NewsBits for July 17, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Prison for computer blackmail The inhabitant of Alma-Ata (Kazakhstan) Oleg Zezev (citizen of Russian Federation) is sentenced to four years and three months of imprisonment. He was condemned in Manhattan for hacking Bloomberg Financial News network and attempt to blackmail the of New York mayor Michael Blumberg. Zezev has been arrested in August, 2000 and, according to lawyer Robert Baum, he will become free in 7 months. http://www.crime-research.org/eng/news/2003/07/Mess1706.html - - - - - - - - - - Police bust fraud ring in Cambodia Dogged and traditional police work in Cambodia, one of Asia's poorest countries, appears to have uncovered a suspected high-tech telecom and investment scam run by a gang of international con artists. Military police in the war-ravaged southeastern Asian nation rounded up 20 foreigners earlier this week in a swoop on an office building in the heart of the capital, Phnom Penh. The suspects, who included two Americans, were undergoing a second day of interrogation Thursday. They have not yet been charged. http://news.com.com/2100-1037_3-1026774.html Fourteen Britons held over shares scam in Cambodia http://www.guardian.co.uk/uk_news/story/0,3604,999495,00.html - - - - - - - - - - Two men going to jail for solicitation of a child The Glendale Heights man fainted and fell to the courtroom floor moments after a judge rejected his plea for probation, sentencing him to 180 days in jail. Permenter, 32, was one of two men sentenced after admitting to indecent solicitation of a child charges in two separate Internet stings last summer in Villa Park. Police nabbed Permenter and Daniel K. Hoffman, 37, of Streamwood days apart last July after a detective posed as a 14-year-old boy in an Internet chat room. Both men were arrested after arriving for a sexual rendezvous at undisclosed locations in Villa Park. http://www.dailyherald.com/dupage/main_story.asp?intID=3781951 - - - - - - - - - - Williston Teen Targeted on the Net The 15-year-old Williston boy was missing for nearly 48 hours when he finally showed up back at home. His story was shocking and authorities in Marion County made their arrest hours later. Thirty-eight year old William James Flanagan, III, now faces two felony charges including lewd and lascivious battery and using a computer to entice a child for sex. But this child's computer wasn't hidden away at home. Instead he was using the internet service at the Williston Public Library. Police chief Dan Davis says it's a prime example of why the government needs a standardized plan to protect children on the web. "Not only hypothetically can it be a problem but it was a problem here." http://www.wcjb.com/news.asp?id=7538 - - - - - - - - - - Task force arrests five men for arranging sex with a child Five men have been arrested for allegedly using the Internet to lure a child to have sex with them, authorities said Thursday. The men, all in their 20s, were arrested Wednesday night after they used Internet chat rooms to contact two undercover officers with the Utah Internet Crimes Against Children Task Force who were online posing as children. The arrests were unusual because four of the suspects arrived in the same vehicle at the designated Salt Lake City rendezvous. The four were online together talking to a single agent, said task force director Ken Hansen. ''It's the first time we've had a carload of guys show up to have sex with an underage girl,'' Hansen said. http://www.trib.com/AP/wire_detail.php?wire_num=71644 - - - - - - - - - - Computer Sex Sting Snares State Social Worker A state social worker has been arrested in a law enforcement sting using police officers pose as children in computer chat rooms to snare on-line sexual predators. Ralph Culver, 52, Burlington, was arrested Wednesday afternoon after police say he attempted to meet what he believed was a 14-year old girl, according to court records. But the "girl" never existed, say police. "She" was actually a specially trained male detective posing as a child on the internet to lure sexual predators. Culver fell for the bait, according to authorities. Culver used his home computer and the state-owned computer in his Burlington office to send explicit sexual descriptions and requests about what he hoped the "girl" would do with him, according to police. http://www.wcax.com/Global/story.asp?S=1365190&nav=4QcSGxls - - - - - - - - - - Tigard man arrested in FBI child-sex sting A director for the Oregon Lions Sight & Hearing Foundation has been arrested on accusations he made arrangements on the Internet to have sex with a 13- year-old girl. The FBI arrested Richard Irvin Detwiler, 61, of Tigard on Tuesday in downtown Portland on a charge of use of a means of interstate commerce to persuade or entice a minor to have sex. If convicted, Detwiler could face at least five years in prison and a $250,000 fine. The arrest was made as part of a national FBI initiative to crack down on people who make and traffic in child pornography and prey on children online. http://www.oregonlive.com/metrosouthwest/oregonian/index.ssf?