NewsBits for January 29, 2004 sponsored by, Southeast Cybercrime Institute - ************************************************************ Microsoft offers reward for MyDoom.B leads Microsoft announced on Thursday that it will offer $250,000 for information leading to the capture and conviction of the individual or group responsible for the release of MyDoom.b. The original MyDoom virus started spreading on Monday and quickly swamped the Internet. The variant MyDoom.B appeared on Wednesday and, among other things, prevents an infected PC from accessing some Microsoft Web sites and targets Microsoft's main Web site with a denial-of-service attack due to start on Feb. 1. Mydoom Virus Variant Targets Microsoft Site Mydoom, the worst e-mail virus since the SoBig worm in August, has spawned a second strain, dubbed Mydoom.B, that is programmed to attack Microsoft Corp.'s website. Mydoom.B spreads an e-mail attachment that, once activated, will send waves of information requests to the Microsoft website in an attempt to shut it down, said Tony Magallanez, an engineer with security software maker F-Secure.,1,7290495.story MyDoom Net Worm Spreads as Attack Countdown Begins Security experts warned on Thursday the fast-spreading MyDoom virus would plague e-mail users for some time as it counts down to a mammoth digital attack next week on Microsoft and software firm SCO Group Inc. Yahoo says goodbye to certain subject lines In an attempt to thwart the MyDoom virus, Yahoo will block messages with suspect subject lines, including 'hi' and 'hello'. Yahoo has announced it will reject messages with certain subject lines to combat delays incurred due to the MyDoom virus.,39020369,39144956,00.htm MyDoom prevention and cure - - - - - - - - - - Dutch police arrest 52 email scammers Dutch police have arrested 52 Nigerian email scammers at 23 locations in Amsterdam in what is believed to be the biggest raid of its kind. Several PCs, mobile phones, false documents and 50,000 in cash were confiscated. Dutch police believes the criminals sent 100,000 messages to victims in Japan and the USA. More arrests may follow. - - - - - - - - - - Ex-Microsoft employee sentenced to prison A former employee of Microsoft was sentenced on Wednesday to 21 months in prison for obtaining software meant for corporate use and selling it for personal profit, local authorities said. Wilson Delancy, 36, was ordered to pay more than $4 million in restitution to the world's largest software maker for buying stolen software from another former employee, Kori Robin Brown, in order to sell it for personal gain, John McKay, U.S. Attorney for the Western District of Washington, said in a statement. - - - - - - - - - - Engineer held for harassing woman colleague According to the police, Jain sent obscene mails to the victim, used her e-mail account to send sleazy mails to her colleagues and even physically assaulted her in a market in Punjabi Bagh. According to the police, Jain wanted to marry the victim and he had started misbehaving with her after she rejected his offer of marriage. - - - - - - - - - - Hackers may have gotten personal info for 20,000 Federal and state authorities are investigating whether hackers gained access to Social Security and credit card numbers for at least 20,000 University of Georgia students and applicants, officials said Thursday. So far, there has been no sign that the hackers used any of the information, school spokesman Tom Jackson said. The university learned of the breach last week when it was notified that its server was being used to probe other computers in the United States and abroad, the university said. The server was immediately taken offline. - - - - - - - - - - 2 men accused of trading online child sex images A 58-year-old Milwaukee man and a 32-year-old Beaver Dam man made court appearances Wednesday on child sex abuse charges springing from a multiple-agency investigation that followed a thread from Michigan. Both men, arrested Friday, are alleged to have sexually assaulted children, recorded the abuse on camera and to have traded the images with a Detroit man arrested in a separate investigation. The investigation, which centers on graphic sexual images of children traded via the Internet, also led to the arrest of a 55- year-old Illinois manon child pornography charges. - - - - - - - - - - 2 Bay City teens charged with CSC Two Bay City teenagers have been arrested and charged with criminal sexual conduct. It's a case police discovered when pictures of one of the alleged victims appeared on the Internet. ABC12's Terry Camp had more on the story. Police say the victims in this case are four juvenile girls, ages 13 to 15. One of them came to police when she found pictures of her on the World Wide Web. - - - - - - - - - - Man Charged With Soliciting Sex With A Minor Via The Internet A Cincinnati man has been charged with trying to solicit sex from what he thought was a 14-year-old girl. The Xenia Police Internet Child Protection Unit arrested Kurt Burg Monday at a restaurant in Xenia when he came to meet the "girl" for sex. Burg thought he was meeting a teenage girl but it was a police officer. The 22-year-old chatted with detectives over the Internet three times since last Tuesday and had arranged the meeting for Monday. Burg was arraigned Tuesday on two counts of attempted unlawful sexual conduct and felony importuning. - - - - - - - - - - Early Mimail gets the worm While attention is focused worldwide on MyDoom, another version of the venerable Mimail worm has resurfaced. And Inor-C (aka Dumaru) is not far behind. Mimail-M following the family pattern, by phishing for banking details. It saves an HTML script as the file c:\ms.hta, which will ask you for your credit card number, its expiry date and PIN. - - - - - - - - - - Cyber alerts are phishing magnet, says Senator Senator Chuck Schumer has described the Department of Homeland Security's new 'cyber alerts' as a magnet for phishing expeditions and virus writers. On Wednesday the Department sprang into action and issued its first Cyber Alert - warning users of the "SCObig" virus that had been causing havoc with email systems since Sunday afternoon. Cyber Alert system catches on - - - - - - - - - - Ashcroft says surveillance powers should stand The Bush administration is warning Congress not to tinker with the Internet surveillance powers that the Patriot Act awarded to federal police. In a four-page letter to the Senate on Thursday, Attorney General John Ashcroft said that defanging the controversial law, which has been criticized by every major Democratic presidential