E-Skimming Getting Worse by The Day

FBI-Issues-Warming-About-E-Skimming-crimeshop

FBI Issues Warning 

Cristal M Clark

I’m sure you all know about card skimming at the fuel station, the market and just about anywhere you swipe a card, we also need to worry about E=Skimming which is not a new thing. 

E-Skimming-crimeshop

E-Skimming, is an internet based card fraud where malware is injected into the payment page of a website to steal consumers’ payment details which of course happens when the hackers have unleashed malware on the payment page of the website. They then collect  customer card data when customers pay during the checkout process. 

Of course this has been a small problem since online shopping became a thing however, it’s now getting worse as each year passes. In fact according to the FBI, millions consumers’ data has been compromised by this kind of online scheme over just the past 2 years, and that my friends is just a stab in the dark at just how many individuals have had card data stolen through an online store because the FBI is having a difficult time obtaining a more precise count. 

Hackers-Attack-online-shoppers-crimeshop

Unfortunately, consumers never see this or get a warning when any sites payment system has been compromised so, we can’t really tell. 

So what are we consumers to do here?

Experts suggest using a credit card for all online purchases over using a debit card because the money on a debit card comes out of your account right away and in some cases it can take a while to see the funds returned to the account. 

Consumers can also check with the bank that they use, most banks now have a feature included with most mobile banking apps that alert the user if a charge is run on his/her debit card and that alert is in real-time.

Banks are also really coming around in terms of fraudulent charges on cards, they don’t let the fund’s come right out before checking with the consumer in some cases where things seem off and they are getting faster at returning funds that were not authorized. 

Either way, the FBI does not see an end to this situation anytime soon, so when you shop online, keep an eye out for charges that don’t belong to you. 

Cristal M Clark

IOS users can find The Crime Shop on Apple News

@thecrimeshop on twitter

https://www.instagram.com/crimeshop.cc/?hl=en

And https://gab.ai/thecrimeshop

Hacker’s Selling MD Info on the Dark Web

Dark-Web-crimeshoop

Doctor’s Fall Prey to Hackers

Cristal M Clark

Everything seems to be for sale these days in terms of one’s identity and worldwide, governments are unable to both prevent it, let alone stop it once the proverbial ball starts rolling.

dark-web-hackers-sell-doctor-information-crimeshop

In what some are calling a deeply disturbing new trend, hackers are selling the identities of doctors for $500 on the dark web. The hackers are obtaining all the details needed to pose as a medical professional by targeting, employees, hospitals and other healthcare organizations, which possess all of the highly valuable data. In case you are wondering about the employee bit; employees are every organizations biggest liability and some cases employees are sending information through non secured email channels, texts, WhatsApp, in public and the like. Case in point, Clinica here in Colorado has a rather rampant issue with its medical staff sharing patient records, which include doctor information, utilizing the likes of Gmail rather than its internal email system as reported by employee BB, who is stationed in Lafayette, CO. Then we have as we all should be very well aware of, the hacking into and holding hostage of networks, which of course contain virtually all the needed information. Hackers compromises the corporate network of a healthcare provider to find administrative paperwork that would support a forged doctor’s identity and patient information. A process that becomes even easier once hackers see staff sharing information through non-secured email like in the case of Clinica.

The cyber criminals are then able to use the stolen information to forge the identities of doctors in order to submit fraudulent insurance claims or obtain prescriptions for controlled drugs like opioids that will in turn be sold on the black market or on the streets.

Hackers-sell-doctor-information-clinica-crimeshop.jpg

Documents on sale include malpractice insurance documents, medical diplomas, board recommendations, medical doctor licenses, and DEA licenses. This was uncovered by researchers at cyber security firm Carbon Black, who tracked the shifting patterns of cyberattacks towards medical organizations as well as personal medical records and hacked health insurance company login information.

Tom Kellermann, chief cyber security officer at Carbon Black: “This is a relatively new trend, the price is warranted when you consider what can be done with the data. Cyber criminals can use this information to facilitate insurance fraud, as well as submit prescriptions for controlled substances like opioids. These can then be sold on the black market at a steep profit.”

