The company has signed Shawn Henry, the FBI’s former executive assistant director of the Criminal, Cyber, Response, and Service Branch, as the new president of its services subsidiary, CrowdStrike Services. Henry is a 24-year FBI veteran who led some of the Bureau’s biggest cybercrime cases.

Crowdstrike was launched by two veterans of McAfee, the security software concern that’s now a unit of chip giant Intel: George Kurtz, McAfee’s former CTO, and Dmitri Alperovitch, its former Vice President of Threat Research.

Not a great deal has yet been disclosed about Crowdstrike’s approach to security, but in the February 22 blog post announcing the launch of the company, Kurtz explained that, having seen the results of investigations into several high-profile cyber attacks, the current state of security practice is akin to the old French Maginot Line that was intended to keep out the Germans.

Kurtz argued that once you know your enemy — the party that’s attacking you — the key to success in stopping their attacks on your digital assets is to raise the cost of the human-powered portions of their attacks. “The only way to accomplish that is by forcing them to change the way they conduct the human-led parts of their intrusions, such as reconnaissance, lateral movement, identification of valuable assets, and exfiltration,” Kurtz wrote.

Henry did a short video announcing his move, and I embedded it below.

Shawn Henry, who is preparing to leave the FBI after more than two decades with the bureau, said in an interview that the current public and private approach to fending off hackers is “unsustainable.” Computer criminals are simply too talented and defensive measures too weak to stop them, he said.

Read the rest of this post on the original site »

The new details, revealed in court documents made public on Thursday, show how quickly investigators were able to turn 28-year-old Hector Xavier Monsegur against his fellow alleged hackers.

Read the rest of this post on the original site »

I’m working on getting copies of the criminal complaints, and will add them here when I do, but here’s the rundown: It looks like one of the group’s insiders got caught and probably made some kind of misstep in covering his tracks, and then worked secretly with the government to inform on other members. This is exactly what I said was likely to happen in this case, way back in June.

According to Fox, the one who turned is a New Yorker named Hector Xavier Monsegur, who worked under the handle Sabu. He’s 28 years old and the father of two, and lives on the Lower East Side of Manhattan. This is his Twitter feed. He’s been a cooperating witness since June, which coincides nicely with the moment when the first rumors started to emerge that the FBI had penetrated the group.

Fox says that according to documents that will be unsealed in a New York federal court today, Monsegur pleaded guilty in August to several hacking-related crimes. His cooperation led to charges against five more people in Chicago, the U.K. and Ireland. Among them is Jake Davis, the 18-year-old resident of the Shetland Islands, who went by the handle Topiary, and whom police in the U.K. collared on Aug. 1.

The other four are Ryan Ackroyd, who went under the handle “Kayla.” He’s a Londoner. Two people from Ireland were also charged: Darren Martyn, whose handle was “pwnsauce,” and Donncha O’Cearrbhail, who called himself “palladium.” Jeremy Hammond of Chicago went by the handle “Anarchaos.”

The news makes the following tweet by Monsegur, a.k.a. Sabu, seem sort of ironic. Among his final tweets, before word emerged that he had helped turn in his comrades, were several railing against informants and other “cowards.” Clearly, he was keeping up a brave public face:

Without informants or companies bending over+giving up their customer data the feds would be further behind than they are now. Ride up.

March 5, 2012 7:59 am via Twitter for BlackBerry®ReplyRetweetFavorite

@anonymouSabu

The Real Sabu

Anonymous, the wider hacker group with which LulzSec teamed up last year, was quick to urge its followers to block Sabu’s Twitter account.

@anonymouSabu is now controlled by feds. We have blocked the account and we suggest you do as well. #BlockAnonymouSabu

March 6, 2012 10:38 am via TweetDeckReplyRetweetFavorite

@anonops

AnonOps

Hammond, the one in Chicago, was said to be the one who led the hack against the private intelligence company Stratfor. He was profiled by Chicago Magazine in 2007 and portrayed as something of a digital Robin Hood.

Ackroyd is said to be the one who found the weaknesses in the servers of the U.S. Senate that led to its being attacked in June. Hacking federal computer systems is considered a serious crime in the U.S., but is something that LulzSec said, in the posting to Pastebin at the time, that they carried out “just for kicks.”

Update: So the US Attorney’s Office in New York has issued its press release confirming most of what Fox reported. Here it is.

Six Hackers in the United States and Abroad Charged for Crimes Affecting Over One Million Victims

Four Principal Members of “Anonymous” and “LulzSec” Charged with Computer Hacking and Fifth Member Pleads Guilty; “AntiSec” Member also Charged with Stealing Confidential Information from Approximately 860,000 Clients and Subscribers of Stratfor

U.S. Attorney’s Office March 06, 2012

Five computer hackers in the United States and abroad were charged today, and a sixth pled guilty, for computer hacking and other crimes. The six hackers identified themselves as aligned with the group Anonymous, which is a loose confederation of computer hackers and others, and/or offshoot groups related to Anonymous, including “Internet Feds,” “LulzSec,” and “AntiSec.”

RYAN ACKROYD, a/k/a “kayla,” a/k/a “lol,” a/k/a “lolspoon”; JAKE DAVIS, a/k/a “topiary,” a/k/a “atopiary”; DARREN MARTYN, a/k/a “pwnsauce,” a/k/a “raepsauce,” a/k/a “networkkitten”; and DONNCHA O’CEARRBHAIL, a/k/a “palladium,” who identified themselves as members of Anonymous, Internet Feds, and/or LulzSec, were charged in an indictment unsealed today in Manhattan federal court with computer hacking conspiracy involving the hacks of Fox Broadcasting Company, Sony Pictures Entertainment, and the Public Broadcasting Service (“PBS”). O’CEARRBHAIL is also charged in a separate criminal complaint with intentionally disclosing an unlawfully intercepted wire communication.

HECTOR XAVIER MONSEGUR, a/k/a “Sabu,” a/k/a “Xavier DeLeon,” a/k/a “Leon,” who also identified himself as a member of Anonymous, Internet Feds, and LulzSec, pled guilty on August 15, 2011 in U.S. District Court to a 12-count information charging him with computer hacking conspiracies and other crimes. MONSEGUR’S information and guilty plea were unsealed today. The crimes to which MONSEGUR pled guilty include computer hacking conspiracy charges initially filed in the Southern District of New York. He also pled guilty to the following charges: a substantive hacking charge initially filed by the U.S. Attorney’s Office in the Eastern District of California related to the hacks of HBGary, Inc. and HBGary Federal LLC; a substantive hacking charge initially filed by the U.S. Attorney’s Office in the Central District of California related to the hack of Sony Pictures Entertainment and Fox Broadcasting Company; a substantive hacking charge initially filed by the U.S. Attorney’s Office in the Northern District of Georgia related to the hack of Infragard Members Alliance; and a substantive hacking charge initially filed by the U.S. Attorney’s Office in the Eastern District of Virginia related to the hack of PBS, all of which were transferred to the Southern District of New York, pursuant to Rule 20 of the Federal Rules of Criminal Procedure, in coordination with the Computer Crime and Intellectual Property Section (“CCIPS”) in the Justice Department’s Criminal Division.

