Company's bank accounts cleaned out; bank sues company.

Late last year, the bank account of an outfit in Texas called Hillary Machinery, Inc. was siphoned to the tune of $800kus after their online banking credentials were compromised. The bank they did business with, PlainsCapital, required customers to supply a username and passphrase and then enter a single-use passphrase e-mailed to a certain address a few minutes later to complete the authentication process. Investigation showed that IP addresses roughly corresponding to networks in Italy and Romania were used to initiate the transfer of funds to bank accounts in the Russian Federation and Eastern Europe. From this evidence, it seems …

Read more...

European ATMs struck by hacksploitation movie plot.

When manufacturers of ATMs started using Windows to run them, you just knew that no good would come of it.

Eastern European banks discovered this the hard way when the security companies Sophos and SpiderLabs discovered strains of malware tailored for automated teller machines that record the second data track of banking cards inserted into the reader slot along with the PIN entered by the machine's user. That's really all you need to make a copy of the card and loot the account. As if that's not enough, the malware also makes it possible for anyone carrying a specially encoded …

Read more...

US government mines even more personal information than previously suspected.

Ever since 9/11, the US government has been an informational vacuum cleaner that sucks up information on just about everyone in this country, or who happens to enter or leave the country (as some people with laptops have discovered). What they do with it and where they put it all is a matter of some speculation; suffice it to say that the network attached storage system companies are making a killing selling RAID systems to them... at any rate, it's come to light that they're mining more than just terrorism-related information to generate profiles on people. In fact, there …

Read more...