €14 million, or $22 million, over the next four years on its fight against cybercrime.

The Dutch plainclothes high-tech unit now numbers about 25 people, but the police are also in the process of developing training programs for everyone on the staff down to the officer on the beat, according to Loermans.

"Years ago, we saw cybercrime as a speciality," he said. "Now we have added cybercrime in every form of police training, so we are raising the level of the entire Dutch police force. There's no crime anymore where there are no digital components built in."

The aim is to keep up with an age-old game of cat-and-mouse that is accelerating, with newly emerging tools like the "fast flux" that allows cybercriminals to hide the national location of spamming and phishing Web sites, which surface for minutes on a bot computer in one country before moving within minutes to another infected bot in another country. Phishing is a method of fraudulently acquiring sensitive information, like passwords and credit card numbers, using digital communication.

The advantage of fast flux, according to experts, is that attackers can register a child-pornography site or a fake bank that is not tied to a single domain that can be tracked and shut down. The flux techniques were used in phishing frauds this year that targeted bank customers in England where criminals created fake bank sites mimicking Barclays and Halifax banks and requested personal information.

David Roberts, chief executive of the Corporate IT Forum, which represents 150 companies in Britain, said his group was pressing for a single confidential channel where corporate security chiefs could report cybercrimes. The Conservative Party in Britain has lately seized on the issue, promising a dedicated "e-crime" police unit and the creation of a new government position, a "cybercrime minister."

As it is now, Roberts said that major companies rarely reported crimes because they wanted to protect their own reputation. And he said they might deal with it discreetly in other ways, perhaps by simply paying nuisance attackers to go away.

"Their only recourse at the moment is to quite literally go to their nearest police station and report the crime to the local police constable," Roberts said, adding that the local police are "very good on physical criminals and household thefts and burglaries, but electronic crime is not part of their curriculum."

The fast-flux technique, Roberts said, was a further illustration of how online crime has evolved. "They are professional, large, well organized and they are best called companies."

Microsoft, which has its own teams of private investigators to monitor and combat cyberthreats to the company, is now taking a more "holistic" approach to confront electronic fraud by financing conferences and training programs.

"It's just not sufficient to bring cases to police," said Jean-Christophe Le Toquin, an Internet safety director for Microsoft in Europe, the Middle East and Africa. "It's not sufficient to have conferences on cybercrime. What you have to do is both of these things and then offer training to judges on cybercrime so that the parliament, the police, the judges are all trained at the same time."

Microsoft is also turning its lawyers toward another flaw in e-commerce called typosquatting by challenging individuals for trademark infringement who register domain names with misspelled versions of the Microsoft name to make money from unsuspecting computer users through pay-per-click advertisements.

Last year, according to the company, it recovered more than 2,000 names.

[Al-khiyal]

Web firm sounds alert on criminal data trove

LONDON, May 6, 2008 (Reuters) - A Web security firm said on Tuesday it had tipped off international banks and police after finding a huge trove of stolen business and personal data amassed on a server in the space of just three weeks.

Finjan Inc said it had notified the U.S. Federal Bureau of Investigation, police in various countries and more than 40 financial institutions in the United States, Europe and India about the discovery of the so-called "crimeserver".

"This server was running for about three weeks and within this period it managed to collect 1.4 gigabytes of data. It is indeed the largest treasure we've found in this very short time," Yuval Ben-Itzhak, chief technology officer of the California-based firm, said in a phone interview from Israel.

The stolen data consisted of 5,388 unique log files including 1,037 from Turkey, 621 from Germany, 571 from the United States, 322 from France, 308 from India and 232 from Britain.

It included company personnel files, insurance details, social security numbers, medical records, credit card details and exchanges of confidential business email, in one case including details of a pending court case.

Ben-Itzhak said it was striking that the crimeserver itself was not security-protected, meaning anyone could potentially have accessed it over the Internet.

"The server was not secure at all. It indicates that these people that are doing the crime today, they are not security experts, they are not computer science experts.

"They are people who are buying the crime toolkits ... software packages that hackers, the smart people, are selling," he told Reuters.

