The Courts

Silk Road Founder Ross Ulbricht Sentenced To Life In Prison 285

Posted by Soulskill
from the sorry-about-your-luck dept.
An anonymous reader sends an update on the trial of Ross Ulbricht, the man behind the Silk Road online black market. Sentencing is now complete, and Ulbricht has been given life in prison. He had been facing a 20-year minimum because of the charge of being a "drug kingpin," and prosecutors were asking for a sentence substantially higher than the minimum. Prior to the sentence being handed down today, Ulbricht spoke before the court for 20 minutes, asking for leniency and for the judge to leave him a "light at the end of the tunnel." The judge was unswayed, giving Ulbricht the most severe sentence possible. She said, "The stated purpose [of the silk road] was to be beyond the law. ... Silk Road's birth and presence asserted that its creator was better than the laws of this country. This is deeply troubling, terribly misguided, and very dangerous." Ulbricht's family plans to appeal.
Crime

Feds Bust a Dark-Web Counterfeit Coupon Kingpin 86

Posted by Soulskill
from the coupon-for-free-living-arrangements-at-a-penitentiary dept.
Sparrowvsrevolution writes: The dark web has become the go-to corner of the Internet to buy drugs, stolen financial data, guns...and counterfeit coupons for Clif bars and condoms? The FBI indicted Beauregard Wattigney yesterday for wire fraud and trademark counterfeiting on digital black market sites Silk Road and Silk Road 2. Wattigney allegedly spoofed coupons for dozens of products and sold collections of them online in exchange for Bitcoin. The FBI accused him of doing $1 million worth of collective damage to the companies he made coupons for, but a fraud consultancy believes the total financial cost of his actions was much higher. Wattigney also offered expensive lessons that taught people how to make their own coupons. "In his tutorials, [he] explained the simple breakdown of barcode creation using the increasingly universal GS1 standard: GS1 codes begin with a 'company prefix' that can be copied from any of the company's products. The next six digits are the 'offer code,' which can be any random number for a counterfeit coupon, followed by the savings amount listed in cents and the required number of item purchases necessary to receive the discount."
Communications

Murder Accusations Hang Over Silk Road Boss Ulbricht's Sentencing 80

Posted by timothy
from the prison-break-blockbuster-in-the-works dept.
Patrick O'Neill writes: Ross Ulbricht has never been tried for murder. But tomorrow, when the convicted Silk Road creator is sentenced to prison, murder will be on the mind of the judge. Despite never filing murder-for-hire charges, New York federal prosecutors have repeatedly pushed for harsh sentencing because they say Ulbricht solicited multiple murders. The judge herself recently referred to Ulbricht's "commission of murders-for-hire" in a letter about the sentencing, painting an even grimmer picture of Ulbricht's sentencing prospects.
Spam

Attackers Use Email Spam To Infect Point-of-Sale Terminals 85

Posted by samzenpus
from the protect-ya-neck dept.
jfruh writes: Point-of-sale software has meant that in many cases where once you'd have seen a cash register, you now see a general-purpose PC running point-of-sale (PoS) software. Unfortunately, those PCs have all the usual vulnerabilities, and when you run software on it that processes credit card payments, they become a tempting target for hackers. One of the latest attacks on PoS software comes in the form of malicious Word macros downloaded from spam emails.
Privacy

Sniffing and Tracking Wearable Tech and Smartphones 56

Posted by samzenpus
from the all-the-better-to-follow-you-with dept.
An anonymous reader writes: Senior researcher Scott Lester at Context Information Security has shown how someone can easily monitor and record Bluetooth Low Energy signals transmitted by many mobile phones, fitness monitors, and iBeacons. The findings have raised concerns about the privacy and confidentiality wearable devices may provide. “Many people wearing fitness devices don’t realize that they are broadcasting constantly and that these broadcasts can often be attributed to a unique device,” said Scott says. “Using cheap hardware or a smartphone, it could be possible to identify and locate a particular device – that may belong to a celebrity, politician or senior business executive – within 100 meters in the open air. This information could be used for social engineering as part of a planned cyber attack or for physical crime by knowing peoples’ movements.” The researchers have even developed an Android app that scans, detects and logs wearable devices.
Crime

