Category Archives: Bitcoin

SYTECH – Digital Forensics Article – The Forensic Investigator Magazine

Mobile phones and other digital devices may be concealing a wealth of intelligence that could alter the course of an investigation but often remain hidden according to Simon Lang, Digital Forensics Manager at SYTECH.

The Forensic Investigator Magazine – SYTECH – November 2014

 

National Crime Agency (NCA) Warn that a Cyber Attack ‘To Hit In Next Two Weeks’

Computer users are being urged to protect their machines from malware which could allow hackers to steal financial data.

British investigators have been working with the FBI to trace the hackers behind an attack, which they expect to take place in the next fortnight.

Between 500,000 and one million machines have so far been infected worldwide, according to court documents.

US Accuses Russian Hacker Evgeniy Bogachev Of $100m Fraud
Bogachev is said to use the online monikers ‘lucky12345’ and ‘slavik’

US officials have accused a Russian hacker of masterminding the scam – and prosecutors say those involved have already raked in more than $100m (£60m).

The National Crime Agency (NCA) is now warning of a “powerful computer attack”.

It is urging people to back up important files and make sure their security software and operating system are up to date.

Two pieces of malware software known as GOZeuS and CryptoLocker are responsible for the alert.

They typically infect a computer via attachments or links in emails.

If a user clicks on GOZeuS, it silently monitors activity and tries to capture information such as bank details.

“(The links or attachments) may look like they have been sent by genuine contacts and may purport to carry invoices, voicemail messages, or any file made to look innocuous,” the NCA warned.

“These emails are generated by other victims’ computers, who do not realise they are infected, and are used to send mass emails creating more victims.”

The Cryptolocker malware is activated if the first attack is not profitable enough.

It locks a user from their files and threatens to delete them unless a “ransom” of several hundred pounds is paid.

Some 234,000 machines were hit by Cryptolocker – bringing in $27m (£16m) in payments – in its first two months, the US Justice Department said.

Microsoft Windows 7
Computers running Windows software are said to be most vulnerable

More than 15,500 computers in the UK are infected and “many more” are at risk, according to the NCA.

Stewart Garrick, a senior investigator with the NCA, told Sky News the threat was mainly against individuals or businesses running Windows-based computers.

Thirty-year-old Russian Evgeniy Bogachev is the alleged leader of the gang behind the attacks, FBI executive assistant director Robert Anderson told a news conference in Washington DC.

US and other agents seized servers around the world this weekend and freed 300,000 computers from the infection.

“They (the FBI) have disrupted the network and taken control of it,” said Sky’s Tom Cheshire.

“So when the hackers try to speak to the computer that’s affected, that line of communication has been cut off.

“You now have a chance to clean up. The first thing you should do is update your operating system – especially if you’re on Windows, then look to scan your computer for viruses and it should be able to find it.”

For more information visit www.getsafeonline.org/nca.

Cyber Attack ‘To Hit In Next Two Weeks’.

SYTECH PSA – OpenSSL affected by “Heartbleed” zero-day vulnerability – SYTECH PSA – “Don’t change your passwords until this has been fully patched”

A new security flaw affecting OpenSSL, the popular cryptographic library used by many websites, has been discovered and is reported to be very serious.

According to the Heartbleed website, the zero-day vulnerability found in OpenSSL affects the stable version 1.0.1 and the 1.0.2 beta version. Older versions of OpenSSL such as 0.9.8 used in Mac OS and iOS and 1.0.0 are not vulnerable to “Heartbleed”. Although the vulnerability has been addressed in OpenSSL’s version 1.0.1g, it is present in prior versions up to 1.0.1f. Exploiting this flaw, hackers can obtain primary and secondary SSL keys in addition to directly hijacking data being transferred over HTTPS.

Some web companies such as CloudFlare which provides security services for other websites, have used methods recommended by OpenSSL and patched the “Heartbleed” flaw but the methods are not ready for broad deployment according to a report from ZDNet.

Open source firms Red Hat, Debian, SuSE, Canonical, and Oracle are reportedly working hard to patch the OpenSSL vulnerability in their operating systems and are expected to release the patches in 12 hours. Administrators are advised to deploy these patches for operating systems and network equipment as soon as they are made available by manufacturers and software developers.

Source: Heartbleed via ZDNet | Image via Threat Post

OpenSSL affected by “Heartbleed” zero-day vulnerability – Neowin.

SYTECH gain 7th place for Digital Forensics in – Tweeting Forensic Science: 100 Great Accounts Worth Investigating

 

The field of forensic science depends heavily on technology, and is subject to rapid innovation. This is especially true of digital forensics. There is a constant arms race to come up with new programs to more effectively protect and analyze data to reinforce computer security. Many top experts in forensic science, including digital forensics, crime scene investigation, and even forensic archaeology and entomology, are using Twitter to share their views and discuss innovations in the industry. Twitter is an excellent venue for newcomers and old hands in forensic science to keep up with industry news, learn about new developments, and network both socially and professionally.

 

These are some of the most informative Twitter accounts in the Forensic Science space. Following any and all of these individuals, companies, and publications is a great way to delve into the rich and ever growing field of forensic science. The accounts are classified by general subject matter, and listed in no specific order.

 

Digital Forensic Investigation Info

Digital forensic investigation is one of the most rapidly developing branches of the forensic science field. Crimes involving identity theft, financial fraud, and other digital evidence require the technical expertise of a digital forensic scientist or cybersecurity specialist. Many companies and publications have popped up specifically to cover digital forensics, and they often share their insights on Twitter.

 

@SytechForensics

@SytechForensics

Sytech Digital Forensics brings together leading-edge specialists in all areas of Digital Forensics to provide a comprehensive one-stop analysis service. They work with all sectors and have over the years been involved in thousands of cases, including several very high profile cases. Their tweets touch on such topics as criminal justice, civil litigation, corporate and individual digital forensics.

Tweeting Forensic Science: 100 Great Accounts Worth Investigating » Forensic Science Degree.

Two High Profile Bitcoin exchange operators arrested & charged with money laundering

Two men involved in Bitcoin exchanges have now been arrested and charged with money laundering, with federal law enforcement officials claiming the suspects worked together to sell over $1 million worth of the online currency to the Silk Road website.

Charlie Shrem, the CEO of the now closed BitInstant exchange site, and underground Bitcoin exchanger Robert Faiella, are accused of sending the Bitcoins to the Silk Road site so that it could be used by the site’s customers to purchase illegal drugs. The Silk Road site has since been shut down. In theDepartment of Justice’s press release, Manhattan U.S. Attorney Preet Bharara stated:

Truly innovative business models don’t need to resort to old-fashioned law-breaking, and when Bitcoins, like any traditional currency, are laundered and used to fuel criminal activity, law enforcement has no choice but to act. We will aggressively pursue those who would coopt new forms of currency for illicit purposes.

Shrem was arrested while he was at John F. Kennedy Airport in New York City on Sunday night, while Faiella was arrested at his Florida home today. Both men are charged with one count of money laundering, which has a maximum sentence of 20 years in prison. Both were also charged with one count of operating an unlicensed money transmitting business, which could lead to up to five years in jail. Finally, Shrem was charged with one count of willful failure to file a suspicious activity report, which could add up to five more years in prison for him if convicted.

Source: Justice Department | Bitcoin image via Shutterstock

Two Bitcoin exchange operators charged with money laundering – Neowin.