This information is generally cheaper to obtain, with forged prescriptions costing between $10 and $120 on the dark web and insurance login information costing as little as $3.25 per record.

doctor-credentialing-crimeshop

The researchers called for “extreme vigilance” on the part of security teams working to protect healthcare institutions. Which is desperately needed, honestly. The employee who informed me about medical staff sending patient records through Gmail also took it upon himself to share sensitive patient information with me on multiple occasions, the fact that the CFO of the organization fell for an email scam costing the organization thousands, and the inner workings of the software that they utilize. This type of information sharing with anyone is a cybercriminals wet dream if you will.

The world however, as in our worlds governments need to make it easier for all individuals to change ones credentialing if you will once someone’s identity has been compromised, new identification numbers, new licenses, etc. because by default, by keeping all of that information the same and simply flagging it, you still allow for the crimes under which the original licenses, identification numbers were committed, to continue on.

Cristal M Clark

IOS users can find The Crime Shop on Apple News

@thecrimeshop on twitter

https://www.instagram.com/crimeshop.cc/?hl=en

And https://gab.ai/thecrimeshop

Hackers Getting More Ingenious

crypto-currency-crimeShop

Cryptocurrency Valuations Rising – Expect More Hacks and Cyber Attacks

Hackers are becoming more and more ingenious especially now that cryptocurrency is starting to take off, as the valuations of cryptocurrency rises, cyber attacks are becoming more and more prevalent because hackers want to mine for cryptocurrency.

cryptocurrency-mining-crimeshop

All of the attacks are unknown to users and are coin-mining scripts, normally planted by hackers in the background of public websites, on servers, devices, and in software and are far more lucrative than coin-mining’s ugly adopted twin, malware, stealing bank account information from users.

The attacks, they mine for cryptocurrency and as coin prices rise, so too will the attacks.

One recently discovered attack involved a mass collection of servers where hackers were able to exploit CVE-2-17-10271 which is a critical vulnerability in Oracle’s WebLogic package.

Oracle does have a patch for the vulnerability that was released back in October, but the owner of the servers had not installed it yet.

The hackers were able to mine for cryptocurrency and had mined roughly $6,000 worth of the AEON cryptocurrency.

Back in December a hack generated more than $8,500 worth of Monero cryptocurrency, using the same flaw that hackers exploited to hack Equifax.

What’s interesting here is that the mining programs typically mine the Monero currency rather than Bitcoin, because of Monero’s CPU-friendly hashing algorithm.

Cryptocurrency prices tend to be tightly correlated, so Monero’s price is in sync with Bitcoin.

cryptocurrency-trend-crimeshop.jpg

These attacks are not necessarily stealing the cryptocurrency, they are actually generating digital coins which is a new and improved way of creating counterfeit currency.

As cryptocurrency becomes more and more popular, it looks like the security surrounding cryptocurrency is going to need to be tightened exponentially in order to curb these mining attacks.  

Cristal M Clark

IOS users can find The Crime Shop on Apple News

@thecrimeshop on twitter

And https://gab.ai/thecrimeshop

Hacking – Hackers Back, The US Government To Clear the Way for That?

 

computerhacking_crimeshop

 

Hackers Get Ready – It’s Going to Be All Out Hacking War

 

Sometimes I sit back and wonder how some individuals were able to manage to get into office anywhere here in the US, I mean we have a Donald Trump as our sitting President.

 

President Trump Hosts Ceremony Recognizing First Responders In The June 14 Congressional Baseball Shooting

 

I’ve been hearing rumors that some who hold office throughout the United States are pushing for an okay to, hacking, hackers back.

 

White-House-CyberSecurity-Council-Crimeshop

 

Of all of the stupid idea’s in today’s world, really, this one?

What’s truly worse is that hacking back has been highly discouraged for years, not to mention it doesn’t really do shit to the hacker by the time you’ve hacked them back.

So the idea is that it would clear users to hack the computer that hacked them back.

Not the brightest idea when you consider that sometimes, actually more often than not, hackers are in fact hacking you, from a hacked computer or network of computers.

Computers and networks that belong to innocent individuals and businesses.

 

hacking-US-Government-crimeshop

 

Representatives Tom Graves, R-Georgia, and Kyrsten Sinema, D-Arizona are attempting to allow for some exceptions to the Computer Fraud and Abuse Act, the U.S. anti-hacking statute, which pretty much makes it illegal to access computers that don’t belong to you without permission or some form of authorization.