'Prisonized' Neighborhoods Make Recidivism More Likely 164

Posted by Soulskill
from the won't-you-be-my-neighbor dept.
sciencehabit writes: One of the most important questions relating to incarceration and rehabilitation is how to discourage recidivism. After a prison stint, about half of convicts wind up back in the slammer within three years. But sociologist David Kirk noticed a pattern: convicts who moved away from their old neighborhood when released from prison had a much smaller recidivism rate. Kirk found that the concentration of former prisoners in a neighborhood had a dramatic effect on the likelihood of committing another offense (abstract). "So if an ex-con’s average chance of returning to prison after just 1 year was 22%—as it was in 2006—an additional new parolee in the neighborhood boosted that chance to nearly 25%. The numbers climb for each new parolee added. In some of the most affected neighborhoods—where five of every thousand residents were recent parolees—nearly 35% were back behind bars within a year of getting out." The rates stayed consistent even when controlling for chronic poverty and other neighborhood characteristics.
Biotech

DNA On Pizza Crust Leads To Quadruple Murder Suspect 183

Posted by samzenpus
from the taking-a-bite-out-of-crime dept.
HughPickens.com writes: In a case straight out of CSI, CNN reports that police are searching for the man suspected in the gruesome slayings of the Savopoulos family and their housekeeper, after his DNA was purportedly found on a pizza crust at the scene of the quadruple murders. They discovered his DNA on the crust of a Domino's pizza — one of two delivered to the Savopoulos home May 14 as the family was held hostage inside — a source familiar with the investigation said. The pizza apparently was paid for with cash left in an envelope on the porch. The next morning, Savvas Savopoulos's personal assistant dropped off a package containing $40,000 in cash at the home, according to the officials and police documents.

The bodies of Savopoulos, along with his wife, Amy, their 10-year-old son Philip and the family's housekeeper, Veralicia Figueroa, were discovered the afternoon of May 14 after firefighters responded to reports of a fire. D.C. Police Chief Cathy Lanier says the killings are likely not a random crime and police have issued an arrest warrant for the 34-year-old Daron Dylon Wint, who is described as 5'7 and 155 lbs and might also go by the name "Steffon." Wint apparently used to work at American Iron Works, where Savvas Savopoulos was CEO and president. The neighborhood is home to numerous embassies and diplomatic mansions as well as the official residence of Vice President Joe Biden and his wife. "Right now you have just about every law enforcement officer across the country aware of his open warrant and are looking for him," says Lanier. "I think even his family has made pleas for him to turn himself in."
Security

Stanford Researcher Finds Little To Love In Would-Be Hacker Marketplace 75

Posted by timothy
from the it-is-what-it-is dept.
An anonymous reader writes: What if there were an Uber for hackers? Well, there is. It's called Hacker's List, and it made the front page of the New York Times this year. Anyone can post or bid on an 'ethical' hacking project. According to new Stanford research, however, the site is a wreck. 'Most requests are unsophisticated and unlawful, very few deals are actually struck, and most completed projects appear to be criminal.' And it gets worse. 'Many users on Hacker's List are trivially identifiable,' with an email address or Facebook account. The research dataset includes thousands of individuals soliciting federal crimes.
Privacy

CareFirst Admits More Than a Million Customer Accounts Were Exposed In Security Breach 82

Posted by timothy
from the camel-cased-in-triplicate dept.
An anonymous reader writes with news, as reported by The Stack, that regional health insurer CareFirst BlueCross BlueShield, has confirmed a breach which took place last summer, and may have leaked personal details of as many as 1.1 million of the company's customers: "The Washington D.C.-based firm announced yesterday that the hack had taken place in June last year. CareFirst said that the breach had been a 'sophisticated cyberattack' and that those behind the crime had accessed and potentially stolen sensitive customer data including names, dates of birth, email addresses and ID numbers. All affected members will receive letters of apology, offering two years of free credit monitoring and identity threat protection as compensation, CareFirst said in a statement posted on its website." Free credit monitoring is pretty weak sauce for anyone who actually ends up faced with identity fraud.
The Almighty Buck

