The Financial Times reports Russian criminals have been targeting cyber attacks at Russian owned banks and are making decent profit:

In Russia, however, the scourge of its hackers is fast becoming a problem for the country’s own businesses.

Russia was one of the countries worst affected by the WannaCry attack last year. Even though the US and UK have blamed the Kremlin for using the NotPetya attack a few months later to target Ukraine, Russian companies such as Rosneft, state-run oil giant, were also affected.

Most vulnerable, however, are Russia’s banks. Hackers used the Cobalt Strike security-testing tool to steal more than $17m from more than 240 Russian banks in 2017, according to the central bank. In the past few months, hackers used the Swift payment system to steal $6m from an unnamed bank and tried to steal nearly $1m from state-owned Globex.

Russia is now keen to change the perception of the country as a hacker’s paradise by showing that it, too, is trying to clamp down on cyber threats.

No honor among thieves indeed.

CNET on the US Department of Justice shutting down the massive cyber crime network Infraud and charging 36 people:

The agency announced on Wednesday that it’s charged 36 individuals who allegedly ran Infraud, a massive forum with more than 10,900 members globally. The group would obtain and sell stolen data, including credit card numbers, personal information like banking and financial data, and malware and stolen identities.

The Justice Department estimates that Infraud was responsible for more than $530 million in actual losses since it went online in October 2007. Scammers on the forum came from countries including Ukraine, Pakistan, France, the UK, Serbia and Russia.

Among the 36 people charged, five are from the US and have been arrested, Deputy Assistant Attorney General David Rybicki said. Eight from other countries have been arrested and are awaiting extradition, while 18 other charged suspects are not in custody. The remaining five suspects are still at large, Cronan said.

It is not often the Department of Justice is able to charge so many people for cyber crime, so this is a major win for the US government. Infraud generated over $530m in revenue over ten year, a considerable amount of business largely with very little work involved.

According to a closely watched case, the Ninth Circuit Court of Appeals just ruled sharing passwords is considered a federal offense:

In the majority opinion, Judge Margaret McKeown wrote that “Nosal and various amici spin hypotheticals about the dire consequences of criminalizing password sharing. But these warnings miss the mark in this case. This appeal is not about password sharing.” She then went on to describe a thoroughly run-of-the-mill password sharing scenario—her argument focuses on the idea that Nosal wasn’t authorized by the company to access the database anymore, so he got a password from a friend—that happens millions of times daily in the United States, leaving little doubt about the thrust of the case.

The argument McKeown made is that the employee who shared the password with Nosal “had no authority from Korn/Ferry to provide her password to former employees.”

At issue is language in the CFAA that makes it illegal to access a computer system “without authorization.” McKeown said that “without authorization” is “an unambiguous, non-technical term that, given its plain and ordinary meaning, means accessing a protected computer without permission.” The question that legal scholars, groups such as the Electronic Frontier Foundation, and dissenting judge Stephen Reinhardt ask is an important one: Authorization from who?

If the account holder authorized someone to access their account using their credentials, then does that not constitute authorization, as written in the CFAA? The law does not define which party is required to provide authorization in order to prevent triggering a violation of the CFAA.

  • Is the account holder allowed to authorize access?
  • Is authorization required from the system owner?

Imagine all the scenarios that could play out based on either of those authorization requirements. As the article rightly discusses, if the latter is needed, everyone sharing Facebook, Spotify, Apple, Netflix, and other similar account types are considered in violation of the CFAA and therefore should be prosecuted.

As with most US laws around the idea of hacking, the CFAA is in desperate need of updating.

A former US Secret Service agent involved in the Silk Road case has been charged with additional bitcoin thefts, with the largest one being worth $700k:

According to an affidavit unsealed Thursday, the Justice Department learned in April 2015 that Bridges might have kept a private cryptographic key giving him access to a Bitcoin wallet with the $700,000 in currency that the Silk Road task force had seized in 2014. The department urged the agency to move the funds elsewhere.

“Unfortunately, the U.S. Secret Service did not do so and the funds were thereafter stolen, something the U.S, Secret Service only discovered once it was ordered by a court to pay a portion of the seizure back to affected claimants,” a team of prosecutors wrote in an accompanying motion. The Bitcoin in question was moved in July 2015 but only discovered missing in December, the affidavit said.

There is a lot of bitcoin news lately, both positive and negative.

In yet another unbelievable act of stupidity for the US military stationed on Okinawa, the prefectural police apprehended a Kadena Air Base Airman for drinking and driving:

At approximately 4:05 a.m. on Sunday, police stopped and questioned Christopher Aaron Platt, a 27-year-old staff sergeant, who was driving on a road in the town of Chatan. During questioning, police noticed liquor on the suspect’s breath. The results of a breathalyzer test revealed an alcohol level in excess of the legal limit.

Platt denies the charges. “I didn’t drink at all,” the suspect is quoted by police.

