Hackers – Hacking ATM’s?

Dollar Bills

ATM Cash-Out Goes World Wide

The Krebs Cybersecurity blog reported on Sunday of a new threat to the worlds banks.

Hackers are now able to hack bank or payment card processors and use the stolen information to withdraw large sums of cash from ATM’s pretty much everywhere.

Which can be done without the benefit of actual malware.

fbi-crimeshop

The FBI shared this information with the banking industry on Friday which they typically do from time to time as cyber threats come about, it’s known as a “private industry alert.”

wells-fargo-steals-from-customers-crimeshop

The FBI is not required to make a public PSA about such cybersecurity threats but with the way Wells Fargo rips off its customers from the inside, one would think that the FBI would at the very least inform consumers of the threat considering that it would take someone like Wells Fargo years to report that customer bank accounts had been wiped out by hackers.

Wells-Fargo-Protest-crimeshop

Not to mention refund it, they like to well let’s just say, sit on money.

Just throwing out facts based off of the way certain banks treat their customers.

brian-krebs-crimeshop

In the meantime, since the financial industry and the FBI did not send out a warning to consumers, thankfully Brian Krebs did.

Cristal M Clark

IOS users can find The Crime Shop on Apple News

@thecrimeshop on twitter

And https://gab.ai/thecrimeshop

 

 

 

 

PGA Held for Ransom

PGA Championship - Preview Day 2

Hackers Hit PGA with Ransomware Attack

 

Not even golf is safe from the likes of ransomware, the PGA has been hit with an attack demanding a nice bitcoin payout.

ransomware-PGA-crimeshop

On Tuesday someone hacked into the PGA servers, days before the scheduled 8/9/2018 PGA Championship locking out the golf association.

Naturally, the hackers want some bitcoin should the PGA want to regain access to its servers, which may or may not mean that regardless of whether the PGA pays the ransom that they will ever be able to actually regain access to any and all files that were stored.

Yep, you read that right because typically this type of ransom attack renders whatever had been stored on the servers permanently inaccessible.

Have no fear tournament, the championship will still go on as planned.

It’s not a huge loss for the PGA as most of the information stored on the servers being held for ransom would don’t share private user data and its replaceable.

comcast-security-breach-crimeshop

All in all, it could be worse, Comcast gave a gift to their subscribers in that a recent security flaw ended up exposing partial addresses and the social security numbers of what is estimated to be 26M Comcast customers.

Funny how I never saw that on the channel lineup.

Cristal M Clark

IOS users can find The Crime Shop on Apple News

@thecrimeshop on twitter

And https://gab.ai/thecrimeshop

Hackers Targeting Your Office Gossip?

ransomware-crimeshop.jpg

Those Instant Message Services Aren’t so Private

Traditionally, when you think of a hacker being able to obtain your information, you might think that you somehow ended up innocently installing some form of malware which in turn opened up your work or home network to hackers.

dark-web-crimeshop

Which is pretty true, and one type of service we rarely think about are those instant messaging services used by many within the corporate world these days.

The amount of information your employees share on those unmanaged services is actually a lot more critical to an organization’s inner workings that one might really think.

What that opens any organization up to is a ransomware attack.

Using intel gleaned from an instant messaging service, hackers can obtain some pretty important details about an organization’s inner workings, it’s projects, it’s client base, how much money is involved with particular contracts and deals and they can even obtain details with regards to both current past employees.

Many of these instant messaging programs used are more often than not are not entirely secure and not that, they are not managed by a member of management much less a member of IT if an organization has an IT department.

Truthfully and also sadly, employee’s who partake in the fine art of office gossip using these types of services do not think about the vast amount of information they are gossiping about or sharing with one another much less, that the information could potentially be used in some future ransomware attack on the organization, it’s employee, bank, customer, etc.

Hackers are no longer using stolen intel to just simply steal things like bank account information, they are using information in order to take an organization’s entire network for hostage.

WannaCry-ransomeware-crimeshop

Ransomware attacks saw a surge of 2,500% in just 2017 alone.

slack-crimeshop.jpeg

Slacks one of the most popular messaging services used in offices these days admitted back in March that they found and patched a vulnerability that would have given hackers full access to chat histories, shared files among other critical data. Chat logs from your workforce can be a valuable and rich source of intel to any hacker worth his weight in gold.

