Monday, April 8, 2013
Complete DHS Daily Report for April 8, 2013
Daily Report
Top Stories
• A DHS report revealed a
spear-phishing campaign targeted 11 companies from the energy sector utilizing
publicly available information found on their Web sites. – Softpedia (See
item 1)
1.
April 5, Softpedia –
(National) DHS Report: 11 companies from energy sector targeted by
cybercriminals. A DHS report revealed a spear-phishing campaign that
targeted 11 companies from the energy sector by utilizing publicly available
information found on their Web sites and creating malicious emails guiding
recipients to malware attachments and links. Source: http://news.softpedia.com/news/DHS-Report-11-Companies-from-the-Energy-Sector-Targeted-by-Cybercriminals-343342.shtml
• Twenty-two suspects in a multi-State credit card fraud ring were
held in two New Jersey counties April 3, including a county jail nurse. The
ring is suspected of taking in nearly $1 million per month via fraud. – Jersey
Journal See item 11 below in
the Banking and Finance Sector
• A federal grand jury indicted 12 individuals for allegedly
conspiring to defraud the Internal Revenue Service by using stolen medical
records to perpetrate identity theft, file false tax returns, and divert the
returns to themselves. – Federal Bureau of Investigation See item 14 below in
the Banking and Finance Sector
• Farm Rich expanded its recall of various heat treated, not fully
cooked frozen mini meals and snack items to more than 10.5 million pounds
because of potential contamination. – Food Safety and Inspection Service
23. April
5, Food Safety Inspection Service – (National) New York firm
recalls additional frozen mini meals and other snack products due to possible
E.Coli O121 contamination. Farm Rich has expanded its recall of various
heat treated, not fully cooked frozen mini meals and snack items, to more than
10.5 million pounds because of potential contamination. Seven people have been
hospitalized out of 24 people known to have been sickened by the outbreak of E.
coli O121 linked to frozen snacks from Farm Rich food products. Source: http://www.fsis.usda.gov/News_&_Events/Recall_025_2013_Expanded/index.asp
Details
Banking and Finance Sector
8. April
5, Nashville Tennessean – (Tennessee; National) Memphis lawyer
accused of being part of alleged insurance scam. A lawyer for two men
charged in an alleged $20 million nation-wide health insurance was arrested in
Memphis for his alleged role in the scheme. Source: http://www.tennessean.com/article/20130405/BUSINESS01/304050104/Memphis-lawyer-accused-being-part-alleged-insurance-scam
9. April
5, Softpedia – (International) Ukrainian and Russian authorities arrest
Carberp trojan developers. Several alleged developers of the Carberp
banking Trojan were arrested by authorities in Russia and Ukraine. The trojan
allowed the cybercriminal group, who operated remotely, to steal $250 million
in Ukraine and Russia alone. Source: http://news.softpedia.com/news/Ukrainian-and-Russian-Authorities-Arrest-Carberp-Trojan-Developers-343142.shtml
10. April
4, Bloomberg News – (National) AIG among mortgage insurers fined by CFPB in
kickback probe. The Consumer Financial Protection Bureau announced that
four mortgage insurance firms will pay $15.4 million to settle claims that they
paid lending institutions illegal kickbacks in exchange for business. Source: http://www.bloomberg.com/news/2013-04-04/aig-among-mortgage-insurersfined-by-cfpb-in-bank-kickback-probe.html
11. April
4, Jersey Journal – (New Jersey) 22 people charged as part of credit-card fraud
ring appear in Hudson County court. Twenty-two suspects in a multi-State credit
card fraud ring were held in two New Jersey counties April 3, including a
county jail nurse. The ring is suspected of taking in nearly $1 million per
month via fraud. Source: http://www.nj.com/hudson/index.ssf/2013/04/22_in_credit_card_fraud_ring_b.html
12. April
4, KXAN 21 Austin – (Texas) Austin developers committed bank fraud. Two
developers were sentenced April 3 for falsifying bank statements to
fraudulently obtain
a $39 million loan to
construct an office building in Austin. Source: http://www.kxan.com/dpp/news/local/austin/austin-developers-committedbank-fraud
13. April
4, WLKY 26 Louisville – (Kentucky) 5 people arrested with
hundreds of fake credit cards in Clarksville. Five individuals were
arrested in Clarksville after they were found with 350 fraudulent credit cards
in their possession. Source: http://www.wlky.com/news/local-news/indiana-news/5-people-arrested-withhundreds-of-fake-credit-cards-in-Clarksville/-/9718538/19622252/-/format/rsss_2.0/-/10n574i/-/index.html
14. April
3, Federal Bureau of Investigation – (Georgia) Twelve defendants
charged with 115 federal tax violations. A federal grand jury indicted 12
individuals for allegedly conspiring to defraud the Internal Revenue Service by
using stolen medical records to perpetrate identity theft, file false tax
returns, and divert the returns to themselves. Source: http://www.loansafe.org/twelve-defendants-charged-with-115-federal-taxviolations
Information Technology Sector
33. April
5, Softpedia – (International) Scribd hacked, some users’ passwords possibly
compromised. Digital documents library Scribd announced that it found and
stopped suspicious activity on its network, but that less than one percent of
users may have had their passwords compromised. Source: http://news.softpedia.com/news/Scribd-Hacked-Some-Users-Passwords-Possibly-Compromised-343161.shtml
34. April
5, Threatpost – (International) Skype malware stealing victims processing
power to mine Bitcoins. An ongoing Skype spam campaign that began April 4
infects users’ systems to perform Bitcoin ‘mining’, using large amounts of
processing power to create the virtual currency. Source: http://threatpost.com/en_us/blogs/skype-malware-stealing-victimsprocessing-power-mine-bitcoins-040513
35. April
4, Threatpost – (International) Skype, Dropbox patch critical Facebook
authentication bugs. Dropbox and Skype closed an open direct vulnerability
that could have allowed an attacker to access and control a user’s Facebook account.
Source: http://threatpost.com/en_us/blogs/skype-dropbox-patch-criticalfacebook-authentication-bugs-040413
36. April
4, Softpedia – (International) In 92% of attacks ZIP files are used to deliver
malware, FireEye study finds. FireEye released its Advanced Threat Report
covering the latter half of 2012, detailing malware and methods of its
distribution. Source: http://news.softpedia.com/news/In-92-of-Attacks-ZIP-Files-Are-Usedto-Deliver-Malware-FireEye-Study-Finds-342995.shtml
For additional stories,
see items 1 above in Top Stories and 9 above in the Banking and Finance Sector
Communications Sector
Nothing to
report
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.