Harvey Mudd College, Claremont, California USA Co-op with Aerospace Corporation, El Segundo, California USA (2000) Federally Funded Research & Development Corporation (FFRDC) Supports national security, civil and commercial space programs Graduate of FBI Citizens’ Academy
ARPA renamed to DARPA in March 1972 Renamed ARPA again in February 1993 Renamed DARPA again in March 1996
Hawala – today, “probably used mostly for migrant workers’ remittances to their countries of origin” Chart source: International Monetary Fund, http://www.imf.org/external/pubs/ft/fandd/2002/12/elqorchi.htm Pony Express – 1860-1861; 2,000 miles from Missouri to Sacramento, California; 190 stations spaced at roughly 10 mile intervals (about the maximum distance a horse could run at full gallop). Riders carried along a mochila and changed horses at each station. Replaced by the telegraph.
Avprofit says it will pay affiliates roughly $1,000 for every 1,000 times they distribute this installer program, or about $1 per install.
Krebs on Security blog, written by Brian Krebs formerly of the Washington Post http://www.krebsonsecurity.com/category/smallbizvictims/ Formerly wrote Security Fix blog for the Washington Post http://voices.washingtonpost.com/securityfix/small_business_victims/ “ Computer Crooks Steal $100,000 from Ill. Town”, 2010-04-06 http://krebsonsecurity.com/2010/04/computer-crooks-steal-100000-from-ill-town/ “ Online Thieves Take $205,000 Bite Out of Missouri Dental Practice”, 2010-03-30 http://krebsonsecurity.com/2010/03/online-thieves-take-205000-bite-out-of-missouri-dental-practice/ “ Organized Crooks Hit NJ Town, Ark. Utility”, 2010-03-22 http://krebsonsecurity.com/2010/03/organized-crooks-hit-nj-town-arizona-utility/
Avalanche is fast-flux hosting network similar to Asprox
Compromised web pages frequently vehicle of choice for mass malware distribution
Hence, most servers are compromised in order to compromise client
Those clients may then be used to compromise servers inside the enterprise! (Aurora!)
Sophisticated software development
Authors of malware kits (Trojan toolkits, web-attack toolkits, droppers, rootkits, etc.) are becoming very responsive to their client-base and are producing highly usable, modular and upgradeable software at a tremendous rate.
For instance, the BlackEnergy2 Trojan-builder kit has a fully modular plug-in architecture which allows for the separate sale of plug-ins for different purposes and designed to target specific PKI schemes, etc.
In May of 2009 a number of actors in Mainland China began a targeted attack on Google and several other major US-Based corporations with the intent of exfiltrating sensitive data for political and financial gain.
The Aurora team used a privately-held IE-7 0-day exploit as well as an Adobe PDF vulnerability to infect workstations at Google and others with sophisticated RATs
Social-engineering using methods similar to Fake-AV campaigns was also used
Once the Aurora team had access to internal systems, they quickly compromised source-code repositories, email databases, and other extremely sensitive financial and operational data from the inside
“ Security tool designed to stealthy run on winnt based systems (win2k to winvista) and to stealthy and efficiently spread with 3 spreaders, which were specially designed and improved compared to already known public methods. (sic)”
The three spreaders are MSN, USB, and P2P. Listed P2P networks were “ares, bearshare, imesh, shareaza, kazaa, dcplusplus, emule, emuleplus, limewire. (sic)”
Commercial Market for ButterflyBot Source: Panda Security