Antidetect

Deep down in the depths of the hacking underground is software that is designed to help criminals, aka crimeware. This field of crimeware has a new player in town, called Antidetect. The program is designed to assist someone who stole credit card information from being detected. The program works by allowing users to very quickly and easily change components of the their system to avoid browser fingerprinting, including the browser type (Safari, IE, Chrome, etc.), version, language, user agent, Adobe Flash version, number and type of other plugins, as well as operating system settings such as OS and processor type, time zone and screen resolution. The ingenious wizard is Pavel V. Golub. This release should raise concern over card-not-present fraud, and needs to be handled.

Antidetect Demo: https://youtu.be/ZQN7CyCXh90

Article: http://krebsonsecurity.com/2015/03/antidetect-helps-thieves-hide-digital-fingerprints/

More on his identity: http://krebsonsecurity.com/2015/03/who-is-the-antidetect-author/

-Jeremiah Faison

Bank Hackers Steal Millions Via Malware

There was a story published in The New York Times, a few weeks ago about a organized group of cybercriminals that pulled off one of the largest bank heists, digitally, ever. This group, named by Kaspersky, Carbanak, is responsible for deploying malware to gain access to computers at more than 100 banks and steal well over $300 million.

Image: Kaspersky

There were 300 IP addresses targeted and the attack spanned nearly 30 countries worldwide. And the method used:

Phising

I’d hope that a bank would have better sense not to fall for a simple phising attack, but this wasn’t very simple. Most times, phishing attacks are aimed at the customers, trying to gain sensitive information. Carbanak targeted the machines in the banks directly, and finding ways to steal cash directly from the financial institution.

This same group is also thought to be behind several credit/debit card breaches at retail stores around the world, including Staples, however there has not been any noticable activity since the bank heists, which the story was covered by Brian Krebs back in December 2014.

Article: http://krebsonsecurity.com/2015/02/the-great-bank-heist-or-death-by-1000-cuts/#more-29921

Kaspersky Report: http://krebsonsecurity.com/wp-content/uploads/2015/02/Carbanak_APT_eng.pdf

-Jeremiah Faison