FBI: Social Media, Virtual Currency Fraud Becoming a Huge Problem 39

Posted by samzenpus
from the buy-my-web-dollars dept.
coondoggie writes: Criminals taking advantage of personal data found on social media and vulnerabilities of the digital currency system are two of the emerging Internet law-breaking trends identified by the FBI's Internet Crime Complaint Center (IC3) in its annual look at online crime. The IC3 said 12% of the complaints submitted in 2014 contained a social media trait. Complaints involving social media have quadrupled over the last five years. In most cases, victim’s personal information was exploited through compromised accounts or social engineering.
China

US Levels Espionage Charges Against 6 Chinese Nationals 100

Posted by Soulskill
from the coveting-our-baconnaise-technology dept.
Taco Cowboy writes: The U.S. government has indicted five Chinese citizens and arrested a Chinese professor on charges of economic espionage. The government alleges that they took jobs at two small, American chipmakers — Avago Technologies and Skyworks Solutions — in order to steal microelectronics designs. "All of them worked, the indictment contends, to steal trade secrets for a type of chip popularly known as a “filter” that is used for acoustics in mobile telephones, among other purposes. They took the technology back to Tianjin University, created a joint venture company with the university to produce the chips, and soon were selling them to both the Chinese military and to commercial customers."

It's interesting to note that the Reuters article keeps mentioning how this technology — used commonly as an acoustic filter — has "military applications." It's also interesting to look at another recent case involving Shirrey Chen, a hydrologist who was mysteriously arrested on suspicion of espionage, but then abruptly cleared five months later. One can't help but wonder what's driving the U.S.'s new strategy for tackling economic espionage.
Crime

Swedish Court Orders Seizure of Pirate Bay Domains 55

Posted by timothy
from the grand-mal dept.
The Pirate Bay will probably never be the darling of any government; we've seen various Pirate Bay domains cracked down on, and the arrests of site founders. An anonymous reader writes now with the news reported this morning by TorrentFreak that: the Stockholm District Court has ordered two key domains owned by The Pirate Bay to be seized. While the ruling means that the site will lose its famous ThePirateBay.se domain, don't expect the site to simply disappear. TPB informs TorrentFreak that they have plenty more domains left in store. From the point of view of the down-crackers, It's a hard problem, particularly when it's easy for people to spin up their own instances of the site.
United Kingdom

UK Criminals Use Drones To Case Burglary Prospects 71

Posted by samzenpus
from the eye-in-the-sky dept.
turkeydance writes: Burglars in the UK are sending unmanned drones over houses in order to identify potential targets, police have warned. Suffolk Constabulary confirmed it had received at least one report of drones being used by burglars for surveillance of properties. Paul Ford, secretary of the Police Federation National Detectives Forum, said: “Drones can be noisy and very visible so hopefully criminals risk giving themselves away. If members of the public observe drones being used in areas which make them suspicious they should contact police using the 101 non-emergency number to report it."
Crime

Silk Road's Leader Paid a Doctor To Help Keep Customers Safe 110

Posted by samzenpus
from the safety-first dept.
An anonymous reader writes: Two years after the fall of Silk Road, new facts about the saga are still emerging all the time. The latest revelation is that Dread Pirate Roberts, the leader of Silk Road, paid a doctor $500 per week to offer public and private counseling to customers of the site. DoctorX, also known as Dr. Fernando Caudevilla, became famous for his free work on the site. The fact that he was eventually paid a salary is being used by lawyers for Ross Ulbricht to argue that Silk Road emphasized harm reduction and was, on the whole, a huge improvement in safety for drug users.
Government

GCHQ Officials Given Immunity From Hacking Charges 118

Posted by Soulskill
from the government-in-CYA-mode dept.
An anonymous reader writes with news that members of British intelligence agency GCHQ have been granted immunity from prosecution for any laws they might have violated while hacking into citizens' computers or cellphones. The immunity was granted by changes to the Computer Misuse Act that weren't noticed until now, and not discussed or debated when implemented. While different legislation has long been thought to grant permission for illegal activities abroad, civil rights groups were unaware that domestic hacking activities were covered now as well. The legislative changes were passed on March 3rd, 2015, long after domestic spying became a hot-button issue, and almost a year after Privacy International and several ISPs filed complaints challenging it.
Transportation