Late yesterday, JEREMY HAMMOND, a/k/a “Anarchaos,” a/k/a “sup_g,” a/k/a “burn,” a/k/a “yohoho,” a/k/a “POW,” a/k/a “tylerknowsthis,” a/k/a “crediblethreat,” who identified himself as a member of AntiSec, was arrested in Chicago, Illinois and charged in a criminal complaint with crimes relating to the December 2011 hack of Strategic Forecasting, Inc. (“Stratfor”), a global intelligence firm in Austin, Texas, which may have affected approximately 860,000 victims. In publicizing the Stratfor hack, members of AntiSec reaffirmed their connection to Anonymous and other related groups, including LulzSec. For example, AntiSec members published a document with links to the stolen Stratfor data titled, “Anonymous Lulzxmas rooting you proud” on a file sharing website.

The following allegations are based on the indictment, the information, the complaints, and statements made at MONSEGUR’s guilty plea:

Hacks by Anonymous, Internet Feds, and LulzSec

Since at least 2008, Anonymous has been a loose confederation of computer hackers and others. MONSEGUR and other members of Anonymous took responsibility for a number of cyber attacks between December 2010 and June 2011, including denial of service (“DoS”) attacks against the websites of Visa, MasterCard, and PayPal, as retaliation for the refusal of these companies to process donations to Wikileaks, as well as hacks or DoS attacks on foreign government computer systems.

Between December 2010 and May 2011, members of Internet Feds similarly waged a deliberate campaign of online destruction, intimidation, and criminality. Members of Internet Feds engaged in a series of cyber attacks that included breaking into computer systems, stealing confidential information, publicly disclosing stolen confidential information, hijacking victims’ e-mail and Twitter accounts, and defacing victims’ Internet websites. Specifically, ACKROYD, DAVIS, MARTYN, O’CEARRBHAIL, and MONSEGUR, as members of InternetFeds, conspired to commit computer hacks including: the hack of the website of Fine Gael, a political party in Ireland; the hack of computer systems used by security firms HBGary, Inc. and its affiliate HBGary Federal, LLC, from which Internet Feds stole confidential data pertaining to 80,000 user accounts; and the hack of computer systems used by Fox Broadcasting Company, from which Internet Feds stole confidential data relating to more than 70,000 potential contestants on “X-Factor,” a Fox television show.

In May 2011, following the publicity that they had generated as a result of their hacks, including those of Fine Gael and HBGary, ACKROYD, DAVIS, MARTYN, and MONSEGUR formed and became the principal members of a new hacking group called “Lulz Security” or “LulzSec.” Like Internet Feds, LulzSec undertook a campaign of malicious cyber assaults on the websites and computer systems of various business and governmental entities in the United States and throughout the world. Specifically, ACKROYD, DAVIS, MARTYN, and MONSEGUR, as members of LulzSec, conspired to commit computer hacks including the hacks of computer systems used by the PBS, in retaliation for what LulzSec perceived to be unfavorable news coverage in an episode of the news program “Frontline”; Sony Pictures Entertainment, in which LulzSec stole confidential data concerning approximately 100,000 users of Sony’s website; and Bethesda Softworks, a video game company based in Maryland, in which LulzSec stole confidential information for approximately 200,000 users of Bethesda’s website.

The Stratfor Hack

In December 2011, HAMMOND conspired to hack into computer systems used by Stratfor, a private firm that provides governments and others with independent geopolitical analysis. HAMMOND and his co-conspirators, as members of AntiSec, stole confidential information from those computer systems, including Stratfor employees’ e-mails as well as account information for approximately 860,000 Stratfor subscribers or clients. HAMMOND and his co-conspirators stole credit card information for approximately 60,000 credit card users and used some of the stolen data to make unauthorized charges exceeding $700,000. HAMMOND and his co-conspirators also publicly disclosed some of the confidential information they had stolen.

The Hack of International Law Enforcement

In January 2012, O’CEARRBHAIL hacked into the personal e-mail account of an officer with Ireland’s national police service, the An Garda Siochana (the “Garda”). Because the Garda officer had forwarded work e-mails to a personal account, O’CEARRBHAIL learned information about how to access a conference call that the Garda, the FBI, and other law enforcement agencies were planning to hold on January 17, 2012 regarding international investigations of Anonymous and other hacking groups. O’CEARRBHAIL then accessed and secretly recorded the January 17 international law enforcement conference call, and then disseminated the illegally-obtained recording to others.

***

MONSEGUR, 28, of New York, New York, pled guilty to three counts of computer hacking conspiracy, five counts of computer hacking, one count of computer hacking in furtherance of fraud, one count of conspiracy to commit access device fraud, one count of conspiracy to commit bank fraud, and one count of aggravated identity theft. He faces a maximum sentence of 124 years and six months in prison.

ACKROYD, 23, of Doncaster, United Kingdom; DAVIS, 29, of Lerwick, Shetland Islands, United Kingdom; and MARTYN, 25, of Galway, Ireland, each are charged with two counts of computer hacking conspiracy. Each conspiracy count carries a maximum sentence of 10 years in prison.

O’CEARRBHAIL, 19, of Birr, Ireland, is charged in the indictment with one count of computer hacking conspiracy, for which he faces 10 years in prison. He is also charged in the complaint with one count of intentionally disclosing an unlawfully intercepted wire communication, for which he faces a maximum sentence of five years in prison.

HAMMOND, 27, of Chicago, Illinois, is charged with one count of computer hacking conspiracy, one count of computer hacking, and one count of conspiracy to commit access device fraud. Each count carries a maximum sentence of 10 years in prison.

DAVIS is separately facing criminal charges in the United Kingdom, which remain pending, and ACKROYD is being interviewed today by the Police Central e-crime Unit in the United Kingdom. O’CEARRBHAIL was arrested today by the Garda.

The case is being prosecuted by the U.S. Attorney’s Office for the Southern District of New York. The investigation was initiated and led by the FBI, and its New York Cyber Crime Task Force, which is a federal, state, and local law enforcement task force combating cybercrime, with assistance from the PCeU; a unit of New Scotland Yard’s Specialist Crime Directorate, SCD6; the Garda; the Criminal Division’s CCIPS; and the U.S. Attorneys’ Offices for the Eastern District of California, the Central District of California, the Northern District of Georgia, and the Eastern District of Virginia; as well as the Criminal Division’s Office of International Affairs.