/base/metro_southwest_news/1058443749109010.xml - - - - - - - - - - Acton man remains held in porn case An Acton man who was nabbed by the FBI for possession of child pornography is being held in federal custody after a judge learned the 41-year-old plumber also faces state charges in Bristol County of molesting a young girl and being a peeping Tom. Rudy A. Frabizio, of 382B Great Road, was arrested July 8 at his Acton home and was charged in U.S. District Court with possession of visual images of minors engaged in sex that have been mailed, shipped or transported interstate, according to Assistant U. S. Attorney Dena T. Sacco. Special Agent Robert Blackmore, of the FBI's Cyber Crimes Squad, alleges in court documents that Frabizio was a target of the FBI's "Operation Candyman,'' a nationwide sting focusing on a members of an Internet group known as Candyman in which members trade copies of child pornography. Investigators seized Frabizio's computer and files from his job at Limbach Co. of Woburn. http://www.lowellsun.com/Stories/0,1413,105~4761~1517678,00.html - - - - - - - - - - FBI employee arrested for child pornography, fraud & deceit El Paso based agents arrest an FBI employee on charges of fraud and deceit. Federal authorities say 36-year- old Mario Castillo worked for the FBI as a language specialist. He was arrested Thursday and charged in a three-count indictment. The FBI says from July 2000 to November of 2002, Castillo exceeded his authority and accessed an FBI computer for to gain information and sell it for private financial gain. A second indictment charges Castillo with using an unauthorized access device, such as a cell phone, with intent to commit fraud. Castillo also faces charges of possessing child pornography on his home computer and lying to federal investigators. FBI officials say Castillo will remain in federal custody and has a hearing scheduled for next week. http://www.kvia.com/Global/story.asp?S=1365228&nav=AbC0Gxnm - - - - - - - - - - Gang Killing Accomplice Is Convicted Jim Hoang Nguyen, who provided the getaway car and murder weapon during an attack at a Garden Grove cyber cafe, faces life in prison. A gang member who allegedly helped a friend stab a college student in the head with a screwdriver at a Garden Grove cyber cafe has been convicted of murder in a case that triggered a citywide crackdown on late-night Internet parlors. (LA Times article, free registration required) http://www.latimes.com/technology/la-me-cybercafe17jul17,1,3244695.story - - - - - - - - - - 3 PCs at TVT Records Taken in Burglary New York police are investigating a burglary discovered at the offices of independent music label TVT Records. Sources close to the matter said three personal laptop computers belonging to label chief Steve Gottlieb were taken. Other property from the label's headquarters, including stereo equipment and additional office computers, was untouched, sources said. TVT, which releases albums by such acts as Default and Sevendust, declined to comment. (LA Times article, free registration required) http://www.latimes.com/technology/la-fi-rup17.6jul17,1,7203073.story - - - - - - - - - - School PDA spy off the hook A Singaporean student who covertly filmed a classmate being disciplined by a teacher will receive only a warning. A student who used a PDA to secretly film a classmate being given a sound scolding and who later posted the video on the Web has been let off with a warning, according to the daily newspaper the Straits Times. http://news.zdnet.co.uk/story/0,,t269-s2137699,00.html - - - - - - - - - - MUSIC BIZ SUBPOENAS 150 USERS The music industry has demanded that Verizon Communications cough up 150 names in its attempt to find those who are allegedly trading copyrighted songs. The phone company is in the process of complying with the subpoenas - just some of those sent out by the Recording Industry Association of America in the last weeks. "[Verizon] views the current moment as a dangerous situation," said Sarah Deutsch, vice president and associate general counsel at Verizon, in an e-mail interview. "[Verizon's] court battle continues, so even while complying, we continue to fight." http://www.nypost.com/business/795.htm http://www.suntimes.com/output/news/cst-nws-depaul17.html http://www.wired.com/news/business/0,1367,59663,00.html Loyola releases two student names to RIAA http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6311463.htm DirecTV dragnet snares innocent techies http://www.securityfocus.com/news/6402 Congressman pocketed $18,000 for RIAA 'lobbying trip' http://www.theregister.co.uk/content/6/31812.html - - - - - - - - - - Bill Would Put Net Song Swappers in Jail Peer-to-peer users who swap copyrighted files could be in danger of becoming