Friday, April 19, 2013
Complete DHS Daily Report for April 19, 2013
Daily Report
Top Stories
• An explosion at the
West Fertilizer Co., located in West, Texas, leveled dozens of homes, killed as
many as 15 people, injured more than 160, and spewed toxic fumes that forced
the evacuation of half the surrounding community. Rescuers are still searching
for survivors. – Reuters
17.
April 18, Reuters – (Texas) Rescuers
search for survivors of Texas fertilizer plant blast. An explosion at the
West Fertilizer Co., located in West, Texas, leveled dozens of homes, killed as
many as 15 people, injured more than 160, and spewed toxic fumes that forced
the evacuation of half the surrounding community. Rescuers are still searching
for survivors. Source: http://www.reuters.com/article/2013/04/18/us-usa-explosion-texas-idUSBRE93H02A20130418
• Additional rainfall to the region caused the
City of Saginaw’s wastewater retention basins to overflow again bringing the
total release of treated wastewater to 834 million gallons since April 9,
including an estimated 18.97 million gallons over the past two days. – Michigan
Live
20.
April 17. Michigan Live – (Michigan) Saginaw
releases 834 million gallons of treated wastewater over nine-day period. Additional
rainfall to the region caused the City of Saginaw’s wastewater retention basins
to overflow again bringing the total release of treated wastewater to 834
million gallons since April 9, including an estimated 18.97 million gallons
over the past two days. Additional precipitation is forecasted for the next two
days. Source: http://www.mlive.com/news/saginaw/index.ssf/2013/04/retention_basin_overflowing_ag.html
• The FBI arrested a Mississippi man in connection
with sending a U.S. senator and the U.S. President threatening letters
potentially laced with ricin, the letters were intercepted at an off-site mail
facility in Washington, D.C. Test results were expected April 18 determining
the substance used to contaminate the letters. – CNN
26.
April 18, CNN – (Washington, D.C.;
Mississippi) Test results due in ricin scare; Mississippi man arrested. The
FBI arrested a Mississippi man in connection with sending a U.S. senator and
the U.S. President threatening letters potentially laced with ricin, the
letters were intercepted at an off-site mail facility in Washington, D.C. Test
results were expected April 18 determining the substance used to contaminate
the letters. Source: http://www.cnn.com/2013/04/18/politics/tainted-letter-intercepted/index.html
• Due to issues with financials, BitFloor, the
largest Bitcoin exchange in the U.S. closed down indefinitely and will return
all funds. – IDG News Service See item 34
below in the Information Technology
Sector
• The cause of an April 16 fire, which started
in the attic space of a building and destroyed four businesses and caused $1.7
million in damages, remains unknown according to authorities. – Fresno Bee
44.
April 17. Fresno Bee – (California) Fire
causes $1.7m damage to California strip mall. The cause of an April 16
fire, which started in the attic space of a building and destroyed four
businesses and caused $1.7 million in damages, remains unknown according to
authorities. Source: http://www.firehouse.com/news/10922151/fire-causes-17m-damage-to-california-strip-mall
• A fire which occurred during the same time
as two explosions at the Boston Marathon finish line April 15 left damage to a
conference room and auditorium at the John F. Kennedy Library and Museum,
prompting the Boston Police Department’s arson squad to close the facility
indefinitely and to conduct investigations to see if the fire is linked to the
explosions. – New York Daily News
45.
April 17. New York Daily News –
(Boston) Arson squad arrives at JFK Presidential Library; building closed
‘indefinitely’ for investigation after marathon bombings. A fire which
occurred during the same time as two explosions at the Boston Marathon finish line
April 15 left damage to a conference room and auditorium at the John F. Kennedy
Library and Museum, prompting the Boston Police Department’s arson squad to
close the facility indefinitely and to conduct investigations to see if the
fire is linked to the explosions. Source: http://www.nydailynews.com/news/national/jfk-library-closed-probe-post-bombing-fire-article-1.1319001
Details
Banking and Finance Sector
4. April 17. Tewksbury Patch
– (Massachusetts) Brazen
Merrimack Valley bandit hits as many as three more banks. A man known as
the “Merrimack Valley Bandit” has robbed as many as three more banks, including
a bank he had previously robbed, bringing the total number of alleged robberies
to eight banks. Source: http://tewksbury.patch.com/articles/merrimack-valley-bandit-hits-another-bank-more-info-emerging
5. April 17. Federal Bureau
of Investigations–
(Alabama) Alabama man charged for sending fraudulent $10M promissory note in
attempt to satisfy mortgage. A federal judge convicted two men April 16 for
mailing a fictitious $10 million financial note to pay off his home mortgage.