The charges contained in the indictment and complaints are merely accusations, and the defendants are presumed innocent unless and until proven guilty.

And here’s the initial indictment on Hector Monsegur, initially filed in the US District Court for the Southern District of New York in August of last year. I’m gathering up documents on the other people charged in this and will share it as I get it.

Monsegur

The agency just released its file on Jobs, compiled during a background check conducted in the 1990s, when Jobs was being considered for a spot on a White House council on exports. And, with the exception of a noteworthy nugget or two, it’s about as mundane as they come.

If you’ve read Walter Isaacson’s biography of Jobs — or, frankly, any newspaper obituary of the man — then you’re already as well-informed on his life and peccadilloes as the FBI.

Put it this way: Among the highlights of the agency’s 191-page dossier is the observation that Jobs was a former hippie: “During the late 1960s and early 1970s, Mr. Jobs may have experimented with illegal drugs, having come from that generation.”

A few others:

• Jobs had a tendency to “twist the truth and distort reality in order to achieve his goals.”
• Jobs underwent a “change in philosophy by participating in eastern and/or Indian mysticism and religion. This change apparently influenced his personal life for the better.”
• Jobs was “strongwilled, stubborn, hardworking and driven, which … is why he is so successful.”
• Jobs liked to get his own way.
• Jobs was not a member of the Communist party.
• Jobs did “an outstanding job in the computer industry.”

Really, the FBI’s only discovery of note was that Jobs was inexplicably granted Top Secret security clearance by the Defense Industrial Security Clearance Office between 1988 and 1990. Oddly, those credentials were issued by Pixar, which may have done some government work around that time.

Beyond that? Not much. Had Isaacson written his biography of Jobs a few decades earlier, he would have saved the FBI a hell of a lot of work.

Below, the report in its entirety:

Jobs

“I didn’t want the password to live in an email somewhere. I started thinking, what if there was something that would allow me to destroy the email?” Robbins said in an interview.

The thought stayed with him, and by summer, Robbins had dropped the other project to turn his full attention to building a service for hyper-secure email exchanges. He named the service Burn Note.

Burn Note, which opens up to the public today, allows the sender of an email to set a time frame in which the receiver can read an email before the email disappears.

At that point, the email no longer exists — anywhere.

Burn Note’s Web site says the service uses no binary logging, which means there are no standby servers, or backup copies of emails. The company uses a storage engine that has no journaling capabilities, and an underlying file system that logs metadata but not the content of the notes themselves.

While grabbing an image of the email might seem like a simple workaround, Robbins said he has introduced two methods to the service that make it extremely difficult for recipients to quickly copy the text of an email for posterity. Burn Notes can include Web links, but can’t send attached files, though Robbins has said attachments are in the works.

“I think there are a lot of legitimate uses for why people would want an off-the-record conversation,” Robbins said. “The message goes away, but it’s still been communicated to the recipient, which is the point.”

Robbins most recently served as the head of software development for Facebook-acquired Drop.io; he said the Burn Note service was partly inspired by that cloud-storage service. “There was a feature that we considered, but ultimately didn’t turn on, where a file could have a certain number of views before it self-destructed,” Robbins said.

While there currently aren’t any mobile apps for Burn Note, Robbins said that it’s a mobile-optimized Web site, so it can be accessed from a phone with a Web browser.

Highly encrypted or “vanishing” email services aren’t new. In 1999, Canada-based Hush Communications launched Hushmail, a free Web-based email system for individuals and businesses that sent PGP — Pretty Good Privacy — encrypted emails. As Wired reported, it was originally stated that “uniquely-coded” Hushmails were so encrypted that not even Hush employees with access to servers could read the emails.

But in 2007, Hush turned over a dozen CDs of emails, following a court order obtained through a mutual assistance treaty between the U.S. and Canada. The evidence was requested as part of a U.S. federal prosecution of alleged steroid dealers. The company subsequently acknowledged that Hushmails could, in some instances, be decrypted.

In 2009, the New York Times wrote about a group of scientists at the University of Washington who developed software that would make email messages disappear after a period of time. The software, called Vanish, would rely on a key-based encryption system that differed from the usual key cryptography used in digital communications, by making the “keys” erode over time.

A couple of months after that, “Freedom to Tinker,” which is hosted by Princeton’s Center for Information Technology Policy, released a paper detailing a series of experimental attacks against the Vanish prototype. The paper stated that Vanish should be considered too risky to rely on.

On a Web site for Vanish, the group acknowledged that the implementation on which Vanish was based was not adequately protected against attacks, and says it’s “investigating new directions and architectures for self-destructing data.”

Burn Note’s Robbins says Hushmail’s service and the Vanish project are different from Burn Note because those products rely on encryption keys, while Burn Note is effectively reengineering the default settings of computer systems and server systems so that nothing at all is saved.

When asked what Burn Note’s protocol would be for handling requests from law-enforcement officials for email exchanges, Robbins replied, “Burn Notes aren’t emails.”

He went on to say that the exchange of Burn Notes is more comparable to phone calls in that, unless they’re recorded, the exchange itself can’t be retrieved.

But Burn Note — unlike phone companies — doesn’t keep a log of who is communicating with whom. Robbins said the company plans to compile and study anonymous usage data, but will keep two separate logs — incoming messages and outgoing messages — rather than a log of messages exchanged between users. According to the company’s explanation of its technical procedures, even the time stamp on the message is anonymized: Burn Note rounds the times to the nearest hour so that timing cannot be used as a unique identifier.

“A lot of services launch to acclaim that they’re going make digital communications disappear,” said Paul Ohm, an associate professor of law focused on information privacy at the University of Colorado Law School. “But they sometimes become that place where bad people go to exchange information, or a haven for criminals. In order for this work, you have to stay on the side of legitimacy.”

“It’s never a complete dead end,” Ohm added. “There has to be data living somewhere, and there’s always a way to engineer around these systems.”

While Burn Note will at first be marketed to the average email user, Robbins said he hopes to attract attention from the enterprise market. “I think there’s a really interesting set of use cases around banks, especially if it can be made to plug in to existing systems,” he said.

When asked how Burn Note might comply with the record-keeping obligations of U.S. financial institutions have, Robbins said it would require a case-by-case evaluation.

“I don’t have a good answer for that, because it will require review by a legal professional before we can fully work through that type of situation,” Robbins said. He pointed to the company’s privacy policy, which plainly states:

“If you have a legal obligation to preserve data, do not use Burn Note.”

The move came a day after Washington lawmakers were besieged by complaints about legislation designed to crack down on the online sharing of pirated copies of music, movies and other material, people familiar with the matter said.