"The person that operated this server had no clue on security, he had no clue about how to configure a Web server. He just took a ... toolkit and started to use it and in three weeks he managed to have this fortune, this treasure on his server."

The crimeserver had a 'command and control' application that enabled the user to define what types of target to infect with 'trojan' software.

"Online statistics reports are included in this command and control. They can tell you who you managed to infect; where they are coming from; if the trojan that is now installed on their machine is sending you data, how much data you're getting - you get all these online reports as well."

The hosting server was located in Malaysia and the Web domain was registered to a Russian individual with a Moscow address. Ben-Itzhak said this could not be validated because domains can easily be registered in false names.

He said the discovery highlighted a growing trend for criminals to target commercial data. Details of pricing, company policies and stock-sensitive earnings results were all at risk.

"It's not just individuals at home doing their online banking and someone is stealing their password...The big picture is these criminals are looking for business data."

[Al-khiyal]

No charges in MySpace suicide case

Woman charged over MySpace hoax linked to suicide

May 15, 2008 -- A federal grand jury in California indicted a suburban St. Louis mother on Thursday (May 15) for her alleged role in an Internet hoax against a 13-year-old neighbor who committed suicide. According to the Associated Press, Lori Drew was charged with one count of conspiracy and three counts of accessing protected computers without authorization for her part in an alleged bid to get information that was used to inflict emotional distress on Megan Meier.

In December, Missouri prosecutors decided not to file charges against Drew, citing a lack of evidence, but federal authorities in California took up the case because it involved actions that allegedly took place on the computer servers of MySpace, which is a subsidiary of Beverly Hills-based Fox Interactive Media Inc.

Meier committed suicide in October 2006 after being dumped online by a 16-year-old, whom Drew is alleged to have helped create by setting up a fake MySpace account, according to the AP.

Meier's mother said the teen had been on medication but had been upbeat in the six weeks prior to her death, in part as a result of striking up a relationship with a boy she came to know as Josh Evans. She learned that he was born in Florida and had recently moved to a neighborhood near Meier's. He said that he was homeschooled but didn't have a home phone number he could give her yet. Tina Meier said Megan received a message from Josh on October 15 saying he didn't want to be her friend anymore and that he'd heard she wasn't nice to her friends. Another message stated that the "world would be better off" without Megan Meier in it.

The assistant agent in charge of the Los Angeles FBI office described the case as "heartrending." Salvador Hernandez told the AP, "The Internet is a world unto itself. People must know how far they can go before they must stop. They exploited a young girl's weaknesses. ... Whether the defendant could have foreseen the results, she's responsible for her actions."

Drew has denied creating the account and sending messages to Meier. U.S. Attorney Thomas P. O'Brien said the indictment was the first time the federal statute on accessing protected computers has been used in a social-networking case. "This was a tragedy that did not have to happen," O'Brien told the AP.

Each of the four counts carries a maximum of five years in prison. Drew will be arraigned in St. Louis and then moved to Los Angeles for the trial.

The protected-computers charges came about because, according to the indictment, MySpace members agree to abide by terms of service that include not promoting information they know to be false or misleading, soliciting personal information from anyone under the age of 18 or using information gathered from the Web site to "harass, abuse or harm other people."

The indictment alleges that Drew and other unnamed persons conspired to violate those service terms from around September 2006 to mid-October of that year by allegedly registering as a MySpace member under a phony name, accessing the account to obtain information on Meier and then using that information to "torment, harass, humiliate and embarrass the juvenile MySpace member." After Meier killed herself, the indictment alleges that Drew and the others deleted the account.

Earlier this year, one of Drew's employees, 19-year-old Ashley Grills, told ABC's "Good Morning America" that she created the fake profile but that Drew wrote some of the messages to Megan and suggested that Grills talk to Meier through MySpace to find out what the 13-year-old was saying about Drew's daughter, who was a former friend.

Grills added that she wrote the final message about the world being a better place without Meier, intending to end the online relationship because Grills thought the hoax had gone too far.

"I was trying to get her angry so she would leave him alone and I could get rid of the whole MySpace [account]," Grills told the morning show, according to the AP. Drew has denied knowing anything about the final message.

