[SecurityRatty] tag: underworld

How America may be funding the Mafia in Japan.

Sun, 11 May 2008 21:15:00 +0000

Those of us who may have thought of Japan as a country of respectful, law-abiding peaceful citizens, would do well to think again.

In a Washington Post article titled: "The Mob is Big in Japan", the writer, Jake Adelstein paints a far different picture. Mr. Adelstein has spent the past 15 years covering the Mafia (Yakuza) as a crime reporter for Japan's largest newspaper, the Yomiuri Shimbun. He has been so relentless in his reporting, that his life and that of his family are now in danger.

Apparently, Mobs are legal entities there and they have "fan magazines" and comic books. The Japanese National Police Agency (NPA)estimates that the yakuza has nearly 80,000 members. Police say that in Tokyo alone, there are more than 800 yakuza "front companies" in industries such as: investment and auditing firms, construction companies and pastry shops. Disturbingly, it is reported that the mobsters have even opened their own bank in California.

In more recent times, the yakuza have moved into finance. Japan's Securities and Exchange Surveillance Commission know of more than 50 listed companies with ties to the underworld. U.S. investors have invested billions of dollars in the Japanese stock market. How much of that is going towards funding the Japanese Mob? To add further insult to injury, the yakuza makes much of their ill-gotten profits from child pornography. Want to hear something revolting? Owning child porn in Japan is LEGAL.

Investigation firms such as ours constantly advise clients to do their due diligence. How would you like to enter into a business agreement with a Japanese company and later find out that they were a front company for drug runners and child porn peddlers? Remember, you can't always rely on a government to tell you who the bad guys are and they don't always wear black hats.

Know what you are getting into and if it is a deal worth pursuing, hire somebody to conduct a thorough investigation or send over a member of your staff to check them out fully and avoid having your reputation damaged down the road.

Hackers Holy Grail - Redefined by Microsoft

Tue, 29 Apr 2008 12:53:42 +0000

Countdown to Black-Hat COFEE Device Begins !

The Seattle Times is reporting today that Microsoft has developed the ultimate hacker tool for Windows. Of course, MS doesn’t consider it a hacker tool, they describe it as a computer forensics tool. Here is a quote from the article:

The COFEE, which stands for Computer Online Forensic Evidence Extractor, is a USB “thumb drive” that was quietly distributed to a handful of law-enforcement agencies last June. Microsoft General Counsel Brad Smith described its use to the 350 law-enforcement experts attending a company conference Monday.

The device contains 150 commands that can dramatically cut the time it takes to gather digital evidence, which is becoming more important in real-world crime, as well as cybercrime. It can decrypt passwords and analyze a computer’s Internet activity, as well as data stored in the computer.

It also eliminates the need to seize a computer itself, which typically involves disconnecting from a network, turning off the power and potentially losing data. Instead, the investigator can scan for evidence on site.

Of course, on the one hand MS has developed a forensic tool for use by authorized law enforcement agents. They have also produced a compelling proof of concept that their operating system’s security can be soundly defeated anytime an attacker has physical access. And they have also created a treasure trove of exploits to be reverse engineered.

It is well documented that cybercrime is not only big business, but that it is highly organized. The fact that, in the cybercrime underworld, there are markets for stolen data, toolkits (such as the Rock Phish Kit), and services (such as renting time on Botnets) is a strong demonstration of how organized (and profitable) cybercrime is. Microsoft has now defined a new Holy Grail for those organizations to pursue. The CSI/FBI computer crime report consistently demonstrates how significant the Insider Threat is, and clones of the COFEE will make those individuals that much more dangerous.

Also, the reverse engineering of one of these devices would certainly be of great value to the black hat community, and do potentially long term harm to desktop security. The fact that there are 150 exploit functions on the device written by Microsoft’s own, with their privileged knowledge, makes this device worth its weight in gold (or perhaps plutonium).

Given the number of governments that have been accused of either participating with or shielding cyber criminals, it is only a matter of time before these devices are reverse engineered and duplicated. Of course, it may not be necessary for the black hat community to acquire one to reverse engineer it. Many countries require public documentation of how evidence is collected and preserved. So it may only be a matter of time before Microsoft finds itself providing direct testimony, as other forensic product companies have done, on the exact workings of COFEE.

- Erik

Art of Information Security would love your feedback !

Hacker’s Holy Grail - Redefined by Microsoft…

The Cybercrime Arms Race

Tue, 19 Feb 2008 11:00:00 +0000

(Source: Kaspersky Labs) Sophisticated groups are leading underworld efforts into cybercrime, creating viruses, spyware, Trojans, worms and other malware. These groups now even provide complementary criminal services to their clients helping them to outsmart Internet security providers and users. With little or no investment, there's plenty of payback for cybercrime perpetrators at every level of this ecosystem. Download this whitepaper to learn more.

Botnet Evolution

Thu, 14 Feb 2008 08:44:29 +0000

Some Botnet army commanders are not deterred by efforts to block traditional command-and-control pathways or take no for answer. This has resulted in two new bot distribution approaches from our friends in the cyber-underworld.