That is a pretty big deal, one which will continue to be a growing concern because hackers do not suddenly get stupid, fix one vulnerability and another will be found, usually by hackers first.

So how does an organization get around this type of situation?

Easy get rid of things like instant messaging programs in your office and force your employees to keeping that office gossip, at the water cooler.

Cristal M Clark

IOS users can find The Crime Shop on Apple News

@thecrimeshop on twitter

And https://gab.ai/thecrimeshop

Hacking – Hackers Back, The US Government To Clear the Way for That?

 

computerhacking_crimeshop

 

Hackers Get Ready – It’s Going to Be All Out Hacking War

 

Sometimes I sit back and wonder how some individuals were able to manage to get into office anywhere here in the US, I mean we have a Donald Trump as our sitting President.

 

President Trump Hosts Ceremony Recognizing First Responders In The June 14 Congressional Baseball Shooting

 

I’ve been hearing rumors that some who hold office throughout the United States are pushing for an okay to, hacking, hackers back.

 

White-House-CyberSecurity-Council-Crimeshop

 

Of all of the stupid idea’s in today’s world, really, this one?

What’s truly worse is that hacking back has been highly discouraged for years, not to mention it doesn’t really do shit to the hacker by the time you’ve hacked them back.

So the idea is that it would clear users to hack the computer that hacked them back.

Not the brightest idea when you consider that sometimes, actually more often than not, hackers are in fact hacking you, from a hacked computer or network of computers.

Computers and networks that belong to innocent individuals and businesses.

 

hacking-US-Government-crimeshop

 

Representatives Tom Graves, R-Georgia, and Kyrsten Sinema, D-Arizona are attempting to allow for some exceptions to the Computer Fraud and Abuse Act, the U.S. anti-hacking statute, which pretty much makes it illegal to access computers that don’t belong to you without permission or some form of authorization.

This tweak of the bill would change that restriction and then allow companies to access computers that don’t belong to them in the name of self-defense or, as the bill calls it, “active defense.”

Here is a time when taking the time to bother oneself with your perception of the problem might come in handy because this change is really going to create more issues than it would actually solve.

This change merely changes the situation so as to allow for the hacking, that cycle, to keep going and growing.

These hackers, they are not as stupid as our government thinks either, they could potentially hack someone, write a line of code that would then destroy everything on a network or computer should that victim attempt to hack them back. I mean you don’t honestly think hackers haven’t already thought of this do you?

I can’t write code to save my life here, and I am no hacker here,  I can however without a doubt tell you that these hackers have already outsmarted you by about 10 paces if not more.

 

russia-hacking-the-us-election-crimeshop

 

Except for the Russian hackers, they can hack Hillary Clinton’s email server but they can’t manage to hack my Starbucks card and increase my allotted credit amount for my beloved coffees, which I have suggested many times in the past they do.

Yes Putin, I am looking in your general direction here, inform your hackers, thanks for nothing.

The problem is that our own government is not seeing the problem clearly, they are perceiving it incorrectly therefore they are not going to solve it until they do take a step back and start seeing it just as it is.  

When you start hacking back, launching DDoS attacks back, releasing malicious malware back, you only keep the vicious cycle going and you create nothing more, than more of an invitation to make the next hack or attack, bigger and better.

Cristal M Clark

IOS users can find The Crime Shop on Apple News

@thecrimeshop on twitter

And https://gab.ai/thecrimeshop

CIA Director & Other Top Law Enforcement Officials – Hacked

Crackas-With-Attitude-Crimeshop.jpg

Crackas With Attitude

In 2015, Crackas with Attitude was once an aspiring group of young hackers that sought to hack top US officials such as, former CIA chief John Brennan and James R. Clapper Jr., former director of national intelligence, just to name a couple.

Justin-Liverman-Crimeshop

For 23 year old Justin Liverman, just simply hacking top law enforcement officials was not enough. He would go on to harass and online stalk them, he even made threatening calls.

