Yet Another Reason To Not Use Credit Cards And To Start Using Bitcoins
Two state attorneys general say they have been in contact with J.P. Morgan Chase about a recent cyberattack in which the personal information for 76 million households was compromised.
Among the issues being scrutinized is whether the bank alerted customers quickly enough about the breach, according to people familiar with the matter.
The office of Connecticut Attorney General George Jepsen has contacted the bank since its disclosure earlier this year, a spokeswoman for the attorney general said.
Illinois Attorney General Lisa Madigan is also looking into the breach. In a statement Friday, Ms. Madigan said this cyberattack is among the most “troubling” breaches, because it shows how vulnerable U.S. institutions and their databases are.
“Millions of Americans trusted Chase to secure their money and personal information,” she said in a statement. But because the bank failed to be forthcoming, “they have lost their confidence in Chase.”
Ms. Madigan noted that the bank’s filing this past week about the attack “only revealed…limited details.” She said the cyberattack demands a response from “the highest level of our government” and that the investigation results should be shared with the public, since consumers’ information and financial security are at risk.
It isn’t clear how many states are looking into the issue. The Federal Bureau of Investigation previously has said it was looking into the matter, and a spokeswoman for the agency said Friday that investigation is continuing.
Rep. Maxine Waters (D., Calif.), a member of the House Committee on Financial Services, called on Congress to “bolster data security requirements and strengthen consumer protections that ensure victims are notified in a timely manner when their financial and personal information is stolen.”
A J.P. Morgan spokeswoman said it communicated with customers three times—once after the attack was disclosed in August, once in mid-September and again Thursday, in each instance giving the status of the investigation and saying that the bank hasn’t seen unusual levels of fraud.
After initially acknowledging the attack, the bank waited about a month to further describe the extent of the breach because it didn’t want to give information that was overly optimistic or information that might scare customers unnecessarily until it knew more, the spokeswoman said.
Probes by the two attorneys general are examining whether the bank followed the appropriate steps and timelines in accordance with Illinois and Connecticut data-breach laws, people familiar with the matter said.
Most states have notification laws that largely dictate whether institutions have to inform clients of a data breach and when, with the details varying by state, said Jim McCullagh, a partner at Perkins Coie LLP, a Seattle-based law firm that represents companies that are victims of data breaches.
In most cases, this time period is loosely defined, experts say, and it can often be extended if law enforcement is involved.
Legal experts say it doesn’t appear J.P. Morgan ran afoul of the state notification laws, since sensitive customer information such as Social Security numbers, account numbers and passwords weren’t accessed. J.P. Morgan said Thursday that contact information such as phone numbers and e-mail addresses were taken.
“We were not surprised that it was going to take some time for them to figure out what was compromised,” said Eva Velasquez, president and chief executive of the Identity Theft Resource Center, a nonprofit group based in San Diego. Since sensitive information wasn’t threatened, there’s “no time clock ticking for them to notify consumers,” she said.
Other consumer advocates, however, say the bank should have done more to put customers on notice even if it wasn’t aware of the full extent of the breach weeks ago, especially since the cyberattack leaves customers vulnerable to “phishing” attacks. Phishing involves criminals contacting customers while pretending to be the bank and asking them for more personal information.
There is no sign of increased phishing activity against Chase customers, a person with knowledge of the investigation said.
“Delayed notification could pose greater risks, because it gives bad guys more time to abuse or sell to other bad guys the hacked information,” said Ed Mierzwinski, consumer-program director at U.S. Public Interest Research Group, a nonprofit group based in Washington.
Customer Stephen Collins, 47 years old, said the bank needs “to make it a priority to tighten up their security.”
‘ChewBacca’ Trojan Steals Thousands Of Credit Card Details Across The Globe.
Star Wars’ most loyal copilot has
gone to the dark side on our side of the galaxy, as Malware operating
under the name ‘ChewBacca’ has stolen data on 49,000 payment
cards from 45 retailers in 11 countries over a two month span.
According to RSA FirstWatch, the
Security Division of EMC which exposed the malignant software, the
virus started running in October and has so far gathered 24 million
transaction details, mostly in the US, but also in Canada, Australia
and Russia.
Although the Trojan creators had routed stolen data through the Tor network that enables online anonymity, Massachusetts-based RSA managed to locate them and passed the information on its location to the FBI.
RSA researchers have also communicated with the companies victimized by the malware during the shutdown operation, which has yet to end, to share the gathered information.
