Monday, May 13, 2013   

Complete DHS Daily Report for May 13, 2013

Daily Report

Top Stories

 • Eight individuals were indicted in New York City for their alleged role in a cybercrime campaign that stole $45 million from debit card issuers and withdrew the funds from ATMs. – Dark Reading See item 3 below in the Banking and Finance Sector
  
 • A Broward County man pleaded guilty to mortgage fraud conspiracies involving two Tampa Bay, Florida apartment buildings that defrauded lenders of more than $20 million. – Tampa Bay Times See item 4 below in the Banking and Finance Sector

 • Officials from the Pennsylvania Department of Transportation will close a section of Interstate 81 near Harrisburg until May 12 after a tanker fire and multiple explosions caused extensive damage to two spans of the highway’s interchange with Route 322. – Carlisle Sentinel

15. May 9, Carlisle Sentinel – (Pennsylvania) Tanker crash: turnpike fire adds to traffic issues after truck explosion on I-81. Officials from the Pennsylvania Department of Transportation will close a section of Interstate 81 near Harrisburg until May 12 after a tanker fire and multiple explosions caused extensive damage to two spans of the highway’s interchange with Route 322. Source: http://cumberlink.com/news/local/tanker-crash-corbett-says-i--could-be-closed-through/article_9489fe78-b896-11e2-b283-0019bb2963f4.html

 • Washington State officials notified the public of a February breach of the State’s court system Web site and disclosed that up to 160,000 Social Security numbers and a million driver’s license number may have been accessed. – Reuters

25. May 9, Reuters – (Washington) Washington State system hacked, data of thousands at risk. Washington State officials notified the public of a February breach of the State’s court system Web site and disclosed that up to 160,000 Social Security numbers and a million driver’s license number may have been accessed. The vulnerability, found in a back door part of a commercial software product, was patched and authorities notified 94 individuals whose Social Security numbers were hacked. Source: http://www.reuters.com/article/2013/05/09/us-usa-hack-washingtonstate-idUSBRE9480YY20130509

Details

Banking and Finance Sector

3. May 9, Dark Reading – (International) 8 New Yorkers indicted as part of $45 million cyberheist of prepaid debit cards. Eight individuals were indicted in New York City for their alleged role in a cybercrime campaign that stole $45 million by hacking a MasterCard credit card processor, manipulating pre-paid debit cards issued by banks in the Middle East, and then withdrawing the money from ATMs. Source: http://www.darkreading.com/attacks-breaches/8-new-yorkers-indicted-as-part-of-45-mil/240154595

4. May 9, Tampa Bay Times – (Florida) Man pleads guilty to $20M mortgage fraud in Hillsborough. A Broward County man pleaded guilty to mortgage fraud conspiracies involving two Tampa Bay apartment buildings that defrauded lenders of more than $20 million. Source: http://www.tampabay.com/news/courts/criminal/man-pleads-guilty-to-20m-mortgage-fraud-in-hillsborough/2120160

5. May 9, CNN – (California) California accuses JPMorgan of fraud in credit-card-debt collection. The Attorney General of California announced a lawsuit against JPMorgan that alleges the bank used fraudulent and unlawful practices when it filed more than 100,000 credit card debt lawsuits against consumers between 2008 and 2011. Source: http://money.cnn.com/2013/05/09/news/companies/jpmorgan-credit-card/

Information Technology Sector

37. May 10, Softpedia – (International) Winnti backdoor created with Aheadlib to mimic legitimate system library. Researchers at Trend Micro found a new Winnti malware family backdoor dubbed “Bkdr_Tengo.A” which was built with Aheadlib in an attempt to make the malware appear to be a legitimate system library. Source: http://news.softpedia.com/news/Winnti-Backdoor-Created-with-Aheadlib-to-Mimic-Legitimate-System-Library-352240.shtml

38. May 10, Help Net Security – (International) Hijacking Facebook accounts via expired Hotmail accounts. Researchers at Rutgers University found that Facebook accounts can be hijacked by requesting automatically retired Hotmail email accounts to be assigned to a new user, and then using Facebook’s password reset function. Source: http://www.net-security.org/secworld.php?id=14892

Communications Sector

Nothing to report


Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport

Contact Information

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2314

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.

Removal from Distribution List:     Send mail to support@govdelivery.com.


Contact DHS

To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at  nicc@dhs.gov or (202) 282-9201.

To report cyber infrastructure incidents or to request information, please contact US-CERT at  soc@us-cert.gov or visit their Web page at  www.us-cert.go v.

Department of Homeland Security Disclaimer

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.