Read the rest of this post on the original site »

Stingrays are designed to locate a mobile phone even when it’s not being used to make a call. The Federal Bureau of Investigation considers the devices to be so critical that it has a policy of deleting the data gathered in their use, mainly to keep suspects in the dark about their capabilities, an FBI official told The Wall Street Journal in response to inquiries.

A stingray’s role in nabbing the alleged “Hacker” — Daniel David Rigmaiden — is shaping up as a possible test of the legal standards for using these devices in investigations. The FBI says it obtains appropriate court approval to use the device.

Read the rest of this post on the original site »

Agents in the Federal Bureau of Investigation’s Washington field office and fraud prosecutors in the Justice Department’s Criminal Division are handling a criminal investigation, which has been under way for at least a year, according to people familiar with the matter. Attorneys at the Securities and Exchange Commission are also investigating for possible civil violations, these people said.

Read the rest of this post on the original site »

The hacking group Anonymous claimed via its Twitter feed to have breached servers belonging to NATO, the North Atlantic Treaty Organization military alliance that has largely been responsible for the military defense of Europe since the end of World War II.

So far, three PDF copies of documents the group claimed to have taken in the attack were circulating on a sharing site devoted to PDF documents. Two were marked “NATO Restricted” and appear to have been removed from the PDFCast site.

I haven’t seen the first two, but the Telegraph described one as a working paper on communications systems used by NATO forces in Afghanistan, and was said to include technical and procurement information. A second concerned a plan to outsource communications for NATO forces stationed in Kosovo. If it sounds exciting, then I have some news for you: It’s not.

“Restricted” may sound important. As the Register points out, in the taxonomy of document labels, “Restricted” is for documents of relatively low importance. Anonymous is crowing like it has just broken into a trove of NATO’s deepest secrets. It appears instead they’ve taken some documents relating to relatively mundane workaday operations.

Higher up the scale are documents that get stamped “Confidential,” then “Secret” and then “Top Secret.”

A third document which just emerged via the @AnonymousIRC Twitter feed is a 59-page document concerning NATO security procedures. It is marked “NATO Unclassified” which is actually even lower on the totem pole than “Restricted.” The only restriction is that they’re subject to NATO copyright and can only be released with NATO permission. Not that NATO is going to care very much. This very document has been floating around since 2006.

We are sitting on about one Gigabyte of data from NATO now, most of which we cannot publish as it would be irresponsible. But Oh NATO….

July 21, 2011 4:57 am via Power TwitterReplyRetweetFavorite

@AnonymousIRC

AnonymousIRC

Hi NATO. Yes we haz more of your delicious data. You wonder where from? No hints, your turn. You call it war; we laugh at your battleships.

July 21, 2011 7:23 am via Power TwitterReplyRetweetFavorite

@AnonymousIRC

AnonymousIRC

This one isn’t restricted but ironic: http://t.co/A86jUGX | It describes security procedures within NATO. Well, seems nobody ever read them.

July 21, 2011 8:29 am via Power TwitterReplyRetweetFavorite

@AnonymousIRC

AnonymousIRC

NATO issued a statement saying that it is aware of the claim of the breach and is investigating. And it certainly will, but it’s not as if significant alarm bells are likely to be ringing at NATO Headquarters over this, at least not from the documents seen so far, though the group claims to be holding back on releasing some documents it says “most of which we cannot publish as it would be irresponsible.” It promises more releases in the coming days.

Meanwhile, if that weren’t enough, Anonymous and its ally LulzSec jointly taunted the FBI today. Responding to a quote given to National Public Radio in the story below, the groups issued a joint statement saying, “Your threats to arrest us are meaningless.” The statement appears below the radio story.

For those not keeping score, LulzSec is the group that claimed credit for attacking Sony umpteen times, then went on to attack other game companies and the U.S. Senate, then stole emails and other documents from servers belonging to the Arizona State Police. It also stole internal documents from AT&T.

LulzSec in recent weeks claimed it had been absorbed by the larger group Anonymous, but the lines appear to be blurring again, as it is at times active under its own banner. Two people connected to LulzSec’s activities were among 16 arrested in a nationwide FBI operation earlier this week. Fourteen others were arrested in connection with a denial of service attack against PayPal in sympathy with WikiLeaks.

The new statement is in reaction to a statement by an FBI assistant director saying the bureau wants to “send a message” about computer crime. The hacker group’s reaction essentially dares law enforcement to take further action. Something tells me they may get their wish.

The 14 arrested in Alabama, Arizona, California, Colorado, the District of Columbia, Florida, Massachusetts, Nevada, New Mexico and Ohio have been indicted by a federal grand jury in San Jose, California. I’ve embedded the complaint below.

Two others were arrested on similar charges on two separate complaints in Florida. The Florida case concerns the attack on InfraGard, the public-private information-sharing partnership affiliated with the FBI. The New Jersey case concerns the release of confidential documents stolen from AT&T. These would appear to be the first U.S. arrests connected with the LulzSec crew that’s been so active this summer.

Additionally, police in the U.K. arrested another person and police in The Netherlands arrested four more people in connection with the case.

The indictment names 14 people: Christopher Wayne Cooper, 23, a.k.a. “Anthrophobic;” Joshua John Covelli, 26, a.k.a. “Absolem” and “Toxic;” Keith Wilson Downey, 26; Mercedes Renee Haefer, 20, a.k.a. “No” and “MMMM;” Donald Husband, 29, a.k.a. “Ananon;” Vincent Charles Kershaw, 27, a.k.a. “Trivette,” “Triv” and “Reaper;” Ethan Miles, 33; James C. Murphy, 36; Drew Alan Phillips, 26, a.k.a. “Drew010;” Jeffrey Puglisi, 28, a.k.a. “Jeffer,” “Jefferp” and “Ji;” Daniel Sullivan, 22; Tracy Ann Valenzuela, 42; and Christopher Quang Vo, 22. One individual’s name has been withheld by the court, which suggests he or she is a juvenile.

The defendants are charged with conspiracy and intentional damage to a protected computer.

The 14 are accused of carrying out a December distributed denial of service attack against PayPal, the payment site owned by eBay. DDOS attacks are when attackers overwhelm a Web server with fake requests for attention at such a high volume that legitimate users can’t get through.

The group has also claimed responsibility for attacks against Visa, and at one point planned to attack Amazon. Various other factions connected to Anonymous have also attacked Sony and recently claimed responsibility for a hacking attack against the defense contractor Booz Allen Hamilton.

The FBI also made arrests today in the attack on the Web site of InfraGard, a non-profit group affiliated with the FBI itself. Scott Matthew Arciszewski, 21, was arrested today by FBI agents and charged with intentional damage to a protected computer. He’s been charged in the Middle District of Florida and has already appeared in a federal court in Orlando.