Prior to pulling Platt over, police observed his vehicle weaving on the road.

Is is that difficult to start living like an adult by not drinking and driving? Seriously, what is wrong with these people?

Okinawan prosecutors seek four year prison term for US Navy sailor who raped local woman in a hotel:

The prosecutors said in their closing arguments Monday at the Naha District Court that the actions of 24-year-old Justin Castellanos were “selfish and absolutely despicable,” and sought a harsh punishment.

The sailor, based at Camp Schwab, was indicted for raping a woman at a hotel in Naha on March 13. The victim, a woman in her 40s from Fukuoka Prefecture, was in Okinawa on holiday.

While the prosecutors said Castellanos took advantage of the state of the woman, who was asleep in a hotel corridor, his lawyers are seeking a lenient term, saying he had initially planned to take care of the woman after finding her.

I cannot comprehend “harsh punishment” and “four year prison term” existing in the same breath.

A second Russian has plead guilty to the largest ever US cyber crime:

Prosecutors said that as far back as 2003, the men worked to install “sniffers” designed to comb through and steal data from computer networks of financial companies, payment processors and retailers.

Prosecutors said the defendants then used an array of computers to store and ultimately sell data they collected.

They said Smilianets was in charge of sales, selling data to trusted identity theft wholesalers, selling credit card numbers for $10 to $50 a piece depending on country of origin.

The scheme ultimately caused banks and credit card companies to suffer hundreds of millions in losses, including more than $300 million reported by three companies alone, prosecutors said.

Sixteen companies’ networks were infiltrated, including those of Nasdaq OMX Group Inc, 7-Eleven, France’s Carrefour SA, JC Penney Co, JetBlue Airways Corp, a Visa Inc licensee, and Heartland Payment Systems Inc, prosecutors said.

Smilianets faces up to 30 years in prison when he is sentenced by U.S. District Judge Jerome Simandle on Jan. 13. His lawyer did not immediately respond to a request for comment.

Pleased with their good work, the Federal Bureau of Investigation has released details on their takedown of the Gameover Zeus botnet:

The Gameover Zeus botnet owners looked at their operation as a complete criminal organization, owned all the assets and put them all under one roof, Elliott noted. “They were very centralized, which made it good for them from a logistics standpoint and very good for us in law enforcement.”

One of the principal servers used by Gameover Zeus was referred to by the botnet owners as the “Business Club.” Through the Business Club, the FBI was able to connect the dots across attacks and victims. There was a full ledger system in place that kept accurate track of all the fraud committed by the Gameover Zeus botnet, Elliott said.

As to how the FBI actually identified the individuals responsible, Elliott said the criminals weren’t part-time criminals; cybercrime was their full-time job. That’s how the FBI was able to identify Evgeniy Bogachev as the kingpin behind the Gameover Zeus botnet.

“One of the things we try to do as law enforcement is work ourselves in, so we can attack the seams between their personal life and their criminal life,” Elliott said. “Fortunately Bogachev was a user of VPNs, and he liked to use the same VPNs to log into his personal accounts as he would to administrate the backend of the botnet servers.”

The FBI did a botnet takeover in June of 2014 to protect victims and stop future fraud.

The U.S. Attorney’s office in New Jersey has indicted nine people for cyber related insider trading activities netting the perpetrators roughly $100M (emphasis added):

Prosecutors with the U.S. Attorney’s office in New Jersey initially announced the indictment of nine people, five of whom were arrested in Georgia and Pennsylvania, Tuesday morning. A follow-up announcement in Newark revealed that 32 people connected to the scheme in total were facing charges.

According to Reuters, it’s the first time that prosecutors have brought criminal charges against individuals for perpetrating a securities fraud scheme involving hacked insider information.

The hackers purportedly infiltrated servers belonging to press release agencies: PRNewswire Association, Marketwire, and the Berkshire Hathaway subsidiary Business Wire, first accessing the newswires’ networks as early as 2010. Once they were in, over the course of five years, the hackers passed along sensitive information – some of which pertained to large Fortune 500 companies – to traders, who then used it to their benefit.

A related SEC complaint filed in tandem with the indictments notes that civil charges are being brought against 32 individuals and claims the hackers used “malicious programming code and other deceptive techniques to hack into the computer systems.”

Engadget on the FBI hunting for suspects in California internet backbone cable-severing attack (emphasis added):

The severed cables belonged to backbone-internet companies Level 3 and Zayo. In order to access these cables, the vandals had to remove manholes and enter underground vaults. While the cut lines were fixed within a day, it does highlight how easy it is to disrupt the internet within the physical world. In a statement, the FBI asked for the public to contact it if anyone saw anything suspicious at one of the sites and added that, “the individuals may appear to be normal telecommunications maintenance workers or possess tools consistent with that job role.”