‘ChewBacca’ features “simple keylogging and memory-scraping functionality”, the RSA said in its blog. Its target is mainly systems that process credit cards, such as Point-of-Sale (POS) systems.
The Trojan “is self-contained and runs as-is”. It installs a copy of itself in the Windows Startup folder and its memory scanner searches for credit card information in a copy of a process’s memory, targeting at simple regular expressions for card magnetic stripe data, the RSA said. Once extracted, it is sent to the server via Tor.
In fact, ‘ChewBacca’ was first revealed in December by Kaspersky Lab. At that time the Lab pointed out that the Trojan was not for sale on underground forums and seemed to be for private use or in development.
‘ChewBacca’ comes in a wave of malware attacks, aimed at making computers vulnerable in order to steal data from them. Another notorious 2013 example, ‘Dexter’, named after a serial killer from the popular television series, caused huge losses in the restaurant and hotel industry worldwide.
Among the shops that suffered from such attacks was Target Corp., where hackers stole some 40 million payment card numbers and other data from around 70 million customers, Reuters reports. Another victim of infectious malware was the luxury department store Neiman Marcus.
The FBI has issued a warning to on-line retailers, urging them to strengthen security and alerting them of possible attacks.
The file name disguises the Trojan as a Windows Print Spooler service executable, and placing it in the Startup folder causes it to run automatically at Windows startup.
After installation, the keylogger creates a file called “system.log” inside the system %temp% folder, logging keyboard events and window focus changes.
Based on its current findings, RSA believes that deleting this file and rebooting will effectively remove ChewBacca from an infected system.
ChewBacca Server Side
The server side control panel allows the botmaster easy access to manage the botnet and review the compromised data. A “Reports” screen lists information about the compromised machines and the data captured from each of them. Data is presented in either parsed form or in raw text (as it was grabbed from the machine).
RSA researchers uncovered the server infrastructure used in a global Point-of-Sale (PoS) malware operation responsible for the electronic theft of payment card and personal data from several dozen retailers, mostly based in the U.S. Infection activity has also been detected in 10 other countries including Russia, Canada and Australia. While the malware used in the operation is not new, RSA researchers discovered that, beginning October 25th, it had logged track 1 and 2 data of payment cards it had scraped from infected PoS systems.
RSA anti-fraud researchers have been in contact with victim companies at the center of this operation, sharing key forensics information gathered in this investigation.
ChewBacca Bot
ChewBacca features two distinct data-stealing mechanisms: a generic keylogger and a memory scanner designed to specifically target systems that process credit cards, such as Point-of-Sale (POS) systems. The memory scanner dumps a copy of a process’s memory and searches it using simple regular expressions for card magnetic stripe data. If a card number is found, it is extracted and logged by the server.
RSA observed that communication is handled through the TOR network, concealing the real IP address of the Command and Control (C and; C) server(s), encrypting traffic, and avoiding network-level detection. The server address uses the pseudo-TLD “.onion” that is not resolvable outside of a TOR network and requires a TOR proxy app which is installed by the bot on the infected machine.
Installation Process
The Trojan is self-contained and runs as-is. It has no dynamic configuration and is non-modular according to RSA’s investigation.
Upon running, ChewBacca installs a copy of itself in the Windows Start and; Startup folder, as a file named “spoolsv.exe“.
The file name disguises the Trojan as a Windows Print Spooler service executable, and placing it in the Startup folder causes it to run automatically at Windows startup.
After installation, the keylogger creates a file called “system.log” inside the system %temp% folder, logging keyboard events and window focus changes.
Based on its current findings, RSA believes that deleting this file and rebooting will effectively remove ChewBacca from an infected system.
ChewBacca Server Side
The server side control panel allows the botmaster easy access to manage the botnet and review the compromised data. A “Reports” screen lists information about the compromised machines and the data captured from each of them. Data is presented in either parsed form or in raw text (as it was grabbed from the machine).
Before disappearing behind TOR, the controller of this botnet was observed logging into the server from an east European country.
The ChewBacca Trojan appears to be a simple piece of malware that, despite its lack of sophistication and defense mechanisms, succeeded in stealing payment card information from several dozen retailers around the world in a little more than two months.
Retailers have a few choices against these attackers. They can increase staffing levels and develop leading-edge capabilities to detect and stop attackers (comprehensive monitoring and incident response), or they can encrypt or tokenize data at the point of capture and ensure that it is not in plaintext view on their networks, thereby shifting the risk and burden of protection to the card issuers and their payment processors.