The complaint alleges that Arciszewski accessed without authorization the Tampa Bay InfraGard website and uploaded three files, and then Tweeted about it on Twitter.

InfraGard is a public-private partnership for critical infrastructure protection sponsored by the FBI with chapters in all 50 states.

In a related complaint unsealed in the District of New Jersey, the DOJ charged Lance Moore, 21, of Las Cruces, New Mexico with stealing confidential business information stored on AT&T’s servers and posting it on a public file sharing site. Moore is charged with one count of accessing a protected computer without authorization.

According to the New Jersey complaint, Moore, a customer support contractor for AT&T, exceeded his authorized access to AT&T’s servers and downloaded thousands of documents, applications and other files that, on the same day, he allegedly posted on a public file hosting site. That would be The Pirate Bay.

According to the complaint, on June 25, the computer hacking group LulzSec publicized that they had obtained confidential AT&T documents and made them publicly available on the Internet. The documents were the ones Moore had previously uploaded. He faces a maximum penalty of 10 years in prison and a $250,000 fine. Each count of conspiracy carries a maximum penalty of five years in prison and a $250,000 fine.

Here’s the indictment.

Indictment 7.19.11

[Image via Foxnews.com]

I’ve spoken with contacts at three FBI field offices — one here in New York, one in Los Angeles and another in San Francisco. I’m told that in New York search warrants were executed on homes in Brooklyn and in the towns of Baldwin and Merrick on Long Island. A source familiar with the investigation says that IP addresses that have come under scrutiny in the course of the investigation have led agents to search those addresses, but that no arrests have yet been made in New York.

Agents in California have made arrests, though the number and the names of those arrested have not yet been released. Additionally, Fox News is reporting that the FBI made arrests related to the investigation this morning in Florida and New Jersey, and that as many as a dozen people have been arrested in the operation nationwide. Obviously more information will be forthcoming as the situation develops.

The investigation is related specifically to the distributed denial-of-service attacks that were carried out last year and early this year against several companies in the U.S. The attacks were in sympathy with Wikileaks, which had just started disclosing its cache of leaked U.S. diplomatic cables. Visa, the credit card company, was one of its victims.

The group has grown recently as it absorbed another group of hackers calling itself LulzSec, which had harassed Sony in response to its lawsuits against a person who reverse engineered the security on the Playstation gaming console.

Arrests of Anonymous members have previously been reported in the U.K. , in Turkey and in Spain.

Fox has some raw video from the scene where one of the search warrants was executed on Long Island today. It’s below.

[Image and video via Fox News]

“For the past 50 days we’ve been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could,” the group wrote in its statement.

The collection of files it released — LulzSec’s “booty” — which I downloaded, contained a mishmash of text and images intended to demonstrate, one last time, the group’s hacking prowess. Among the collection was an image of a U.S. Navy web site civilian jobs board that had been defaced with 11 entries reading “PabloEscobar AntiSec.”

Another file, entitled “Office Networks of Corporations,” is a text file containing what appear to be the IP addresses of internal corporate networks belonging to several media and telecommunications companies. Among those on the list are the Walt Disney Company, Sony — a favorite LulzSec target — Qwest Communications and the EMI Group.

By far the biggest file — clocking in at more than 600 megabytes — was a folder containing what appeared to be internal documents taken from AT&T. They include what seem to be planning documents, timelines, internal memos related to testing and other documents concerning the construction of AT&T’s LTE wireless network.

Another file appears to be an internal memo concerning the structure of an AOL network.

Another text file, entitled “silly routers,” contains a long list of IP addresses of routers, the networking equipment that functions as the traffic cops of the Internet. Next to each IP address are the creditials used to log in and make changes to the settings of those routers; however, in each case the username and password are “root” and “admin” or “root” and “root.”

The significance here is that “root” is the highest level of administrative access that can be gained on any computer. A user with “root” access has complete control over the system, and “gaining root” is the gold standard of practically any hacker attack. In this case the joke — or Lulz — is that the root accounts are guarded by default passwords, either “root” or “admin,” meaning they’re essentially unguarded. I traced a few of the IP addresses and found they correspond with addresses in Brazil, where a LulzSec branch — really more of a copycat group — has emerged in recent days.

So why is LulzSec calling it quits now at the height of its infamy? For one thing, the heat is clearly on. At least one person said to have ties to the group, a 19-year-old named Ryan Cleary, has been arrested in the U.K., and assuming the person they’ve arrested is guilty as charged, chances are that when the pressure is on, he’ll give Scotland Yard as much evidence as he can in exchange for a lighter sentence.

Additionally, more information has started to emerge about the group via rival gangs and people who are former members. The Guardian Newspaper on Friday published a fascinating account, including a lengthy chatroom transcript that provides a great deal of insight into the group’s inner workings. That this much information has wound up in the hands of a newspaper means that the cone of silence the groups members have relied upon to cover their tracks is starting to break down. Law enforcement agents looking to make more arrests will be combing through the logs looking for connections.

They’ll be looking for someone else like Cleary, who has a history of hanging around on the periphery of groups like LulzSec, and who may have knowledge of how they operate, or other identities they use online. If it plays out as other cases have, eventually investigators will hit upon another clue that will lead to the arrest of key member who will, when the pressure of the law is brought to bear, start naming names of the other members.

With that kind of heat, it behooves LulzSec’s members to go silent and split up, and stop creating any kind of digital trail that might lead to them. Chances are that each member will destroy any evidence in their possession that might implicate them personally: Hard drives will be wiped and perhaps physically destroyed. At the same time they’ll probably retain somewhere enough evidence that will help them finger other members in the event they’re arrested.

Then again, there may never be any more arrests. There are untold scores of infamous computer crimes committed for which no one ever got arrested.

One such group that comes to mind is Hacking for Girliez, which in 1998 defaced the Web site of the New York Times. (See a mirror of what they put up here.) The people who carried out the attack later granted an interview to Forbes Magazine, but were never heard from again. No one ever faced charges in that incident, and the statute of limitations has long since expired.

LulzSec’s members could find a way to quietly fade into digital obscurity in the same way that Hacking for Girliez did more than a decade ago. But then much depends on how well its members can keep their mouths shut. Part of their appeal was their ability to brag about their conquests so publicly and with apparent impunity. If each of the group’s six members can resist the urge to brag that they were once part of the Internet’s most infamous gang of troublemakers, they might just get away with it.

LulzSec’s farewell Tweet and statement are below.