federal felons, under a new proposal backed by Democrats in the U.S. House of Representatives. Their legislation, introduced Wednesday, would punish an Internet user who shares even a single file without permission from a copyright holder with prison terms of up to five years and fines of up to $250,000. http://zdnet.com.com/2100-1105_2-1026715.html http://www.washingtonpost.com/wp-dyn/articles/A4876-2003Jul17.html http://www.msnbc.com/news/940397.asp http://www.cnn.com/2003/TECH/internet/07/17/music.internet.reut/index.html http://www.wired.com/news/digiwood/0,1412,59654,00.html http://www.vnunet.com/News/1142402 http://www.theregister.co.uk/content/6/31800.html House Bill Aims to Up Stakes on Piracy (LA Times article, free registration required) http://www.latimes.com/technology/la-fi-berman17jul17,1,1134782.story - - - - - - - - - - Senate Committee Tables Bill on Privacy A California Senate committee has postponed action on a bill by Assemblyman Joe Simitian (D-Palo Alto) that would have required Internet services to notify customers of subpoenas seeking their identities and allow more time to challenge the requests in court. At a hearing Tuesday, leaders of the Senate Judiciary Committee told Simitian that he didn't have the votes to get Assembly Bill 1143 through the panel, and they suggested that he bring it back next year. (LA Times article, free registration required) http://www.latimes.com/technology/la-fi-rup17.10jul17,1,4134370.story Bill aims to curb Net censorship http://zdnet.com.com/2100-1105_2-1026690.html Congress threatens two hi-tech Gestapo programs http://www.theregister.co.uk/content/6/31791.html - - - - - - - - - - Feds urged to probe terrorist piracy rackets Top executives from several large anti-counterfeiting organizations and companies that own intellectual property rights on Wednesday called for the federal government to bolster efforts to stop terrorists' use of piracy and counterfeiting to fund their activities. http://www.govexec.com/dailyfed/0703/071703td2.htm - - - - - - - - - - Big brother better back off Companies which screen employees' e-mails without their permission face fines of up to R2m. Most firms use electronic filters to screen e-mails for keywords such as obscenities and block them if necessary. E-mails are also scanned for viruses. In terms of legislation on communication interception, which could be passed by the end of the year, it is a criminal offence to intercept any communication in South Africa. This includes scanning e-mails. http://www.news24.com/News24/Technology/News/0,,2-13-1443_1388536,00.html - - - - - - - - - - Trojan turns victims into DDoS, spam zombies Anti-virus vendors are warning of the mass mailing of a new Trojan program "Webber" (aka "Heloc" and "Berbew") which is capable of turning infected PCs into pr0n or spam propagating zombies. Webber is the latest in a series of malicious programs that turn innocent computers into spam machines. It installs a proxy server at the command of malicious attackers. In the last week, Russian AV firm Kaspersky Labs already detected three Trojan programs similar in type to Webber, the mostnotorious of which was the Magmaf. http://www.theregister.co.uk/content/56/31801.html - - - - - - - - - - Hacker 'Gigabyte' angered by stereotypes Teenage Belgian hacker Gigabyte has answered comments made by Sophos anti-virus expert Graham Cluley, who yesterday hit back at a .exe piece of malware she wrote which ends up depicting him being hit by coconuts at a fairground. http://www.silicon.com/news/500013/1/5193.html http://news.zdnet.co.uk/story/0,,t269-s2137726,00.html - - - - - - - - - - Hacking text raises flag with publisher Andrew Huang, an engineer and programmer in Del Mar, near San Diego, has written a book called `Hacking the Xbox: An Introduction to Reverse Engineering.'' It also has been an introduction to copyright law in the digital age. Wiley Technology Publishing, a unit of John Wiley & Sons, agreed last year to publish the book. But after Huang delivered the manuscript five months ago, the publisher backed out over concerns that the Digital Millennium Copyright Act of 1998 made it illegal to disseminate information about how to circumvent copyright protection. http://www.bayarea.com/mld/mercurynews/business/technology/personal_technology/6322178.htm - - - - - - - - - - Cyberpolice vs. Cybercrime European and American officials raise the alarm: cybercrime became a real security threat. Increasing hackers attacks to computer networks and web-sites of public services, new versions of computer viruses, traditional terrorism committed and declared in the Internet demand the real investigation and prosecution of virtual crimes. http://www.crime-research.org/eng/news/2003/07/Mess1704.html Cybercrime investigators plead for extensive powers http://pcworld.idg.com.au/index.php?id=1222205556&fp=2&fpid=1 - - - - - - - - - - Technology creates new breed of detective Like many