In November, Tina Meier told a local newspaper that she didn't think anyone involved in the hoax intended for her daughter to commit suicide, but that she thought it was "vile" that an adult would be involved in such behavior.

[Al-khiyal]

11 charged in theft of 41 million card numbers

August 6, 2008 -- Federal prosecutors have charged 11 people with stealing more than 41 million credit and debit card numbers, cracking what officials said on Tuesday appeared to be the largest hacking and identity theft ring ever exposed.

The thieves focused on major national retail chains like OfficeMax, Barnes & Noble, BJ's Wholesale Club, the Sports Authority and T. J. Maxx — the discount clothes retailer that first suggested the existence of the ring early last year, when it said its systems had been breached by hackers.

Underscoring the multinational, collaborative aspect of organized crime today, three of the defendants are United States citizens, one is from Estonia, three are from Ukraine, two are from China and one is from Belarus. The name and whereabouts of the final defendant are unknown.

Federal officials said a principal organizer of the ring was Albert Gonzalez, a man from Miami who was indicted on Tuesday by a federal grand jury in Boston on charges of computer fraud, wire fraud, aggravated identity theft, conspiracy and other charges. If convicted on all counts, Gonzalez would face life in prison.

Gonzalez and several in his cohort drove around and scanned the wireless networks of retailers to find security holes — known as "war driving," according to prosecutors. Once the thieves identified technical weaknesses in the networks, they installed so-called sniffer programs, obtained from collaborators overseas.

Those programs tapped into the retailers' networks for processing credit cards and intercepted customers' PINs and debit and credit numbers that were stored there. The thieves then spirited that information away to computers in the United States, Latvia and Ukraine.

Officials say the conspirators sold credit card numbers online and imprinted other stolen numbers on the magnetic stripes of blank cards so that they could withdraw thousands of dollars from ATM's.

"Computer networks and the Internet are an indispensable part of the world economy. But even as they provide extraordinary opportunities for legitimate commerce and communication, they also provide extraordinary opportunities for criminals," said Michael Mukasey, the United States attorney general, at a news conference in Boston to announce the indictments.

Gonzalez was first arrested by the Secret Service in 2003 on similar charges. He was subsequently placed on supervised pretrial release and became an informant to the agency in its campaign against organizers of ShadowCrew, a bulletin board where hackers traded stolen financial information.

But prosecutors said that Gonzalez continued his criminal activities and tried to warn one of his conspirators, Damon Patrick Toey, to ensure that Toey would not be identified or arrested in the operation against ShadowCrew. Toey was among those indicted on Tuesday in Massachusetts.

"As soon as we became aware that Gonzalez was also working with criminals and getting them information, we immediately took action," said Mark Sullivan, director of the Secret Service.

A lawyer for Gonzalez could not be located.

To sell card numbers on the black market, the group turned to Maksym Yastremskiy of Ukraine and Aleksandr Suvorov of Estonia, who were also charged, according to prosecutors.

Yastremskiy, thought to be a major figure in the international sale of stolen credit card information, was apprehended in July 2007 on vacation in Turkey and is in prison awaiting trial on charges including credit card theft. The United States has asked Turkey to extradite him.

The indictments shed more light on the breach into the stores of TJX, the owner of T. J. Maxx. In 2005, Christopher Scott, another man who was charged, compromised wireless access points at a Marshalls in Miami and used them to download payment information from computers at TJX headquarters in Framingham, Massachusetts, prosecutors said.

The following year, prosecutors said, the conspirators established a virtual private network connection into TJX's payment processing server and successfully uploaded a sniffer program.

In public financial filings, TJX said it had spent around $130 million on matters related to the break-in, including legal settlements, and it expected to spend an additional $23 million in the 2009 fiscal year.

Federal officials did not have an overall tally for the amount of money stolen by the ring, but they offered some glimpses into its profitability. In the indictment against Gonzalez, federal officials asked that he be forced to forfeit more than $1.6 million, among other assets.

"These guys were obviously sophisticated and organized," said Toby Weiss, chief executive of Application Security, a database security firm. "In this economy, we can't have people afraid to spend."