50 Days of Lulz statement: http://t.co/GbAD070 | Torrent: http://t.co/lGsJ4PU Thank you, gentlemen. #LulzSec

June 25, 2011 4:03 pm via webReplyRetweetFavorite

@LulzSec

The Lulz Boat

PREVIOUSLY:

• Despite All the Attention, LulzSec Hackers Failed
• At The Height Of Their Infamy, LulzSec Hackers Call It Quits
• Arizona Confirms LulzSec Docs Are Authentic, Worries About Officer Safety
• LulzSec Goes All Wikileaks On Arizona State Cops
• LulzSec Shrugs After Scotland Yard Nabs Hacking Suspect (Updated)
• LulzSec And Anonymous Team Up to Hack Governments and Banks
• Viral Video: LulzSec Gets Taiwanesed
• CIA Web Site Goes Down; LulzSec Takes Credit
• LulzSec Blasts Space Game Eve Online, Other Gaming Sites
• LulzSec Strikes Again, Hits Bethesda Softworks And U.S. Senate
• Turkey Arrests 32 Alleged Members of Anonymous, Days After Arrests in Spain
• Web Security Start-Up Cloudflare Gets Buzz, Courtesy of LulzSec Hackers
• No Hacks to Report at Xbox, But Microsoft Isn’t Letting Its Guard Down
• No LulzSec Hackers Have Been Arrested–At Least Not Yet
• LulzSec Posts More Sony Data, Amid Claim One of Them Is Arrested
  LulzSec Strikes Again, Claims Attack On Nintendo Server
  Sony Hacked for What Seems To Be the Umpteenth Time

• Sony’s Playstation Network Is Back. Sony’s Reputation Will Take a Little Longer.
• Exclusive: Sony Considers Offering Reward to Help Catch Hackers
• Anonymous Claims It Took No Credit Card Numbers From Sony
• Sony Implicates Anonymous in Attack; Group Denies Involvement
• Sony Apologizes For the Playstation Network Breach
• Sony Blames PlayStation Outage on “External Intrusion”

The arrest of a 19-year-old came in the wake of word that the U.K.’s Office for National Statistics is looking into the possibility that some data from the 2011 Census may have been stolen. There was a claim on Pastebin by someone claiming to be part of LulzSec that they had conducted just such an attack. On its Twitter feed, LulzSec denied any role in attacking the U.K. Census, but it expressed support.

Seems the glorious leader of LulzSec got arrested, it’s all over now… wait… we’re all still here! Which poor bastard did they take down?

June 21, 2011 6:27 am via webReplyRetweetFavorite

@LulzSec

The Lulz Boat

LulzSec, of course, is the group that claims to have hacked several Sony Web sites, as well as a Nintendo site, then the gaming servers of a couple of companies. It has also attacked the Web site of the CIA and of private affiliates of the FBI. As recently as yesterday it claimed to have carried out a denial-of-service attack against a British police agency.

Scotland Yard isn’t yet saying much about the arrest, but did say in a statement that it was in connection with computer attacks carried out against several companies, including denial of service attacks that LulzSec has been openly bragging about for days. It also said it is cooperating with the FBI.

The Wall Street Journal quoted a source familiar with the matter saying that the person arrested “may be a member of LulzSec,” but that can be difficult to pin down in these situations. The person could be merely a sympathizer emulating LulzSec’s methods but without taking the same care to avoid detection. Or it may be a person operating on the fringes of the group in some way.

For what it’s worth, there was yet another claim by the group Web Ninjas, a rival faction that says it wants to expose LulzSec members, that the person arrested goes by the name Ryan and that his is just the first arrest of several that are coming. “Well bad news for LulzSec, count your days as we count your heads, How about this for LULZ?” they wrote. The Web Ninjas go on to describe “Ryan” as the administrator of the IRC chat server supposedly used by LulzSec. But as I said yesterday, it’s difficult to sort out all these claims and counterclaims. We have, of course, seen similar claims before.

Meanwhile, if LulzSec is worried, it isn’t showing any evidence of it. It’s promising to publish more data it has been given.

Thank you to the supporters who have assisted in leaks. Like @WikiLeaks, our sources remain anonymous. Leak payloads are being decided now.

June 20, 2011 8:41 pm via webReplyRetweetFavorite

@LulzSec

The Lulz Boat

Update: LulzSec is now confirming at least some of the Web Ninja account. In a series of Twitter updates starting about an hour ago, the group said that the person initially identified as Ryan “is not a member of LulzSec,” though the group does acknowledge a connection. See the tweets below, one of which links to a Sky News report that I’ve embedded further down.

Ryan Cleary is not part of LulzSec; we house one of our many legitimate chatrooms on his IRC server, but that’s it. http://t.co/98VflEi

June 21, 2011 11:48 am via webReplyRetweetFavorite

@LulzSec

The Lulz Boat

Clearly the UK police are so desperate to catch us that they’ve gone and arrested someone who is, at best, mildly associated with us. Lame.

June 21, 2011 11:54 am via webReplyRetweetFavorite

@LulzSec

The Lulz Boat

PREVIOUSLY:

• LulzSec And Anonymous Team Up to Hack Governments and Banks
• Viral Video: LulzSec Gets Taiwanesed
• CIA Web Site Goes Down; LulzSec Takes Credit
• LulzSec Blasts Space Game Eve Online, Other Gaming Sites
• LulzSec Strikes Again, Hits Bethesda Softworks And U.S. Senate
• Turkey Arrests 32 Alleged Members of Anonymous, Days After Arrests in Spain
• Web Security Start-Up Cloudflare Gets Buzz, Courtesy of LulzSec Hackers
• No Hacks to Report at Xbox, But Microsoft Isn’t Letting Its Guard Down
• No LulzSec Hackers Have Been Arrested–At Least Not Yet
• LulzSec Posts More Sony Data, Amid Claim One of Them Is Arrested
  LulzSec Strikes Again, Claims Attack On Nintendo Server
  Sony Hacked for What Seems To Be the Umpteenth Time

• Sony’s Playstation Network Is Back. Sony’s Reputation Will Take a Little Longer.
• Exclusive: Sony Considers Offering Reward to Help Catch Hackers
• Anonymous Claims It Took No Credit Card Numbers From Sony
• Sony Implicates Anonymous in Attack; Group Denies Involvement
• Sony Apologizes For the Playstation Network Breach
• Sony Blames PlayStation Outage on “External Intrusion”

All the security attention paid in recent years to securing the Windows desktop and the applications running on it have paid off a little, Cisco found, making it harder for computer scammers to successfully carry off their intended crimes on that platform. The trouble is they’re now starting to focus more attention on mobile devices, including Apple’s iPhone and iPad, and devices running Google’s Android operating system, Cisco said.

Meanwhile, the overall global volume of spam, which often contains troublemaking links that are used to deliver attacks, decreased for the first time ever in 2010. Even so, spam still increased in some developed countries where broadband connections are multiplying. In the United Kingdom, spam volume nearly doubled, while the volume in France went up 115 percent. The U.S. saw a slight decline–11.1 trillion messages down from 11.3 trillion in 2009. Spam in Brazil, China and Turkey also declined. Some of the decline can be attributed to last year’s arrest by FBI agents in Milwaukee of a Russian accused of being the “king of spam,” and to the shutdown of a few botnets used by scammers to send spam.