RSA researchers are continuing their analysis and monitoring of the operation.
After installation, the keylogger creates a file called “system.log” inside the system %temp% folder, logging keyboard events and window focus changes.
Based on its current findings, RSA believes that deleting this file and rebooting will effectively remove ChewBacca from an infected system.
ChewBacca Server Side
The server side control panel allows the botmaster easy access to manage the botnet and review the compromised data. A “Reports” screen lists information about the compromised machines and the data captured from each of them. Data is presented in either parsed form or in raw text (as it was grabbed from the machine).
RSA researchers uncovered the server infrastructure used in a global Point-of-Sale (PoS) malware operation responsible for the electronic theft of payment card and personal data from several dozen retailers, mostly based in the U.S. Infection activity has also been detected in 10 other countries including Russia, Canada and Australia. While the malware used in the operation is not new, RSA researchers discovered that, beginning October 25th, it had logged track 1 and 2 data of payment cards it had scraped from infected PoS systems.
RSA anti-fraud researchers have been in contact with victim companies at the center of this operation, sharing key forensics information gathered in this investigation.
ChewBacca Bot
ChewBacca features two distinct data-stealing mechanisms: a generic keylogger and a memory scanner designed to specifically target systems that process credit cards, such as Point-of-Sale (POS) systems. The memory scanner dumps a copy of a process’s memory and searches it using simple regular expressions for card magnetic stripe data. If a card number is found, it is extracted and logged by the server.
RSA observed that communication is handled through the TOR network, concealing the real IP address of the Command and Control (C and; C) server(s), encrypting traffic, and avoiding network-level detection. The server address uses the pseudo-TLD “.onion” that is not resolvable outside of a TOR network and requires a TOR proxy app which is installed by the bot on the infected machine.
Installation Process
The Trojan is self-contained and runs as-is. It has no dynamic configuration and is non-modular according to RSA’s investigation.
Upon running, ChewBacca installs a copy of itself in the Windows Start and; Startup folder, as a file named “spoolsv.exe“.
The file name disguises the Trojan as a Windows Print Spooler service executable, and placing it in the Startup folder causes it to run automatically at Windows startup.
After installation, the keylogger creates a file called “system.log” inside the system %temp% folder, logging keyboard events and window focus changes.
Based on its current findings, RSA believes that deleting this file and rebooting will effectively remove ChewBacca from an infected system.
ChewBacca Server Side
The server side control panel allows the botmaster easy access to manage the botnet and review the compromised data. A “Reports” screen lists information about the compromised machines and the data captured from each of them. Data is presented in either parsed form or in raw text (as it was grabbed from the machine).
Before disappearing behind TOR, the controller of this botnet was observed logging into the server from an east European country.
The ChewBacca Trojan appears to be a simple piece of malware that, despite its lack of sophistication and defense mechanisms, succeeded in stealing payment card information from several dozen retailers around the world in a little more than two months.
Retailers have a few choices against these attackers. They can increase staffing levels and develop leading-edge capabilities to detect and stop attackers (comprehensive monitoring and incident response), or they can encrypt or tokenize data at the point of capture and ensure that it is not in plaintext view on their networks, thereby shifting the risk and burden of protection to the card issuers and their payment processors.
RSA researchers are continuing their analysis and monitoring of the operation.
Monty Henry, Owner
Next-Generation Bug / Microwave / ELF / Spy Phone / GSM And Camera Detectors (Buy, Rent, Layaway) tinyurl.com/2eo8mlz Open...
— Spy Store Rentals (@MontyHenry1)
Nanny IP (Internet) Cameras, GPS Trackers, Bug Detectors and Listening Devices, etc, (Buy / Rent / Layaway): tinyurl.com/396jlw6...
— Spy Store Rentals (@MontyHenry1)
NOW, look in on your home, second home, lake house or office anytime, anywhere from any internet connected PC/Lap-top or Internet active cell phone, including iphone or PDA.
Watch your child's caregiver while sitting at a traffic light or lunch meeting, or check on your business security from the other side of the world. Our built-in hidden video features all digital transmissions providing a crystal clear image with zero interference. With the IP receiver stream your video over the internet through your router, and view on either a PC or smart phone. Designed exclusively for DPL-Surveillance-Equipment, these IP hidden wireless cameras come with multiple features to make the user's experience hassle-free.