What’s worse is that Justin would also harass and call the families of his victims and harass them as well.

On Friday, Justin was sentenced to 5 years in federal prison.

A British teenager, known as “Cracka,” is the one who actually broke into those accounts by impersonating the officials or employees of their service providers.

Justin and his Cracka buddy Andrew Otto Boggs, who also 23, encouraged Cracka’s exploits so that they could in turn use the stolen information.

During Justin’s sentencing on Friday Judge Gerald Bruce Lee informed Justin that “These are no pranks, this computer hacking, Crackas With Attitude, caused chaos. Your intent was clear, and that was to wreak havoc.”

The most sickening part of this case is that Justin harassed the spouses of his victims and also threatened the children of several targets.

Justin in particular chose some of the victims and personally drove the harassment campaigns against them.

He actually paid out of his own pocket for an hourly month-long “phonebombing” campaign leaving threatening and explicit messages for former FBI deputy director Mark Giuliano who was not named in court documents however, officials who are familiar with the case have confirmed this.

Justin also texted the former FBI deputy directors phone, asking about his “slut wife” and warning that he would “keep a close eye on your family, especially your son!”

Using Mark Giuliano’s credentials, Cracka was able to gain access to the Law Enforcement Enterprise Portal, a computer system that gives agencies around the world access to unclassified but sensitive law enforcement information.

Justin requested personal details on Miami police officers, which he promptly then posted online.

“Liverman leveraged Cracka’s superior social engineering skills to his own ends — namely, to cause disruption/fear through harassment and to continue to perpetrate his online fraud of being an administrator of a hacking group and a successful hacker himself.” Special Assistant U.S. Attorney Joseph Longobardo wrote in his sentencing memorandum.

Justin also encouraged Cracka to call in a bomb threat to the Palm Beach County, Fla., sheriff’s office, saying, “Hopefully they will have a shootout and kill each other,” according to court records.

Justin sounds like a delightful individual.

I am no genius by any means here, I do know however that it takes a special kind of stupid to hack and then threaten anyone in law enforcement.

They have superior technology and can find out who you are…

Other victims include Amy Hess, at the time the FBI executive assistant director for science and technology; Gregory Mecher, who is married to then-White House Communications Director Jen Psaki; and Harold Rosenbaum, chief executive of CIA contractor Centra Technology.

And, in 2016 Justin claimed that he had hacked NASA, which NASA spent money on only to learn that Justin was not entirely honest, go figure.

Justin’s whole argument was that at the time he thought that he was was helping expose weaknesses in the private security of law enforcement members who guard the nation’s secrets, and that he was taking a stand against government overreach, according to the court filings.

This may just be me here but threatening these individuals and their families is a far cry from taking a stand against government overreach.

At any rate another member of Crackas plead guilty to his part in the hacks and Cracka, well he is being prosecuted in Britain since he not from the US.

Justin hopes to one day become a black hat type of good guy working in security to help protect people from individuals such as himself.

However, he has his 5 year prison sentence to really think about it and decide if that’s what he truly wants to become once released.

Cristal M Clark

IOS users can find The Crime Shop on Apple News

@thecrimeshop on twitter

And https://gab.ai/thecrimeshop

Instagram Gets Hacked

instagram-crimeshop

Application Programming Interface (API) – Bug Exploited

 

So it appears that Instagram got hacked and users cell phone numbers and email addresses were compromised according to messages Instagram began sending to users today.

instagram-hacked-crimeshop

“We recently discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information  specifically email address and phone number  by exploiting a bug in an Instagram API, no account passwords were exposed. We fixed the bug swiftly and are running a thorough investigation.”

Instagram has yet to disclose just how many users are affected by this hack, according to Instagram they see roughly 700 million users a month and, they notified every verified registered user which might very well mean that, the number of users whose information was compromised is pretty high.

Instagram has not given the exact number of how many verified registered users it actually has. So far those were the accounts that were the target of the hack, however all of you unregistered users should still go for the two-factor authentication in order to secure your accounts.

russian-hacker-crime-shop

It also looks as if a lone hacker committed the hack.