One thing about Cisco’s report that’s likely to draw some attention is its finding that the raw number of vulnerabilities on Apple products appear to be growing. Apple users are usually pretty sensitive about this topic, and any comparison of the Mac to Windows on the security front tends to make them grind their teeth and pound out annoyed comments on tech blogs. I know because I’ve done the same teeth-grinding and have in the past criticized other reports for similar findings.

Here Cisco is addressing vulnerabilities that Apple has itself documented and patched in software updates. One thing that’s not clear to me–though it sure looks like it–is whether Cisco is combining vulnerabilities found on both iOS (iPhone and iPad) and OS X (the Mac). The data it’s using is from its IntelliShield service, which tracks vulnerabilities and security incidents, and shows that over five years Apple’s vulnerabilities rose, from less than 200 in 2006 to more than 350 in 2010. That rate was higher than Microsoft and Hewlett-Packard and Cisco itself, the report found, though it goes on to say that Apple has worked harder than most other vendors to protect its users. Security is one of the reasons Apple imposes such strict rules on what’s available in the App store, though people still jailbreak their phones.

Another trend Cisco found is something called “money muling.” Tom Gillis, VP and general manager of Cisco’s Security business unit, describes money muling as using unsuspecting people who are attracted by “work at home” spam messages and Web ads to participate in money laundering by moving small amounts of money into bank accounts, just a few thousand dollars at a time. He says the operations around this are becoming increasingly elaborate, and criminals will devote a lot of effort to developing it this year.

I talked with Gillis about the report and other security trends that Cisco found. Here are a few highlights from our conversation:

NewEnterprise: So you’re seeing fewer attacks on Windows and more on mobile devices. Is that simply because there are more of them?

Tom Gillis: It’s the simple fact that there’s this new class of mobile device coming into the enterprise that used to be a phone and now it’s a computer, and it can access enterprise information. So what we’re seeing is that the raw number, but not the severity, is down on Windows. Part of this is that Windows 7 was a very good release on Microsoft’s part from a security standpoint. And we’ve got these new devices coming into the enterprise, and so we’re seeing a shift in focus of attacks on these mobile devices. They’re vulnerable to attack and they’re relevant in the enterprise. Two years ago this would have been too small a population to be meaningful.

What kind of attacks are you seeing?

It varies. In some cases there’s a little “phone home” code in a free gaming app. Pretty gentle stuff so far. But as people start using smartphones to access sensitive information we need to start thinking about security considerations on these devices. There’s a larger theme here that the whole nature of attacks is changing dramatically. The fact that spam volumes dropped at all is a big tell. For 10 years this has only gone up. We’re not forecasting a steady decline in spam, but the fact that it slowed down at all is an indicator of the shift in the way that attackers are using email. The attacks are more targeted and personal, for one thing.

Can’t some of this decrease be attributed to some of the arrests that happened last year?

It can. There’s been a handful of arrests. And they went after not only the botnet operators but other parts of the spam value chain. There are firms and entities that build botnets of compromised machines that relay the spam, and then there are other firms and entities that rent time on those botnets that do the merchandising. The biggest category is selling fake pharmaceuticals. Some of these fake pharma operations were shut down and the people associated with them arrested. It’s not an easy thing to do, because they’re global, they move around, and so to make an arrest in this space is a huge accomplishment.

So what is the thinking now about securing the mobile device?

We think there are two ways to make mobile devices work in the enterprise. The flood of devices into the enterprise is huge, and everyone wants to use them to check their email and access corporate directories and other fundamental things. There needs to be some kind of software on the end point–the phone or device. It will have to be light. You can’t have some kind of antivirus suite running on the phone. It would be a little piece of software that’s on all the time that knows when you’re behind the corporate firewall and when you’re not, and manages your connection accordingly. We bought a company called ScanSafe that has 40 data centers around the world. When you’re outside the firewall it connects to you the nearest data center and enforces your corporate policies, but all you as the user know is that it just works. This notion of being on or off the corporate network goes away. And we can do all kinds of scanning for security, independent of the device that’s being used.

This year we also saw the Stuxnet attacks, which we now know for certain were carried out against the Iranian nuclear program. Clearly this is a new kind of attack that can be mounted against industrial control systems via computer networks. Is Cisco researching this?

Massively. Often these types of attacks are targeted against Cisco’s biggest enterprise customers. Who buys Cisco’s infrastructure? The biggest banks in the world, the defense contractors. If the goal of an attacker is to disrupt an economy, their targets will be our customers, and they’re demanding a response from us. I like to call it global threat correlation, but it comes down to taking huge samples of network traffic and picking out good traffic from the bad. Cisco has a good advantage here because our equipment is so widely deployed around the world. As we start measuring traffic we can develop reputation data on every publicly routable IP address on the Internet. As we start putting telemetry info into that equipment–and the customer can choose to enable it or not, and it’s turned off by default. But people turn it on because it helps them against the unknown kind of attacks that are popping up. If a Web server says its a Web server, but you just saw it sending spam three minutes ago, there’s a pretty good chance it’s part of a botnet. Once you know that you know that, you can start to mount a pretty good defense. We’re putting a lot of energy into developing that, and it’s proven to be pretty robust.

The latest to be arrested is Winifred Jiau, 43, of Fremont, Calif. Like others charged or arrested on Dec. 16, she has ties to Primary Global Research. She’s accused of providing inside information to Primary Global clients who were portfolio managers at hedge funds of Nvidia and Marvell Technology during a period from 2006 to 2008. Prosecutors say she collected $200,000 during that time. She’s facing charges of conspiracy and securities fraud.

In August of 2008, the complaint says, she provided managers of two hedge funds with detailed numbers for quarterly revenues, per-share earnings and gross margins for the quarter ending that month. The complaint says that in the conversations she made it clear she had obtained the information directly from an employee of Marvell. The funds in question–they were not named in the complaint–allegedly made $820,000 on trades from the information.

On Aug. 8, 2008, the complaint says, Jiau provided the hedge fund managers with an early look at Nvidia’s quarterly revenue and told them it planned to announce a stock buyback, which it did four days later.

I’ve embedded the complaint below.

Jiau, Winifred Complaint

However, we’re starting to get more information about how the McDonald’s incident appears connected to hacking incidents at other sites. Chicago Business is reporting that the company responsible for McDonald’s email marketing is Silverpop Systems, and that it had been operating under a subcontract from Chicago-based Arc Worldwide.

