Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.
Amit had already uncovered the return of the Neosploit
crimeware toolkit and showed a link between a rise in PDF exploits and
it's reappearance. He then turned his attention to the eCrime
operations behind one specific Neosploit installation he had
identified.
The resulting investigation is now being led
jointly by Amit and CERT, and is global in nature. In fact it spans
more than 86 countries worldwide.
Amit was able to uncover more than 200,000 credentials attached to
specific servers had been made available on a central, criminally
operated, server. These were just part of a highly organized process to
modify legitimate Web sites to serve malicious content.
Out of those 200,000 nearly 107,000 of them had been validated by that
criminal server, and 82,000 had been used to modify Web related
content, ready to attack unsuspecting users of sites associated with
that content.
The remaining 20,000 validated credentials were set aside to be used as
trading collateral with other eCrime organizations later. Given the
nature of the servers concerned, most likely in the fields of business
intelligence and corporate espionage.
We spoke to Amit about the investigation and he told iTWire that "After
closer investigation of the data gathered during the research, it came
to our attention that not only the criminals were able to get their
hands on government site credentials in the US and across Europe, but
also for the FTP server of the BBC."
Amit says it was just "sheer luck that the credentials were not
associated with any online material, this incident could have ended up
infecting the BBC's website visitors."
David Bass
| For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…
How to Make Business Discovery Work for Your Business
Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more
Try an easy-to-use set of web-enabled
tools for business-class productivity services. Office 365 provides
anywhere-access to email, important documents, contacts, and calendars
on almost any device.