Re: [funsec] NJ U.S. Attorney Files Charges in ‘Largest Reported Data Breach'

[Paul Ferguson <fergdawgster () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, Aug 17, 2009 at 1:26 PM, Ali, Saqib<docbook.xml () gmail com> wrote:

> http://blogs.wsj.com/law/2009/08/17/nj-us-attorney-files-charges-in-histo
> rys-largest-reported-data-breach/
>
> "The Indictment alleges that Gonzalez and the coconspirators employed
> numerous techniques to hide their hacking efforts and data breaches.
> For example, they allegedly accessed the corporate websites only
> through intermediary, or “proxy,” computers, thereby disguising their
> own whereabouts. They also tested their malware by using approximately
> twenty of the leading anti-virus products to determine if any of those
> products would detect their malware as potentially unwanted.
> Furthermore, they programmed their malware to actively delete traces
> of the malware’s presence from the corporate victims’ networks.
>
> Upon stealing the credit and debit card data, Gonzalez and the
> coconspirators would seek to sell the data to others who would use it
> to make fraudulent purchases, make unauthorized withdrawals from banks
> and further identity theft schemes."

See also:
http://www.wired.com/threatlevel/2009/08/tjx-hacker-charged-with-heartland/

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFKib/+q1pz9mNUZTMRAvekAKC0w/Dae/tUQSI48R5leJ7tSVwhIwCfYd4d
Pm5fUhIGfN8RwR7u4/3WBLg=
=tL5R
-----END PGP SIGNATURE-----



-- 
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawgster(at)gmail.com
 ferg's tech blog: http://fergdawg.blogspot.com/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.