Many suspect that the lone hacker was after high profile users of Instagram which translates to users more along the lines of celebrities.

Either way, for users of Instagram this news was not welcomed with open arms.

In a world where everything is online, nothing is 100% safe from hackers, just when you think you’ve gotten one backdoor or bug fixed another one creeps up.

Cristal M Clark

IOS users can find The Crime Shop on Apple News

@thecrimeshop on twitter

And https://gab.ai/thecrimeshop

ISIS is planning attack on US air bases in Saudi Arabia, Kuwait and Bahrain

israel

That’s according to an Israeli cyber-intelligence group who have reported to media sources that they have breached Telegram group on the dark web, which is run by jihadists.

It is rumored that the Islamic state uses Telegram to organize operatives and to disseminate terror attack plans among 500 of its leading activists.

According to the Israeli company who breached Telegram, the Islamic State uses the site to upload potential targets to the group. They reported that in recent months some of the targets have been hit by individuals claiming allegiance to the terror organization.

One of the targets found during the hack was the recently attacked church in Normandy, France where Father Jacques Hamel was murdered by the terrorist group. The Israeli cyber-intelligence group says that the attack on the church was planned months ago according to communication found on Telegram.

This brings us to cyber-intelligence/cyber-security, you can’t have one without the other and quite frankly, the US is falling way below the bar on both fronts.

Both Israel and Russia are reported to be two very powerful forces in terms of cyber-intelligence, cyber defense and cyber-security. China, North Korea, Iran all rank higher than the US.

In fact, Iran is considered a dangerous cyber threat to the US.

ISIS is using the dark web to communicate with its followers. ISIS is not the only extremist group using the dark web for communications either.

Our country would be best served if our Government would better align themselves with countries who are more capable at cyber-intelligence and security and the cyber-security firms in those said countries. We are all better served if we could learn to work together with these other countries and firms to fight the war on terror and to thwart cyber related crimes in general.

Think about it, other countries have surpassed the US when it comes to both cyber-intelligence and cyber-security for years and we don’t seem to be moving at all. These other countries have also set up cyber defense and the programs they have are not for the faint of heart.

Today Business Insider ran a story with a headline stating “The terrible recovery from the Great Recession is due to Congress’ economic incompetence.” I bring that to your attention because it is in fact true, Congress is out of touch with the realities of our world on all fronts, that includes cyber security, intelligence and defense. 

The media is partly to blame here as well, I mean if the FBI asks for a change to a law the media  makes it out to be the NSA is spying on all of us all the time…

Recently the FBI did ask for a change to the a law that pertains to being able to access someone’s browsing history and other electronic data for certain types of suspected crimes.

Of course the media had a field day with it, they lead everyone to believe the FBI was going to be able to access browsing history from anyone and everyone, all history, see the sites you visit, the pages on those sites and who knows what else…turned out that was not even close to what the FBI could actually access if they had been granted the change and the request was denied, rightfully so.

The reality was, the intel they could have obtained from this change was so rudimentary it amounted to basically the FBI obtaining no useful intel at all. The intel the FBI would have gotten was so rudimentary it would have been a waste of time.

The fact is, between all of us throwing fits over our “rights” which we completely take for granted and confuse with privilege, the media blowing things out of proportion and congress’ incompetence when it comes to cyber-intelligence and security, it is no surprise that we aren’t even close to the bar in terms of cyber defense.

Then we have encryption, I am not against it and I am also not for it when a crime has occurred. I believe that ways around it are needed when you are dealing with an ongoing investigation. I also believe that if our government has ways around it, which I agree at times they should, we need oversight so that, that power it is not abused.  

We want our government to protect us and be able to defend us from cyber attacks of all levels and kinds,  and we want them to be able to thwart terrorist attacks, yet we are the first to accuse them of taking away our rights and freedoms if they come up some new tool to us to obtain data intel which is part of cyber security.

We refuse to meet in the middle and we refuse to better align ourselves with other countries who are far more superior to our own with cyber defense and capabilities.

A lot can be said for the argument that some things a government does should be kept secret from it’s citizens because sometimes the citizens of that country are simply not ready to know or come to terms with the truth.