NOW, look in on your home, second home, lake house or office anytime, anywhere from any internet connected PC/Lap-top or Internet active cell phone, including iphone or PDA: http://www.dpl-surveillance-equipment.com/wireless_hidden_cameras.html
Watch your child's caregiver while sitting at a traffic light or lunch meeting, or check on your business security from the other side of the world. Our built-in hidden video features all digital transmissions providing a crystal clear image with zero interference. With the IP receiver stream your video over the internet through your router, and view on either a PC or smart phone. Designed exclusively for DPL-Surveillance-Equipment, these IP hidden wireless cameras come with multiple features to make the user's experience hassle-free.
• Remote Video Access
• Video is Recorded Locally To An Installed SD Card (2GB SD Card included)
• Email Notifications (Motion Alerts, Camera Failure, IP Address Change, SD Card Full)
• Live Monitoring, Recording And Event Playback Via Internet
• Back-up SD Storage Up To 32GB (SD Not Included)
• Digital Wireless Transmission (No Camera Interference)
• View LIVE On Your SmartPhone!
Includes:
* Nanny Cameras w/ Remote View
* Wireless IP Receiver
* Remote Control
* A/C Adaptor
* 2GB SD Card
* USB Receiver
FACT SHEET: HIDDEN NANNY-SPY (VIEW VIA THE INTERNET) CAMERAS
Specifications:
Receiver Specs:
* Transmission Range of 500 ft Line Of Sight
* Uses 53 Channels Resulting In No Interference
* 12V Power Consumption
* RCA Output
* Supports up to 32gig SD
Camera Specs:
* 640x480 / 320x240 up to 30fps
* Image Sensor: 1/4" Micron Sensor
* Resolution: 720x480 Pixels
* S/N Ratio: 45 db
* Sensitivity: 11.5V/lux-s @ 550nm
* Video System: NTSC
* White Balance: Auto Tracking
• Video is Recorded Locally To An Installed SD Card (2GB SD Card included)
• Email Notifications (Motion Alerts, Camera Failure, IP Address Change, SD Card Full)
• Live Monitoring, Recording And Event Playback Via Internet
• Back-up SD Storage Up To 32GB (SD Not Included)
• Digital Wireless Transmission (No Camera Interference)
• View LIVE On Your SmartPhone!
Includes:
* Nanny Cameras w/ Remote View
* Wireless IP Receiver
* Remote Control
* A/C Adaptor
* 2GB SD Card
* USB Receiver
FACT SHEET: HIDDEN NANNY-SPY (VIEW VIA THE INTERNET) CAMERAS
Specifications:
Receiver Specs:
* Transmission Range of 500 ft Line Of Sight
* Uses 53 Channels Resulting In No Interference
* 12V Power Consumption
* RCA Output
* Supports up to 32gig SD
Camera Specs:
* 640x480 / 320x240 up to 30fps
* Image Sensor: 1/4" Micron Sensor
* Resolution: 720x480 Pixels
* S/N Ratio: 45 db
* Sensitivity: 11.5V/lux-s @ 550nm
* Video System: NTSC
* White Balance: Auto Tracking
Make Your Own Nanny Cameras: Make Tons Of Money In A Booming, Nearly Recession-Proof Industry!
Your Primary Customers Include But Are Not Limited To Anyone In The Private Investigator, Government, Law Enforcement And/Or Intelligence Agencies Fields!
* You Buy Our DVR Boards And We'll Build Your Products! (Optional)
* You Buy Our DVR Boards And We'll Build Your Products! (Optional)
Our New Layaway Plan Adds Convenience For Online Shoppers
DPL-Surveillance-Equipment's
layaway plan makes it easy for you to buy the products and services
that you want by paying for them through manageable monthly payments
that you set. Our intuitive calculator allows you to break down your
order's purchase price into smaller payment amounts. Payments can be
automatically deducted from your bank account or made in cash using
MoneyGram® ExpressPayment® Services and you will receive your order once
it's paid in full. Use it to plan and budget for holiday purchases,
anniversaries, birthdays, vacations and more!
DPL-Surveillance-Equipment's
Customers can now use the convenience of layaway online to help them
get through these tough economic times.
We all shop now
and then just to face a hard reality -- big credit card bills. However,
our latest financing innovation can help you avoid that. Find out why
more and more shoppers are checking out DPL-Surveillance-Equipment's
e-layaway plan.