FBI Alleges Security Researcher Tampered With a Plane's Flight Control Systems 190

Posted by Soulskill
from the feel-free-to-not-do-that dept.
Salo2112 writes with a followup to a story from April in which a security researcher was pulled off a plane by FBI agents seemingly over a tweet referencing a security weakness in one of the plane's systems. At the time, the FBI insisted he had actually tampered with core systems on an earlier flight, and now we have details. The FBI's search warrant application (PDF) alleges that the researcher, Chris Roberts, not only hacked the in-flight entertainment system, but also accessed the Thrust Management Computer and issued a climb command. "He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights. He also stated that he used Vortex software after comprising/exploiting or ‘hacking’ the airplane’s networks. He used the software to monitor traffic from the cockpit system." Roberts says the FBI has presented his statements out of their proper context.
Crime

Dzhokhar Tsarnaev Gets Death Penalty In Boston Marathon Bombing 649

Posted by timothy
from the what-say-ye? dept.
mpicpp writes with a link to the New York Times's version of story that a Boston jury earlier today returned a verdict of death in the Boston Marathon bombing. From that report: A federal jury on Friday condemned Dzhokhar Tsarnaev, a failed college student, to death for setting off bombs at the 2013 Boston Marathon that killed three people and injured hundreds more in the worst terrorist attack on American soil since Sept. 11, 2001. The jury of seven women and five men, which last month convicted Mr. Tsarnaev, 21, of all 30 charges against him, 17 of which carry the death penalty, took more than 14 hours to reach its decision. It was the first time a federal jury had sentenced a terrorist to death in the post-Sept. 11 era, according to Kevin McNally, director of the Federal Death Penalty Resource Counsel Project, which coordinates the defense in capital punishment cases.
Cellphones

FCC May Stop 911 Access For NSI Phones 211

Posted by timothy
from the why-we-can't-have-nice-things dept.
An anonymous reader writes: It's generally known that if you call 911 from a cell phone in the USA, you will be connected to the nearest Public Safety Access Point, whether or not the phone has an active account. This is the basis for programs that distribute donated phones for emergency-only use. However, the FCC has proposed a rule change that would eliminate the requirement for telephone companies to connect 911 calls made by NSI (non-service-initialized) phones. The main reason for the proposed rule change are the problems caused by fraudulent 911 calls made through NSI phones. Yet respondents cited by the FCC show that as many as 30% of 911 calls from NSI phones are for legitimate emergencies. The comment period for the proposed rule change ends on June 6th, 2015.
Security

Hackers Using Starbucks Gift Cards To Access Credit Cards 124

Posted by samzenpus
from the protect-ya-neck dept.
jfruh writes: Starbucks inspires loyalty among its heavy users — so much so that they're willing to connect their Starbucks gift cards and phone apps directly to their credit or debit cards, auto-refilling the balance when it runs low. But this has opened up a hole hackers can exploit. Writing about the scheme journalist Bob Sullivan says: "The fraud is a big deal because Starbucks mobile payments are a big deal. Last year, Starbucks said it processed $2 billion in mobile payment transactions, and about 1 in 6 transactions at Starbucks are conducted with the Starbucks app. Maria Nistri, 48, was a victim this week. Criminals stole the Orlando women’s $34.77 in value she had loaded onto her Starbucks app, then another $25 after it was auto-loaded into her card because her balance hit 0. Then, the criminals upped the ante, changing her auto reload amount to $75, and stealing that amount, too. All within 7 minutes."
Crime

US Passport Agency Contractor Stole Applicants' Data To Steal Their Identities 45

Posted by samzenpus
from the was-that-wrong? dept.
An anonymous reader writes: According to federal prosecutors three women are responsible for an identity theft and wire fraud scheme targeting both the Houston and Atlanta passport agencies. Chloe McClendon, Alicia Myles, and Dominique Thomas are accused of stealing personal information from the passport administration and transmitting it back and forth between one another. The stolen information was used to obtain lines of credit in order to purchase iPhones, iPads and other electronics. The scheme went on for over five years.