The fictitious financial note claimed to be a valid financial instrument drawn
on a secret U.S. government account. Source: http://www.loansafe.org/alabama-man-charged-for-sending-fraudulent-10m-promissory-note-in-attempt-to-satisfy-mortgage
6. April 17. Fleet Owner – (Ohio) 28 charged with skimming
more than $1.7 million from trucking companies. The Northern District of
Ohio U.S. Attorney’s Office filed a 97-count indictment charging 28 people for
violations including wire fraud, money laundering, and conspiracy for their
acts in a scheme that skimmed over $1.7 million from a trucking company. Source:
http://fleetowner.com/regulations/28-charged-skimming-more-17-million-trucking-companies&utm_source=feedly
7. April 17, DNA Info – (Chicago) Seven
sentenced in credit card scheme at Wrigley Field, city restaurants. Seven
Chicago residents were sentenced for their role in skimming 175 cards at the
restaurants in which they were employed and for making purchases with fake
cards derived from information from a stolen card reader totaling more than
$200,000. Source: http://www.dnainfo.com/chicago/20130417/wrigleyville/seven-sentenced-credit-card-scheme-at-wrigley-field-city-restaurants
8. April 17. KHQ 6 Spokane – (Washington) Straw
Hat bandit arrested for four bank robberies. Spokane County detectives,
using surveillance footage from several banks, arrested the man they believe is
responsible for multiple bank robberies. The perpetrator wore a straw hat in at
least one of the robberies. Source: http://www.khq.com/story/22007244/straw-hat-bank-robber
9. April 17. Associated Press – (Oregon;
Washington) Hedge fund manager pleads guilty to Ponzi scheme. A Portland
hedge-fund manager pled guilty to 17 counts of wire and mail fraud in a Ponzi
scheme April 16 where he netted $6.4 million. The Securities and Exchange
Commission has filed suit alleging the manager lured more than 100 people to
invest $37 million in his hedge funds by falsely boasting double-digit returns
and using the money to fund earlier investments and his travel and personal
expenses. Source: http://union-bulletin.com/news/2013/apr/17/hedge-fund-manager-pleads-guilty-to-ponzi-scheme/
Information Technology Sector
34. April 18, IDG News
Service –
(International) US Bitcoin exchange BitFloor shuts down again. Due to
issues with financials, BitFloor, the largest Bitcoin exchange in the U.S.
closed down indefinitely and will return all funds. The exchange is unable to
provide the same amount of USD deposits and withdrawals as it has in the past.
Source: http://www.networkworld.com/news/2013/041813-us-bitcoin-exchange-bitfloor-shuts-268848.html
35. April 18, Softpedia – (International) Malware alert:
Fertilizer plant explosion near Waco, Texas. Hackers are utilizing current
U.S. events in order to send bogus emails depicting the incidents in the form
of malicious links and videos that push malware onto victims’ computers through
a RedKit exploit kit. Source: http://news.softpedia.com/news/Malware-Alert-Fertilizer-Plant-Explosion-Near-Waco-Texas-346570.shtml
36. April 18, Softpedia – (International) Snapchat warns
users of spam campaign. The creators of Snapchat are warning users of hoax
accounts that are targeting public accounts and sending spam messages inviting
users to Skype conversations that could potentially link them to malicious
sites or even make automated phone calls to spread bogus antivirus warnings.
Snapchat temporarily disabled new account registrations and have prevented
users from receiving messages from individuals not included on their friends
list to help mitigate the issue. Source: http://news.softpedia.com/news/Snapchat-Warns-Users-of-Spam-Campaign-346475.shtml?
37. April 18, IDG News
Service –
(International) Popular home routers contain critical security
vulnerabilities. Researchers offered consumers options to mitigate
potential attacks on their home and small office routers that contain security
problems. Thirteen popular routers were discovered vulnerable in allowing a
hacker to snoop or modify network traffic as well as access credentials.
Source: http://www.computerworld.com/s/article/9238474/Popular_home_routers_contain_critical_security_vulnerabilities
38. April 18, Help Net
Security –
(International) Backdoor Trojan uses “magic code” to contact C&C server.
Researchers discovered a backdoor-opening malware that uses a “magic code”
in order to start communication with the same IP address and port once the
C&C server instructs it to do so. The attackers gain permanent access to
the machine once the account is created. Source: http://www.net-security.org/malware_news.php?id=2471&utm_source=feedly&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29
39.
April 18, Softpedia – (International) Fake
SourceForge website serves ZeroAccess malware. Experts from a security firm
determined hackers are using the SourceForge Web site to drop the ZeroAccess
Trojan onto user’s computers and inject malware. Source: http://news.softpedia.com/news/Fake-SourceForge-Website-Serves-ZeroAccess-Malware-346423.shtml?utm_source=feedly
40.
April 17, Network World –
(International) Large-scale Google outage affects customers worldwide. Google
is working to identify the cause of a nearly 3-hour outage of their web
services April 17 when users noticed service disruptions worldwide. Source: http://www.networkworld.com/news/2013/041713-google-outage-268814.html?
41.
April 17, V3.co.uk – (International) Malwarebytes
cripples thousands of computers with faulty software security update. Malwarebytes
released a definitions update April 16 that treated essential Windows .dil and
.exe files as malware, thereby stopping them from running and knocking
thousands of IT systems and computers offline. The company is reworking the
update and posted details for firms affected on their forum page. Source: http://www.v3.co.uk/v3-uk/news/2262234/malwarebytes-cripples-thousands-of-computers-with-faulty-software-security-update
42.
April 17, Softpedia – (International) Official
UGG blog hacked, abused for HSBC phishing scheme. The official UGG blog has
been breached by hackers who are using the space to host a phishing scheme
designed to look like the HSBC Web site and lure users into providing their
personal information. The attack is executed through an email with the
malicious HTML file attached. Source: http://news.softpedia.com/news/Official-UGG-Blog-Hacked-Abused-for-HSBC-Phishing-Scheme-346094.shtml
Communications Sector
Nothing to
report
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.