This tweak of the bill would change that restriction and then allow companies to access computers that don’t belong to them in the name of self-defense or, as the bill calls it, “active defense.”

Here is a time when taking the time to bother oneself with your perception of the problem might come in handy because this change is really going to create more issues than it would actually solve.

This change merely changes the situation so as to allow for the hacking, that cycle, to keep going and growing.

These hackers, they are not as stupid as our government thinks either, they could potentially hack someone, write a line of code that would then destroy everything on a network or computer should that victim attempt to hack them back. I mean you don’t honestly think hackers haven’t already thought of this do you?

I can’t write code to save my life here, and I am no hacker here,  I can however without a doubt tell you that these hackers have already outsmarted you by about 10 paces if not more.

 

russia-hacking-the-us-election-crimeshop

 

Except for the Russian hackers, they can hack Hillary Clinton’s email server but they can’t manage to hack my Starbucks card and increase my allotted credit amount for my beloved coffees, which I have suggested many times in the past they do.

Yes Putin, I am looking in your general direction here, inform your hackers, thanks for nothing.

The problem is that our own government is not seeing the problem clearly, they are perceiving it incorrectly therefore they are not going to solve it until they do take a step back and start seeing it just as it is.  

When you start hacking back, launching DDoS attacks back, releasing malicious malware back, you only keep the vicious cycle going and you create nothing more, than more of an invitation to make the next hack or attack, bigger and better.

Cristal M Clark

IOS users can find The Crime Shop on Apple News

@thecrimeshop on twitter

And https://gab.ai/thecrimeshop

Bitcoiners who use Tor be warned

bitcoin-the-crime-shop

Revised  Rule 41 of the Federal Rules of Criminal Procedure

A nifty little law was passed earlier this year by the US supreme court that will allow the FBI to use a single warrant to hack as many computers they’d like to, anywhere in the US and quite possibly the world or so those who are against the ruling say.

rule-41-the-crime-shop

Basically the change means that a single warrant can be obtained to hack a single electronic device and any other electronic devices that were somehow connected to or in some way associated with the original source.

In other words the change to Rule 41 will be a single warrant that will be used for mass surveillance.

The running theory going around the web is that, a single warrant that is issued anywhere in America would then allow the FBI to control as many computers that were associated with the original source on a botnet.

Whether or not they were located in the United States.

tor-the-crime-shop

This change leaves Tor and its equivalents feeling like they are prime targets. They feel that the change to Rule 41 is designed to attack Tor through its user base.

The change in the current law will take effect 12/1/2016.

ron_wyden-the-crime-shop

Sen. Ron Wyden-D-Oregon is fighting the revision to Rule 41 which he says is a “staggering expansion of government hacking and surveillance authority.”

Back in May Sen. Wyden introduced  S. 2952, a measure that would fully block the changes to Rule 41.

Not surprising, the measure hasn’t received a hearing or markup, yet Sen. Wyden is hopeful that a hearing or markup are coming soon.

Let’s not forget, that Sen Wyden does in fact have support from other lawmakers, the ACLU and the Electronic Frontier Foundation.

Sen. Wyden’s argument is pretty clear, he says that “this major policy change is going to make it easier for the government to hack into the personal devices of Americans and collect information about them, making American’s feel less safe instead of more.”

He fears that not only would this change grant the Government the ability to hack into a perpetrators device but also the victims which might be considered yet another attack on the victim.

He also feels that the government could also end up damaging, our personal devices, power grids, hospitals and nearly any other system connected to the internet.

Which is a fear that is totally founded, the US Government did manage to infect millions of computers worldwide and the networks of foreign Government’s with malware.

Sen. Wyden started to step up his game last week and in all honesty seeing someone who serves as an elected official fight for the rights of the American People is a rather refreshing change compared to what we normally see from our elected officials.

It is unclear if encrypted data and encrypted devices would be of a challenge to our Government’s hack-a-thon, should the changes to Rule 41 actually take effect on December 1, 2016.

Guess we’ll just have to wait and see.

Cristal M Clark

IOS users can find The Crime Shop on Apple News

@thecrimeshop