Overview of Recent Hacker Crime Rings in News
Created: 23 Oct 2009
Ehud Tanenbaum (aka “The Analyzer”)
- Crime: Targeted attack against ATM networks
- Other team members: Cashers/mules and various operators
- Suspected victims: 7-11 ATM network, RBS Worldpay
- Method of attack: Incursion via SQLInjection, Capture of PIN and ATM card data. Mules withdraw cash
Albert Gonzalez (aka “Soupnazi”, “segvec”) plus others
- Crime: Targeted attack against payment processors and retailers
- Other team members: Two as-yet-unknown hackers
- Known victims: Heartland Payment Systems, Hannaford Bros., TJX
- Method of attack: Incursion via SQLInjection, Capture of credit card data via rootkit. Mules perform fraud.
- Status: In custody. Guilty plea filed.
Clampi Rings (May be one or more groups; suspects not yet identified)
- Crime: Targeted attacks against CFOs of SMBs. Results in fraudulent electronic funds transfer to crime ring’s account.
- Known victims: Slack Auto Parts, Chicago School Districts, Patcho Construction
- Method of attack: Targeted malware (Trojan.Clampi) delivery results in compromise of CFO’s machine. Malware then sniffs passwords and forces cash transfer from victim’s bank account to offshore accounts.
- Status: Prospective victims warned and notified. Perpetrators still on the loose.
- Protection: Symantec Endpoint Protection has solid detection against this threat.
blog entry Filed Under: