by Constantine von Hoffman

Even Dumb Hackers Can Make Crime Pay

Dec 13, 20124 mins
CybercrimeData BreachMalware

This week's IT security roundup has stories on some not-so-smart Facebook hackers; malware that infected hundreds of PoS systems in 40 different countries; "Project Blitzkrieg;" and more.

The stereotypical hacker, regardless of hat color, is a smart, nerdy, computer wizard. And while many real-life hackers probably fit the bill, not all of them are smart or nerdy.

For example, this morning I mentioned 10 people nabbed this week for stealing $850 million by poaching on Facebook’s turf. Atif Mushtaq, senior staff scientist for security vendor FireEye, doesn’t think these guys are exactly Mensa material. In what is the ultimate understated hacker put down he said, “It looks like these guys aren’t very good developers.”


I have seen grown men turn in their pocket protectors and pre-taped reading glasses for less than that. On the bright side this means we can stop worrying about the lack of IT prowess in each successive class of college graduates. 

Or can we? This week ExploitHub, whose motto is “Helping security professionals test MORE vulnerabilities, FASTER,” allowed a group calling itself the “Inj3ct0r Team” to test whether ExploitHub itself was vulnerable. The group quickly determined that it was.

As Computerworld’s Jeremy Kirk reports,

“The Inj3ct0r Team, which also runs its own vulnerability and exploit marketplace, posted descriptions of some of the data on a website, which included software products from major IT companies include Oracle, Adobe Systems, HP, Citrix and Trend Micro. The group claimed the information is worth $242,333 and said it hacked ExploitHub to show it had poor security.”

The Austin-based ExploitHub said the hack was the result of an “embarrassing oversight.” Can someone translate, “It looks like these guys aren’t very good developers” into Texan for me?

Wait, I remember: You keep givin’ ’em books and givin’ ’em books and they keep chewin’ on the covers.

Also in the news this week:

Dexter Malware Infects Point-of-Sale Systems Worldwide

(CSO) — Researchers from Israel-based IT security firm Seculert have uncovered a custom-made piece of malware that infected hundreds of point-of-sale (PoS) systems from businesses in 40 countries in the past few months and stole the data of tens of thousands of payment cards. The malware was dubbed Dexter after a text string found in some of its components and infected Windows-based PoS systems belonging to big-name retailers, hotels, restaurants and even private parking providers, Seculert researchers said Tuesday in a blog post.

Aramco Says Cyberattack Was Aimed at Production

(New York Times) — Saudi Arabia’s national oil company, Aramco, said on Sunday that a cyberattack against it in August that damaged some 30,000 computers was aimed at stopping oil and gas production in Saudi Arabia, the biggest exporter in the Organization of the Petroleum Exporting Countries.

New Findings Lend Credence to Project Blitzkrieg

(Krebs on Security)  —  “Project Blitzkrieg,” a brazen Underweb plan for hiring 100 botmasters to fuel a blaze of ebanking heists against 30 U.S. financial institutions in the Spring of 2013, was met with skepticism from some in the security community after news of the scheme came to light in October. Many assumed it was a law enforcement sting, or merely the ramblings of a wannabe criminal mastermind. But new research suggests the crooks who hatched the plan were serious and have painstakingly built up a formidable crime machine in preparation for the project.

Bank of America Insider to Admit Planting Malware on ATMs

(NakedSecurity) — A worker at Bank of America is expected to plead guilty tomorrow to charges that he installed malware onto his employer’s ATM cash machines that allowed him to withdraw cash without being noticed.

Cyber Attackers Seize, Encrypt and Ransom Medical Centre’s Patient Database

(NakedSecurity) — The data-kidnappers are demanding $4,000 to release thousands of patient records belonging to the Miami Family Medical Centre on Australia’s Gold Coast. 

Australian Defence Force Academy in stinkingly bad password breach

(NakedSecurity) — The Australian Defence Force Academy is the latest high-profile organisation to become embroiled in a data breach. The breach revealed names, birthdates, and some…well, some stinkingly bad passwords.

Russian Space, Telecom Industries Targeted by Espionage

(SCMagazine) — The United States isn’t the only nation in the crosshairs of cyber spies seeking sensitive information from various industries.