So instead of the internet being brought down by a virus or super hackers, it turns out that someone with a set of bolt cutters could severely disrupt how we get our news and do business.

I could not have said it any better. Malware is not required to disrupt our precious internets.

The Japan Times on Japan executing a convict for murdering a woman in Nagoya:

The ministry says Kanda kidnapped his victim from a Nagoya street with the intention of mugging her. After confining her in his vehicle, he robbed her of a cash card and “coiled layers of adhesive tape around her head” before bludgeoning and fatally strangling her.

He then drove her body to neighboring Gifu Prefecture and dumped it in a forest to conceal his crime, the Justice Ministry said.

In March 2009, Kanda was sentenced by the Nagoya District Court to hang. The ruling was finalized a month later when he dropped an appeal. Both of his accomplices have been sentenced to life in prison, according to public broadcaster NHK.

Japan and the United States are the only members of the Group of Seven industrialized countries that carry out executions.

I will never understand how people can do things like this and still live with themselves afterward.

The Los Angeles Times on how the LAPD shot an unarmed man who had his hand wrapped in a towel while waiving down the police for help:

Los Angeles police shot and critically wounded a man after he raised his arm, wrapped in a towel, toward officers Friday in Los Feliz, police said.

Police said officers thought the man had a gun, but he turned out to be unarmed.

The man flagged down officers about 6:35 p.m. at Los Feliz Boulevard and Tica Drive south of Griffith Park, according to a police account.

“This person extended an arm wrapped in a towel. The officer exited the vehicle and said, ‘Drop the gun, drop the gun,'” LAPD Lt. John Jenal said.

Then at least one officer shot the man, officials say. He was taken to a hospital where he was listed in critical condition.

After being shot in the head by the LAPD, while the victim lay motionless on the ground, literally with his brains falling out of his head (caution: graphic video), these two smart cops thought it necessary to place him in handcuffs as if he were going to escape Terminator-style.


The Washington Post on Japanese high school students forced a classmate to swim across a river leading him to drown:

The boy had reportedly gone to a festival with his friends, and they were angry at him for trying to pick up a girl when he already had a girlfriend. “If you jump into the river, swim to the other side and back again, then maybe we’ll forgive you,” they told him, according to Japan Today. They told police they didn’t think their friend would be in danger.

The boy, a 15-year-old high schooler, made it about halfway across the 100-foot river before crying out, “I can’t do it anymore,” a witness told the Kyodo news agency. Then he sank beneath the surface. Police are still searching for the teen, but he is presumed to have drowned.

His alleged tormentors — a 16-year-old high school student, a 14-year-old in junior high and a 15-year-old described as a “company worker” — have been arrested for assault, according to Kyodo. The identities of the suspects and the victim are being withheld because they are minors.

Bullying at its best. Just another day in Japan.

Japan Today on a Tokyo man arrested for confining a woman in his apartment for one week:

According to police, the 22-year-old woman, who is from Kawaguchi, Saitama Prefecture, was found with her hands and feet bound by wire, inside a closet in Junichi Watanabe’s apartment, at around 8 a.m. on Monday, Sankei reported.

Police said the woman had been confined in the first-floor apartment for one week. She was rescued after a passerby heard her screaming for help and alerted police.

Watanabe turned himself in at a police “koban” on Monday afternoon.

The woman told police she first met Watanabe on an Internet dating site in January and that they met a few times. But she became uneasy about him and stopped seeing him. Police said Watanabe called the woman, pretending to be one of her friends, and arranged a meeting at 9:30 p.m. on June 1 outside JR Kawaguchi Station. When the woman got there, Watanabe talked her into getting into his car, then he bound her arms, legs and mouth with tape and put a bag over her head, before taking her to his apartment.

WTF? This story does not add up.

Tokyo Reporter on Tokyo cops arresting a hostess in a standard Kabukicho overcharging scam:

On March 11, Nozomi Kojima, a 22-year-old employee of Lumine, located in the Kabukicho entertainment area, is alleged to have lured two male customers to the club at a price of 3,000 yen for an unlimited time period.

After one hour of service, the customers were presented a bill for 240,000 yen. Staff members indicated that total included a a 70,000-yen table charge.

Last month, police arrested the club’s manager, Yoshihiko Okumura, 36, and one other staff member for allegedly threatening the customers in the same incident.

Since Lumine opened in February, police have received 239 complaints from customers who patronized the club, according to the Asahi Shimbun (June 8).

It sounds like Lumine needs to be shutdown for good. Their entire business model appears to be predicated on scamming drunk customers out of their money after offering a salacious sounding deal to get them into the bar.

Kabukicho is probably the one area in Tokyo where you really have to be very careful of what establishment you patronize. In my experience, it is all too easy to get scammed by any of the small bars hiding in the depths of the Kabukicho underworld.

One good rule to live by anywhere, but especially in Shinjuku: if it sounds too good to be true, then it is likely a scam.