If you're drooling over a new nanny
camera, longing for a GPS tracker, or wishing for that spy watch, but
you're strapped for cash and can't afford to do credit, do what Jennie
Kheen did. She bought her iPod docking station (hidden camera
w/motion-activated DVR) online using our convenient lay-away plan.
Our
online layaway plan works like the old-fashioned service stores used to
offer. But, in Kheen's case, she went to
DPL-Surveillance-Equipment.com, found the iPod docking station (hidden
camera w/motion-activated DVR), then set up a payment plan.
"It's automatically drawn from my account," she said. "I have a budget, $208.00 a month.
In
three months, Kheen had paid off the $650.00 iPod docking station. She
paid another 3.9 percent service fee, which amounted to about $25.35
(plus $12.00 for shipping) for a total of $687.35.
"You
pay a little bit each month," Kheen said. "It's paid off when you get
it and you don't have it lingering over your head. It's great."
Flexible
payment terms and automated payments make our layaway plan an
affordable and fiscally responsible alternative to credit cards.
1. Register:
It's quick, easy and FREE! No credit check required!
2. Shop:
Select
the items or service you want and choose "e-layaway" as your payment
option. Our payment calculator makes it easy for you to set up your
payment terms.
3. Make Payments:
Payments are made on the schedule YOU set. Check your order status or adjust your payments online in a secure environment.
4. Receive Products:
Receive the product shortly after your last payment. The best part, it's paid in full... NO DEBT.
More Buying Power:
*
Our lay-away plan offers a safe and affordable payment alternative
without tying up your credit or subjecting the purchase to high-interest
credit card fees.
No Credit Checks or Special Qualifications:
* Anyone 18 years old or older can join. All you need is an active bank account.
Freedom From Credit Cards:
*
If you are near or beyond your credit limit or simply want to avoid
high interest credit card fees, our e-layaway is the smart choice for
you.
Flexible Payment Schedules:
*
Similar to traditional layaway, e-layaway lets you make regular payments
towards merchandise, with delivery upon payment in full. Payments are
automatically deducted from your bank account or made in cash using
MoneyGram® ExpressPayment®
A Tool for Planning Ahead:
*
Our e-layaway makes it easy for smart shoppers like you to plan ahead
and buy items such as bug detectors, nanny cameras, audio bugs, gps
trackers, and more!
No Hidden Charges or Mounting Interest:
Our
e-layaway makes shopping painless by eliminating hidden charges and
monthly interest fees. Our customers pay a flat transaction fee on the
initial purchase price.
NO RISK:
* You have the right to cancel any purchase and will receive a refund less a cancellation fee. See website for details.
Security and Identity Protection:
DPL-Surveillance-Equipment
has partnered with trusted experts like McAfee and IDology to ensure
the security and integrity of every transaction. Identity verification
measures are integrated into our e-layaway system to prevent fraudulent
purchases.
Note: Simply Choose e-Lay-Away as a "Payment Option" in The Shopping Cart
DPL-Surveillance-Equipment.com
is a world leader in providing surveillance and security products and
services to Government, Law Enforcement, Private Investigators, small
and large companies worldwide. We have one of the largest varieties of
state-of-the-art surveillance and counter-surveillance equipment
including Personal Protection
and Bug Detection Products.
Buy, rent or lease the same
state-of-the-art surveillance and security equipment Detectives, PI's,
the CIA and FBI use. Take back control!
DPL-Surveillance-Equipment.com
Phone: (1888) 344-3742 Toll Free USA
Local: (818) 344-3742
Fax (775) 249-9320
Monty@DPL-Surveillance-Equipment.com
Google+ and Gmail
DPLSURVE
Twitter
DPLSURVE
MSN
Monty@DPL-Surveillance-Equipment.com
AOL Instant Messenger
DPLSURVE32
Skype
Montyl32
Yahoo Instant Messenger
Montyi32
Alternate Email Address
montyi32@yahoo.com
Join my Yahoo Group!
My RSS Feed
Phone: (1888) 344-3742 Toll Free USA
Local: (818) 344-3742
Fax (775) 249-9320
Monty@DPL-Surveillance-Equipment.com
Google+ and Gmail
DPLSURVE
DPLSURVE
MSN
Monty@DPL-Surveillance-Equipment.com
AOL Instant Messenger
DPLSURVE32
Skype
Montyl32
Yahoo Instant Messenger
Montyi32
Alternate Email Address
montyi32@yahoo.com
Join my Yahoo Group!
My RSS Feed
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.
<< Home