This week's IT security roundup has stories on some not-so-smart Facebook hackers; malware that infected hundreds of PoS systems in 40 different countries; "Project Blitzkrieg;" and more. The stereotypical hacker, regardless of hat color, is a smart, nerdy, computer wizard. And while many real-life hackers probably fit the bill, not all of them are smart or nerdy. For example, this morning I mentioned 10 people nabbed this week for stealing $850 million by poaching on Facebook’s turf. Atif Mushtaq, senior staff scientist for security vendor FireEye, doesn’t think these guys are exactly Mensa material. In what is the ultimate understated hacker put down he said, “It looks like these guys aren’t very good developers.” SNAP! I have seen grown men turn in their pocket protectors and pre-taped reading glasses for less than that. On the bright side this means we can stop worrying about the lack of IT prowess in each successive class of college graduates. Or can we? This week ExploitHub, whose motto is “Helping security professionals test MORE vulnerabilities, FASTER,” allowed a group calling itself the “Inj3ct0r Team” to test whether ExploitHub itself was vulnerable. The group quickly determined that it was. As Computerworld’s Jeremy Kirk reports, “The Inj3ct0r Team, which also runs its own vulnerability and exploit marketplace, posted descriptions of some of the data on a website, which included software products from major IT companies include Oracle, Adobe Systems, HP, Citrix and Trend Micro. The group claimed the information is worth $242,333 and said it hacked ExploitHub to show it had poor security.” The Austin-based ExploitHub said the hack was the result of an “embarrassing oversight.” Can someone translate, “It looks like these guys aren’t very good developers” into Texan for me? Wait, I remember: You keep givin’ ’em books and givin’ ’em books and they keep chewin’ on the covers. Also in the news this week: Dexter Malware Infects Point-of-Sale Systems Worldwide (CSO) — Researchers from Israel-based IT security firm Seculert have uncovered a custom-made piece of malware that infected hundreds of point-of-sale (PoS) systems from businesses in 40 countries in the past few months and stole the data of tens of thousands of payment cards. The malware was dubbed Dexter after a text string found in some of its components and infected Windows-based PoS systems belonging to big-name retailers, hotels, restaurants and even private parking providers, Seculert researchers said Tuesday in a blog post. Aramco Says Cyberattack Was Aimed at Production (New York Times) — Saudi Arabia’s national oil company, Aramco, said on Sunday that a cyberattack against it in August that damaged some 30,000 computers was aimed at stopping oil and gas production in Saudi Arabia, the biggest exporter in the Organization of the Petroleum Exporting Countries. New Findings Lend Credence to Project Blitzkrieg (Krebs on Security) — “Project Blitzkrieg,” a brazen Underweb plan for hiring 100 botmasters to fuel a blaze of ebanking heists against 30 U.S. financial institutions in the Spring of 2013, was met with skepticism from some in the security community after news of the scheme came to light in October. Many assumed it was a law enforcement sting, or merely the ramblings of a wannabe criminal mastermind. But new research suggests the crooks who hatched the plan were serious and have painstakingly built up a formidable crime machine in preparation for the project. Bank of America Insider to Admit Planting Malware on ATMs (NakedSecurity) — A worker at Bank of America is expected to plead guilty tomorrow to charges that he installed malware onto his employer’s ATM cash machines that allowed him to withdraw cash without being noticed. Cyber Attackers Seize, Encrypt and Ransom Medical Centre’s Patient Database (NakedSecurity) — The data-kidnappers are demanding $4,000 to release thousands of patient records belonging to the Miami Family Medical Centre on Australia’s Gold Coast. Australian Defence Force Academy in stinkingly bad password breach (NakedSecurity) — The Australian Defence Force Academy is the latest high-profile organisation to become embroiled in a data breach. The breach revealed names, birthdates, and some…well, some stinkingly bad passwords. Russian Space, Telecom Industries Targeted by Espionage (SCMagazine) — The United States isn’t the only nation in the crosshairs of cyber spies seeking sensitive information from various industries. Related content opinion Why Bitcoins are Just as Viable as Any Other Currency The true value of any currency is a reflection of how much people believe it's worth, according to CIO blogger Constantine von Hoffman. But it's wise to remember just how fast beliefs can change. By Constantine von Hoffman Apr 15, 2013 4 mins Government Technology Industry opinion No Surprise: Docs Show Obama Administration Lying About Drones President Obama has repeatedly said drones would only be used against members of al Qaida and allied groups. However, leaked intelligence documents show the administration has been using them to settle political and tribal feuds for at least four yea By Constantine von Hoffman Apr 10, 2013 3 mins Regulation Government opinion How Big Data Can Quickly Become Big Garbage The bigger the data the bigger the chance of mistakes or inaccuracies. In that vein, a large database used by retailers to screen people accused of stealing from employers is identifying innocent people and could result in major lawsuits, according t By Constantine von Hoffman Apr 04, 2013 2 mins Big Data opinion Why Crazy Trumps Logic on the Internet The earth is flat. Vaccines cause autism. 9/11 was a government conspiracy. These are just a few of the many ideas that continue to find adherents online despite overwhelming proof that they're not based on fact. CIO.com blogger Constantine von By Constantine von Hoffman Apr 02, 2013 3 mins Government Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe