NewsBits for June 13, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Man Sentenced for eBay Fraud A man accused of defrauding hundreds of thousands of dollars from eBay customers who thought they were buying computers was sentenced Friday to three years in a state facility, and ordered to pay back the lost funds. Chris Chong Kim, 28, must repay nearly $600,000 to his victims, including 80 individual customers, eBay, PayPal -- eBay's bill payment division -- and Bank of America. Kim had a business site on eBay called "Calvin's Auctions," which sold high-end computers, laptops and other equipment for two years. But in April 2002, Kim stopped shipping equipment. More than 170 customers from around the world registered complaints. http://www.washingtonpost.com/wp-dyn/articles/A56382-2003Jun13.html http://www.msnbc.com/news/925433.asp http://www.usatoday.com/tech/news/2003-06-13-ebay-scam-600k_x.htm - - - - - - - - - - Teen Sentenced for Eglin, Sandia Hacking An 18-year-old hacker who breached computers at Sandia National Laboratories and posted an anti-Israeli message on the Eglin Air Force Base Web site was sentenced Thursday to a year and a day in federal prison. Adil Yahya Zakaria Shakour also was ordered to pay $88,253 in restitution, and his computer use was restricted during the three years he will spend under supervised release after his prison term. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6075436.htm http://www.usatoday.com/tech/news/computersecurity/2003-06-13-eglin-hacker_x.htm - - - - - - - - - - Al-Jazeera hacker awaits sentence The hacker who attacked AL-Jazeera's Web site during the Iraq war has pleaded guilty to the crime, but he is expected to get off very lightly. A Californian man pleaded guilty on Thursday to two charges stemming from an attack on the Web site of the Arab news service Al- Jazeera during the early days of the Iraq conflict. http://news.zdnet.co.uk/story/0,,t269-s2135999,00.html http://www.cnn.com/2003/TECH/internet/06/13/al.jazeera.hacked.ap/index.html - - - - - - - - - - 7th-grader faces expulsion for hacking into school's files Newark Junior High is the latest school in the Tri-City area to be hit by a computer hacker. A computer-savvy seventh-grader apparently obtained passwords and deleted grade files of eight to 10 teachers, Principal Fred Ilg said. The student is facing possible expulsion in the fall. http://www.siliconvalley.com/mld/siliconvalley/6078841.htm - - - - - - - - - - Court upholds verdicts, sentence in family porn case The state Supreme Court on Thursday upheld the convictions and prison terms of a Logan County couple accused of letting a child engage in sexually explicit conduct in front of cameras. The stepfather of the girl, who was unidentified by the court, was sentenced to 13 years. His wife, the girl's mother, was sentenced to 10 years. The stepfather also was convicted of producing, directing or promoting a sexual performance. http://www.usatoday.com/tech/news/2003-06-13-family-porn_x.htm - - - - - - - - - - Chiropractor given 35 years in sex case A Dallas chiropractor will spend 35 years in prison for molesting several boys, some of whom he met on the Internet, under a plea agreement reached in Denton County. Jeffrey Mann pleaded guilty last week in Denton County district court to 20 counts of child sexual assault, one count of possession of child pornography and one count of indecency with a child. Dr. Mann found his victims in a variety of ways, including the Internet. Police say he lured the boys by telling them he was providing a support group for teenagers struggling with their sexual orientation. http://www.dallasnews.com/localnews/stories/061303dnmetplea.4e828.html - - - - - - - - - - Man sentenced for soliciting 'girl' online Carlton Discavage wasn't alone when he arrived at Oakbrook Center mall to pick up an underage girl he had chatted with on the Internet. He brought along his three young children. The 31-year-old Bolingbrook man admitted Thursday arranging a sexual rendezvous with a 15-year-old girl who, as it turns out, was an undercover police officer. Discavage pleaded guilty to felony indecent solicitation of a child. A judge sentenced him to 70 days in jail but granted the defendant work-release privileges. He also must undergo counseling, register as a sex offender and undergo DNA testing. http://www.dailyherald.com/dupage/main_story.asp?intID=3778540 - - - - - - - - - - Webcam Incident Nets Guilty Plea A Greenwood woman pleaded guilty Wednesday to computer exploitation of a child in connection with an Internet "flashing" incident involving a juvenile female. Rebecca Suzanne Buchanan, 24, was given a five-years suspended sentence, ordered to register as a sex offender, provide a DNA sample for a state database and undergo counseling. Buchanan was arrested in November after her husband, from who she was separated at the time, called police to report he saw his wife and a minor female exposing their breasts on a webcam with his 2-year-old son in the room, according to a police report. Sebastian County deputy prosecutor Alison Houston said the basis of the criminal charge was Buchanan caused or allowed the minor female to expose herself knowing it would be reproduced on the Internet. The minor female said she was encouraged by Buchanan to expose her breasts, according to a police report. Police seized Buchanan's computer and several discs, finding numerous pornographic photographs, but none that involved juvenile subjects. http://www.swtimes.com/archive/2003/June/12/news/Webcam.html - - - - - - - - - - Sentencing delayed for doctor in Web sex case A sentencing that was originally scheduled yesterday for a physician convicted of soliciting what he thought was a 14-year-old girl online has been postponed in Allen County Common Pleas Court. Geoffrey Snyder, 36, of Lewisville, Ohio, has been re|sched|uled to appear in court at 12:30 p.m. July 1 before Judge Richard Warren. Snyder was convicted of one count of importuning. Lima police said Snyder solicited an officer posing as a 14-year-old girl for sex over the Internet. He was arrested Sept. 27. Snyder was a family physician in Woodsfield and was the coroner in Monroe County, Ohio. http://www.toledoblade.com/apps/pbcs.dll/article?AID=/20030612/NEWS03/306120007 - - - - - - - - - - Band director accused of seeking sex with teen The assistant band director at Evergreen Local High School was arraigned in Lima Municipal Court yesterday on a felony charge of importuning. Christopher Helle, 30, of Sylvania posted $5,000 cash bond and was released from the Allen County Jail awaiting a June 20 court appearance. He was arrested Monday after traveling to Lima to meet with what he thought was a 14-year-old girl. Mr. Helle allegedly initiated contact on an Internet chat room with a Lima police officer posing as a teenage girl. Police said the Internet exchange continued for more than a month. Mr. Helle was charged with importuning because he allegedly told the officer online that he wanted to meet for sex. http://www.toledoblade.com/apps/pbcs.dll/article?AID=/20030612/NEWS03/306120004 - - - - - - - - - - Undercover internet sex sting snags another area man An undercover internet sex sting run by the LaPorte Police Department has yielded considerable success just in the last seven months, with Valparaiso men making up half of those arrested. Most recently, Kyle Fraher, 19, of 403 Academy St. was arrested June 3 after police arrived at a service station, north of LaPorte, instead of the 13- year-old girl Fraher allegedly arranged to meet with, through the internet, LaPorte Police Det. Adam Klimczak said. "We'd been chatting (on-line) with him for about a month and a half, two months," Klimczak said, adding police arranged to meet Fraher on two earlier occasions but he went to the wrong location. So far, the LaPorte operation has snagged six men, three of which - including Fraher - are from Valparaiso. In fact, two men, who were among the first to be arrested in the sting, were from Valparaiso. http://www.thetimesonline.com/articles/2003/06/12/news/region_and_state/5a53922501411d4286256d430003d51c.txt - - - - - - - - - - New charges in B.C. Net luring case Another sex assault charge has been laid against a Lower Mainland man accused of luring teenage boys over the Internet. Surrey resident Dale Nault, 34, faces a third count of sexual assault, plus one charge of possession of child pornography. "He was charged in relation to a 14-year-old for an offence alleged to have occurred in 2000," said Surrey RCMP spokesman Const. Tim Shields. As in the two earlier cases, Mr. Nault was alleged to have told the youths that he was a teenager himself, said Mr. Shields. The possession charge was laid after RCMP used a search warrant to check his home several weeks ago, said Mr. Shields. http://www.globetechnology.com/servlet/story/RTGAM.20030612.gtchargesjune12/BNStory/Technology/ - - - - - - - - - - SETTLEMENT WITH NETSCAPE REACHED IN "SPYWARE" CASE Attorney General Eliot Spitzer today announced an agreement with Netscape Communications, a subsidiary of America Online, regarding alleged privacy violations connected with its SmartDownload browser function. The settlement concludes a lengthy investigation into the company's collection and retention of information that identified files downloaded by its users. The investigation found that between 2000 and 2002, Netscape's "SmartDownload" feature had, in processing certain users' download requests, also saved several categories of data relating to each download including the Internet address, or URL, of each file user's downloaded. According to Spitzer, the retention of the information contradicted Netscape's representation to consumers that "none of this information is saved." http://www.oag.state.ny.us/press/2003/jun/jun13b_03.html http://news.com.com/2100-1025_3-1017275.html - - - - - - - - - - Law Society of Scotland pays PS10K to 'cybersquatter' for domain The Law Society of Scotland has climbed down on the eve of a court case to decide ownership of a domain it claimed was run by a cybersquatter. Rather than go to court today - Friday 13th - the owner of Lawscot.co.uk, Tommy Butler, is instead in possession of a PS10,000 cheque from the Society for the domain - just a year after it dismissed Mr Butler's offer of PS500 as too expensive. http://www.theregister.co.uk/content/6/31184.html - - - - - - - - - - Visa cards blocked after details stolen A security breach at a US firm has led to credit card details being stolen - some customers in Europe are now finding that their cards have been blocked Visa has confirmed that the credit card details of "a number" of Visa customers in the US and Europe have been stolen from a US-based firm. Some affected customers have had their cards blocked and are now unable to take advantage of the Visa slogan "Anytime, anywhere, anyway". http://news.zdnet.co.uk/story/0,,t269-s2136031,00.html - - - - - - - - - - Security Firm Denies Allegations Of Widespread Software Piracy Foundstone president Stuart McClure says his company fell short of full software license compliance, but that it didn't engage in or condone piracy. Stuart McClure, president and chief technology officer of information security software, services, and training firm Foundstone Inc., denies accusations that surfaced earlier this week in a Fortune magazine article that the company engaged in deliberate and widespread software piracy. http://www.informationweek.com/story/showArticle.jhtml?articleID=10300900 - - - - - - - - - - Replica of Patrick Roy jail ID winds up on eBay Replicas of former Colorado Avalanche goalie Patrick Roy's jail identification badge from his arrest 2 years ago in a domestic violence case were smuggled out of the jail, and one was offered for sale on the Internet, the Arapahoe County sheriff said. Eight to 10 jail deputies face internal discipline and two civilians could face felony charges, Sheriff Grayson Robinson told KCNC-TV in Denver on Friday. http://www.usatoday.com/tech/news/2003-06-13-NHL-ID-ebay_x.htm - - - - - - - - - - Law Would Spy on Ashcroft The U.S. government's most secret class of Internet spying, telephone wiretaps and physical searches would become slightly less secret under legislation proposed this week reflecting lawmakers' growing unease with the Justice Department's use of expanded surveillance powers. The Surveillance Oversight and Disclosure Act (SODA) introduced in the House of Representatives would require the DoJ to publish an annual report counting and categorizing the number of surveillance orders issued under the Foreign Intelligence Surveillance Act (FISA) in the previous year. http://www.securityfocus.com/news/5772 - - - - - - - - - - Corporate fraud bill introduced The federal government introduced sweeping corporate-fraud legislation Thursday in an attempt to reassure jittery investors after a barrage of international corporate scandals. Justice Minister Martin Cauchon also brought in a bill promising tougher penalties for companies found negligent in the injury or death of an employee - a long-awaited response to the 1992 Westray mine disaster in Nova Scotia, where 26 miners died. http://cnews.canoe.ca/CNEWS/Canada/2003/06/12/109737-cp.html - - - - - - - - - - Bill would let you sue the spammers A pair of unusual political allies, a left-wing Democrat and a conservative religious group, teamed up on Thursday in Washington's latest bid to rid the Internet of spam. Sen. Chuck Schumer of New York joined with the Christian Coalition to announce support for a new bill that would create a national "Do Not Spam" registry of e-mail addresses and, unlike other federal proposals to date, give individuals the right to sue spammers for $1,000 per unlawful message. http://zdnet.com.com/2100-1105_2-1016779.html Spam canners cant agree on recipe http://www.gcn.com/vol1_no1/daily-updates/22450-1.html - - - - - - - - - - Spammers use Trojans to enslave home PCs Is your computer being used to send junk mail? Spammers are increasingly hijacking home PCs to send junk mail, according to MessageLabs. The managed email service provider claims to have proof of spammers using viruses to plant Trojan malware on PCs to provide remote access. Once the software is installed the PC can be used to send out spam at no cost or risk to the spammer. http://www.vnunet.com/News/1141610 Spam virus 'hijacks' computers http://news.bbc.co.uk/2/hi/technology/2987558.stm Security vuln in NTL spam http://www.theregister.co.uk/content/55/31202.html Naive bosses ignorant of spam's double threat Legal wrangling just around the corner as 41 per cent of companies fail to implement an official policy... http://silicon.com/category/165/10.html - - - - - - - - - - Tech industry doubts about focus on cybersecurity linger For some lobbyists, the fact that the Homeland Security Department chose to outline its new cybersecurity division's place on the bureaucratic ladder on a Friday afternoon last week was not a coincidence. It signaled to them that cybersecurity issues are not the highest priority as the department's leaders work to morph 22 agencies into a working organization. http://www.govexec.com/dailyfed/0603/061303td1.htm - - - - - - - - - - Auditors slam Michigans tax security The Michigan Treasury Departments mainframe system for processing taxes is vulnerable to unauthorized access and fraud, state auditors said. General controls over access to mainframe systems were not effective, according to the auditor generals report, which found a significant risk that the departments system of internal controls could not prevent or detect unauthorized access to or use of confidential taxpayer information. Nor could the internal controls prevent fraudulent financial transactions, the report said. http://www.gcn.com/vol1_no1/daily-updates/22441-1.html - - - - - - - - - - Russia is alarmed at the cyberthreat Now, a liberal share of the software in the domestic market is represented by the foreign manufacturers; this software is mostly used in private sector. As for state bodies, the use of the foreign programs in the Russian army, in government, etc., cannot guarantee a due level of safety. Losses from computer crime increase in Russia. 500 cases of cyber crime were fixed last year in Moscow region and more than 800 cases on cyber crime were fixed for four months this year. http://www.crime-research.org/eng/news/2003/06/Mess1203.html - - - - - - - - - - Information technologies and money laundering The rapid development of information technologies and their introduction in all fields of social activity increases cases of use these technologies in criminal activity. The Ukrainian Committee on fighting organized crime and corruption pays special attention to the spreading cybercrime in Ukraine, including money theft and money laundering with the use of "conversion centers" (the criminal organizations, which are in the conversion of non-cash means into cash ). http://www.crime-research.org/eng/news/2003/06/Mess1303.html - - - - - - - - - - Web crawler--anti-piracy super hero Prowling through cyberspace, sniffing out sites that offer illegal downloads, the Web crawler--the latest weapon in the software industry's war on copyright pirates--is now on the case in Asia. The Business Software Alliance (BSA), which has deployed the Web Crawler, represents some of the top software names, including Microsoft and Apple Computer. The group is battling to end an estimated $5.5 billion a year in software copyright theft in the Asia Pacific. http://zdnet.com.com/2100-1105_2-1016937.html - - - - - - - - - - Defense looks to new tech to improve information network A senior Pentagon official on Thursday announced the implementation of the next-generation Internet protocol to facilitate the integration of sensors, weapons, information systems, and other elements of the Defense Department's "global information grid." The next generation of the Internet's operating system, known as Internet Protocol Version 6 (IPv6), will replace Internet Protocol Version 4 (IPv4), which the Defense Department has used for nearly 30 years. The new protocol's benefits include expanded IP address space, improved network security and enhanced mobile communications capabilities, according to John Stenbit, the Pentagon's chief information officer. http://www.govexec.com/dailyfed/0603/061303td2.htm - - - - - - - - - - Could Centralized Phone Systems Be Helping Terrorists? Federal authorities have learned that terrorists could carry out an attack in the United States. Plus, authorities are concerned that our own technology might be used against us. Someone overseas is tapping into corporate phone systems around the United States. Now, NewsChannel 4 has learned that national security officials are worried about terrorists using that technique to create more casualties during an attack. http://www.wnbc.com/news/2268019/detail.html?treets=ny&tid=2652791066813 *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.