So who else is a customer of Silverpop? Yesterday I received an email from someone who’s a customer of deviantArt, a social network where artists share their creations. DeviantArt has a base of 13 million users. Got an account there? You’d better change any passwords that overlap with other sites. The site advised customers that their accounts were compromised, and blamed Silverpop.

It could extend much further yet. Silverpop has more than 100 clients, and not all of them are publicly disclosed, though here are a few, found on its client quotes page and its case studies page: Stamps.com, Pitney Bowes/Mapinfo, Encyclopedia Britannica, Santander Consumer Finance and watchmaker Fossil. There’s no word how any of those other companies are affected, if at all.

Silverpop CEO Bill Nussey said in a blog message to customers that the FBI is investigating the incident, and that only a small percentage of Silverpop customers have been affected. He also said that Silverpop was “among several technology providers targeted as part of a broader cyber attack.” Stacy Kirk, a Silverpop spokeswoman, wouldn’t say anything beyond what’s in Nussey’s message.

I’m beginning to wonder if there’s some indirect connection between what happened to Silverpop and what happened to Gawker. I’m speculating here, but it’s no stretch of the imagination that numbering among deviantArt’s 13 million users are some of the 1.5 million people whose accounts were compromised in the Gawkergate affair. And the FBI is investigating both. Thomas Plunkett, Gawker’s technology chief, told me by email that there’s no evidence of a connection. Then again, as Business Insider tells it, he hasn’t yet had his meeting with the FBI.

Maybe I’m looking for connections that aren’t really there, but it’s really not hard to see how the breach at Gawker could turn out be the start of a domino effect that’s much larger than anyone has yet realized. There certainly is a lot of grumbling about changing passwords today.

If you know more more about any of this, get in touch!

Below is the email to deviantArt users.

From: deviantART.com (address deleted)
Date: Mon, Dec 13, 2010 at 5:54 AM
Subject: RE: Email Notice

Silverpop Systems, Inc., a leading marketing company that sends email messages for its clients, told us that information was taken from its servers. This was probably part of a sweep by spammers. As a result, email addresses belonging to deviantART members were copied. Corresponding usernames and birth date may also have been removed.

We can assure you that nothing occurred on our systems with respect to this incident and no access was gained to private information on deviantART’s servers.

As a member of deviantART, you certainly have a right to know when an incident of this kind occurs. Unfortunately spammers are an unavoidable part of living on the Web.

The likely result of this event might be an increase in spam to your email. Experts have told us that there is an increase in email scams out there on the Internet and you should be cautious. Only click links or download attachments from people you know, particularly if they ask for personal information, and be sure that your email service provider has adequate spam filters.

Because we value the information that members give us, we have decided not to rely on the services of Silverpop in the future and their servers will no longer hold any data from us.

The firm’s clients include several prominent Internet companies, including Yahoo, social gaming giant Zynga, Myspace (a unit of News Corp., parent of this Web site) and Cablevision.

Granick gained a reputation as a lawyer willing to defend accused computer hackers. Her clients have included the hacker-turned-journalist Kevin Poulsen. I wrote this profile of her for Forbes.com in 2000, describing her as the person you might call if your day begins with an FBI raid.

About the same time, she gave a heavily attended talk on “Hacking and the Law” at the DEF CON 8 hacker conference in Las Vegas. She went on to become executive director at Stanford University’s Center for Internet and Society. She also taught at Stanford.

I caught up with her yesterday, and she said part of her role will be to help establish ZwillGen’s office in San Francisco. The firm has been adding legal talent at a rapid clip. In June it added three lawyers: Elizabeth Banker, a former associate general counsel at Yahoo; Bart Huff, a former assistant United States attorney in Chicago with a history of prosecuting computer crime; and Leota Bates, a former associate at Perkins Coie in Washington, D.C. Granick is the firm’s eighth attorney.

Will she still have time to take calls from hackers staring down FBI agents? “I think I’ll still be able to do that,” she said. “They wanted me because of my experience and because of who I’ve represented.”

“The FBI is executing court-authorized search warrants in an ongoing investigation,” said Richard Kolko, an FBI spokesman, who declined to comment further.

Both hedge funds are run by former managers of Steve Cohen’s SAC Capital Advisors. Level Global Investors LP is a Greenwich, Conn., hedge-fund firm run by David Ganek, a former SAC Capital trader and art collector. He started Level Global in 2003 and earlier this year reported managing about $4 billion in assets.

Read the rest of this post on the original site

A spokesman for prosecutors in Bonn, where Deutsche Telekom is based, said the office opened the inquiry after reviewing documents provided by the U.S. Securities and Exchange Commission, Federal Bureau of Investigation and Justice Department earlier this year.

U.S. officials have been investigating the company’s activities in the Balkans since 2006 and had asked German prosecutors to assist by collecting witness testimony in Germany.

German prosecutors searched Mr. Obermann’s office and one of his two homes on Aug. 31, said Manfred Balz, Deutsche Telekom’s management board member responsible for compliance, at a news conference Wednesday. The search included computers and documents belonging to Mr. Obermann and to employees who haven’t been named as suspects.

Read the rest of this post on the original site

The number of identity-theft victims in the U.S. jumped 12 percent to 11.1 million in 2009, according to research company Javelin Strategy & Research. Fraud cases reported to the Internet Crime Complaint Center, which is partly run by the Federal Bureau of Investigation, climbed 23 percent to 336,655 last year.

Information that people inadvertently make public on sites like Facebook plays a role. So too do the sort of technical exploits demonstrated by the group that recently exposed a flaw in AT&T Inc.’s (T) website.

But in many cases, finding social-security and credit-card numbers or medical records on the Internet doesn’t require computer expertise. Instead, such information is accessible to anyone who knows where to look.

Read the rest of this post on the original site

This week, Google (GOOG) complained that Apple’s new rules on sharing iPhone and iPad user data with advertisers unfairly advantages the company’s own iAd service over rivals like Google’s AdMob–and the government is reportedly looking into the issue. There’s also continued grumbling over the company’s decision not to support the Adobe (ADBE) Flash standard on the iPhone/iPad platform, and the Feds are apparently looking at that issue, as well.

Stifel Nicloas analyst Rebecca Arbogast reviewed the situation in a research note this morning, and finds that Apple has justifications in both cases that support its policies.

Read the rest of this post on the original site

“We can confirm that Gawker Media was contacted by the FBI earlier today and issued a formal preservation notice,” Valleywag said in its post.

Gawker Media publicized the incident Wednesday after being contacted by a small group of computer experts calling itself Goatse Security. The group said it discovered the flaw, explaining that it was able to find the email addresses by guessing numbers that identify iPads connected to AT&T’s mobile network. The group said it uncovered 114,000 email addresses, including those of prominent officials in companies, politics and the military.

Read the rest of this post on the original site