detectives, John Cameron did some undercover work recently. Serpico, however, he wasn't. Instead of adopting the attire and persona of a high-rolling drug lord or a small-time dealer, he impersonated a red- headed, 14-year-old girl. Well sort of. Cameron became a virtual red-headed, 14-year-old girl -- on line. The newest member of the Melrose detective bureau, worked with Lt. J.J. McLean of the regional Computer Crimes Unit to build a case against a North Andover man who allegedly used the Internet to lure underage girls into having sex with him. http://www.townonline.com/melrose/news/local_regional/mfp_newmfcameron07172003.htm Hunting Internet predators http://www.seacoastonline.com/news/07172003/news/39827.htm Cybercops patrol chatrooms in US while British police lag behind http://www.guardian.co.uk/uk_news/story/0,3604,999701,00.html - - - - - - - - - - Computer crimes is atonement for progress Economic losses from computer crimes are equal to advantages received from computers in practice, and social and moral losses are inestimable at all. According to FBI, the quantity of cyber crimes doubled in 1999 (1154 cases) in comparison with 1998 (547 cases). The losses from crimes related to computers makes $ 3,5 billion an year and increases for 35 % annually, on average one computer crime makes $560 000 of losses. http://www.crime-research.org/eng/news/2003/07/Mess1705.html - - - - - - - - - - Cisco announces serious flaw in networking software Companies that operate key Internet backbones scrambled Thursday to patch a serious software flaw in equipment that relays much of the global network's traffic. The vulnerability, in Cisco Systems Inc. routers and other switches, could be used by hackers to cause widespread outages, network managers said. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6324946.htm http://www.eweek.com/article2/0,3959,1196496,00.asp http://www.newsfactor.com/perl/story/21922.html http://www.washingtonpost.com/wp-dyn/articles/A7072-2003Jul17.html http://www.msnbc.com/news/940226.asp? http://money.cnn.com/services/tickerheadlines/for5/200307171043DOWJONESDJONLINE000929_FORTUNE5.htm http://www.usatoday.com/tech/news/computersecurity/2003-07-17-cisco-hole_x.htm http://www.theregister.co.uk/content/55/31790.html http://computerworld.com/securitytopics/security/holes/story/0,10801,83175,00.html - - - - - - - - - - Microsoft warns on trio of new flaws Patch available for critical flaw in all current versions of Windows. Microsoft has released a patch for a critical flaw in Windows Exchange Server 2003, Windows XP, 2000 and NT 4. The flaw involves the Remote Procedure Call (RPC) protocol, which deals with inter-computer communications. Microsoft warned that, under certain circumstances, the RPC might not check messages sent to the PC properly. http://www.vnunet.com/News/1142394 http://www.wired.com/news/business/0,1367,59660,00.html http://www.usatoday.com/tech/news/computersecurity/2003-07-16-microsoft-hole_x.htm Microsoft's patches: Can you trust them? http://news.zdnet.co.uk/story/0%2c%2ct269-s2137650%2c00.html Twin flaws have security pros worried http://news.com.com/2100-1009_3-1026910.html http://www.gcn.com/vol1_no1/daily-updates/22796-1.html http://www.theregister.co.uk/content/55/31797.html - - - - - - - - - - Thawte issues doppelganger certs warning If one of the paired certificates is revoked the other will also be disavowed. Which is a pain. But essential encryption and security functions are not affected. A technical rep for the South Africa-based security firm assured us that each private key obtained for a certificate is unique regardless of the certificate's serial number. We're thankfully not looking at a repeat of the incident two years ago when Verisign mistakenly issued a pair of digital certificates to scam artists in Microsoft's name. http://www.theregister.co.uk/content/55/31808.html - - - - - - - - - - Tales from the chatroom On the internet, you can assume any identity you like, as Shevaun Pennington and Toby Studabaker's liaison has highlighted. But is all online chat dangerous, or is most of it just plain boring? Paul Vallely logs on to a distinctly murky world. http://news.independent.co.uk/digital/features/story.jsp?story=424991 Cyber Stranger Danger http://www.wthitv.com/newsdet.asp?id=3238 - - - - - - - - - - Honeytokens: The Other Honeypot The purpose of this series of honeypot papers is to cover the breadth of honeypot technologies, values and issues. I hope by now readers are beginning to understand that honeypots are an incredibly powerful and flexible technology. They have multiple applications to security, everything from simplified detection to advanced information gathering. Today we extend the capabilities of honeypots even further by discussing honeytokens. Honeytokens are everything a honeypot is, except they are not a computer. http://www.securityfocus.com/infocus/1713 *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.