contender, would "undermine our ongoing campaign to detect and prevent catastrophic terrorist attacks." Were Congress to vote to amend the Patriot Act, Ashcroft indicated, President Bush would veto the bill. - - - - - - - - - - FTC eyes network operators in spam battle The U.S. government is e-mailing out advice to network administrators: Secure your servers. Starting Thursday, the Federal Trade Commission and its counterparts in 26 other nations began sending e-mail to tens of thousands of people believed to be responsible for open relays and open proxies that spammers use as broadcast points for massive amounts of junk mail. - - - - - - - - - - Court may bare reports on Interior IT problems The public may get a look at sanitized reports about the Interior Departments IT security problems, as a result of an order by a federal judge overseeing lengthy litigation over American Indian trust funds. Similar contractor reports on Interiors IT security problems, unsealed by court order in December 2001, painted a bleak picture of vulnerable systems). - - - - - - - - - - Group rips banks' privacy policies A majority of financial institutions that operate in California do not give customers enough control over how their personal information is shared or sold, a consumer group charged Wednesday. - - - - - - - - - - Comcast targets Internet `abusers' but won't reveal limits By all accounts, George Nussbaum demands a lot from his Internet connection. He streams video and transfers large files from his office. His family downloads movie trailers and his stepson listens to and buys music online. Nussbaum subscribes to his cable TV provider's high-speed Internet service, which, he thought, was built for such high-bandwidth activities. Then, in November, he got a letter from the provider, Comcast Corp., ordering him to dial down his usage or face service termination. Until last summer, the service was advertised as "unlimited." - - - - - - - - - - Warner Bros. Gets Tough on Piracy Warner Bros. film studio has sued several people, including a Hollywood actor, who it alleges made illegal digital copies of movies and distributed them on the Internet, court papers show. A lawsuit filed by Time Warner unit Warner Bros. on Wednesday in U.S. District Court in Los Angeles, claims actor Carmine Caridi received "screener" copies of films The Last Samurai and Mystic River and gave them to Illinois electrician Russell Sprague, who then made digital versions and placed them on the Internet.,1412,62102,00.html - - - - - - - - - - Vital e-crime evidence often destroyed Companies that fall victim to computer crime may be inadvertently destroying evidence in their efforts to find the perpetrators. Detective Chief Superintendent Len Hynds, of the National High Tech Crime Unit (NHTCU), said that its Confidentiality Charter, launched in December 2002, was encouraging more businesses than ever to report computer crime. - - - - - - - - - - Needed: An RIAA for Porn Internet piracy has devastated the music business, threatened the movie industry and may now undercut one of the most successful corners of the web: pornography. A California publisher of a pornographic magazine and website sued Visa, MasterCard and other financial institutions Wednesday, saying they facilitated the illegal sale of pirated sex images flooding the Internet.,1412,62100,00.html - - - - - - - - - - Opportunities for Wi-Fi hackers on increase IT managers doing sterling job but back doors remain. IT managers are catching up to the dangers of Wi-Fi, but opportunities for drive-by hackers in London may actually be increasing. New wireless LANs are popping up very fast and many of them are insecure "rogue" access points. - - - - - - - - - - Demand grows for government-only computer network They said it could not, and should not, be done. A call made after Sept. 11, 2001, for a closed government intranet, impenetrable to outside cyber attacks, withered after experts balked at the potential cost and said it would not include key non-federal players in the event of an attack. - - - - - - - - - - Spam Travels Into Gray Area No sooner did the U.S. Can-Spam antispam law go into effect than spammers got to work exploiting its loopholes and gray areas, an e-mail-filtering company said Tuesday. Representatives of United Kingdom-based SurfControl said that while 19 out of 20 spammers are ignoring the law completely, SurfControl researchers have observed some spammers adjusting their tactics to give at least the impression of compliance.,1282,62087,00.html - - - - - - - - - - Anti-virus companies: tenacious spammers Opinion: No one can argue that the spam problem is getting better. Despite advances in anti-spam technology and legislation against spam, unwanted junk mail is flowing into our inboxes at an increased rate. Stock tips, enhancement drugs, Nigerian scams, DVD copy software and hundreds of other products or services get shoved in our face. - - - - - - - - - - Computer virus experts may learn from disease A worst-case disease for humans would have 100 percent chance of transmission, zero incubation time, and leave the host infectious for a long period. Few, if any, biological diseases come close to that description, but many computer viruses do, said Daniel Geer, chief scientist at security firm Verdasys. - - - - - - - - - - EBay, PayPal and the Fufus furniture fiasco The locked shipping container sitting in a police storage yard in Long Beach, Calif., isnt an obvious icon for the risks of the global Internet economy, but it succinctly symbolizes the predicament that dozens of American antique collectors have been trapped in since their online purchases of Chinese furniture ran into heavy seas nearly 2 1/2 months ago. - - - - - - - - - - New border tracking program has yet to net terrorists A new visa system at the nation's borders is catching more immigration violators and criminals, but it has yet to uncover anyone suspected of terrorism-related activities, according to homeland security officials. Critics say the U.S. Visitor and Immigrant Status Indicator Technology (US VISIT) program is stretching thin an already overloaded border workforce and and does not appear, at least in the early stages, to be making the country safer from potential terrorists. - - - - - - - - - - Fla. police radio in the home stretch Florida's Statewide Law Enforcement Radio System (SLERS) is entering its final phase to provide a single communications network for the 13 agencies involved in enforcement, officials said today. *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2004,, Campbell, CA.