Our government needs to be able to learn and utilize tools as much as they can without the media or us citizens assuming they are spying on us. They also need to learn to work with countries that are superior to us in terms of cyber defense long before we can begin to protect this nation from cyber attacks.

We need to give them permission to learn it and use it. They can’t learn it if they aren’t using it, and they are not using it because we prevent them from learning it.

It’s almost as if we truly do enjoy being reactive, we love to walk on the edge and expect someone to catch us when we fall.

We as a country need to come to grips with the reality that cyber crime is on the rise and will continue to rise. It will become more scary and dangerous and once the ability to hack falls into the hands of these extremist groups, it will forever change the playing field. 

Until our nation becomes better at cyber defense, security and intelligence, my money is on the other guys finding out about a planned attack long before we do.

Cristal M Clark

@thecrimeshop.com

IOS users can find The Crime Shop on Apple News.

 

 

 

The Donald strongly encourages Russia to Hack Hillary Clinton

download (2)

Trump implies that he is open to a new hack as long as it benefits his campaign

While watching the news conference I was so shocked by what I heard that I almost dropped my cup of coffee and what’s worse is that I didn’t care. If you know me, you know my relationship with coffee and the not caring over spilled coffee….

For the first time in history a presidential candidate is actively encouraging a foreign power to commit espionage…the first time in history.   

Don’t get me wrong, I rather enjoy the antics of the Donald. He is a much needed refreshing break from, well anyone in office currently, I can’t however be excited about his remarks today during his news conference in Florida today.

Donald is well known for saying things that might be a wee bit inappropriate but today was a little over that wee bit part.

During his news conference Donald stated “Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing. I think you will probably be rewarded mightily by our press…”

He went on to insinuate that he feels they most likely already have the 30,000 missing emails and that he’d like to see them.

Some are now accusing him of being disloyal to America over his remarks. I don’t feel that he is disloyal, I do feel that he lacks the full understanding of what his statements mean, could potentially cause and how it will affect all of America should anyone try to take him up on his suggestion.

More importantly perhaps, while most don’t trust Hillary, is this the guy you want running our nation? Someone pisses him off and he encourages a foreign nation to take some type of action against that individual then later says that he really didn’t mean what he said?

Wars have been started over much less, in this day and age as violent as our world can be, is it really a time to mince words?

This comes on the heels of the recent hack on the Democratic National Committee, a hack that most believe Russia is behind in an attempt to influence the outcome of our upcoming presidential election.

Steven Cheung, the Donald’s rapid response director suggested that the Donald simply meant that if Russia or anyone had those 30,000 missing emails that they turn them over to the FBI.

Trump also later tweeted “if Russia or any other country or person has Hillary Clinton’s 33,000 illegally deleted emails, perhaps they should share them with the FBI!”

jc say what

As for the FBI, I can’t imagine what James Comey and his team thought upon initially hearing the words that came out of the Donald’s mouth, it had to have come as a little bit of a shock initially.

The reality is that Hillary has a long list of haters people that would love to see the woman fall off of a cliff and disappear, out of those haters, do gooders, or great hackers someone although it was not the Donald’s intention, might try to hack Hillary or the FBI, DOJ etc.

And if someone does in fact have her emails already as the Donald suggests, I doubt they would turn them over at this point in time. If let’s say Russian hackers do in fact have them, it would serve no purpose to turn them over at the moment.

The bigger question is, did the Donald break any laws through his very publicized initial request? Did he commit treason as some are now suggesting?

Perhaps not, but what if it turns out that his words do in fact inspire someone? Through his very suggestion, he did put our nation’s security at risk. No American citizen not one who were to make comments like the Donald did today would be out walking around tonight without first having a little sit down with law enforcement. 

In May of 2015, Newsweek published an article about Russia’s greatest weapon being it’s hackers. Are we ready to face that reality as a nation? I personally do not believe that we are ready as a nation to learn that fully. I also don’t believe that we or our presidential candidates should try to incite Russia or it’s hackers to hack a fellow candidate because through that we open the door to so much more.

Cristal M Clark

@thecrimeshop

IOS users can find The Crime Shop on Apple News