Information Security

Modern Age Terrorism

Albert Gonzalez  -Man behind the attacks in TJX ,Heart Land Payment arrested


Albert Gonzalez  is a computer criminal who is accused of masterminding the combined credit card theft and subsequent reselling of more than 170 million card and ATM numbers from 2005 through 2007—the biggest such fraud in history.  Gonzalez was sentenced to 20 years in federal prison. He is scheduled for release in 2025.

 Authors of Maribosa Botnet arrested

2_ButterFlyMatjaz Skorjanc & Florencio Carro Ruiz are authors of Maribosa arrested. Maribosa a bot also known as butterfly bot infected close to 13 million pc and designed to steal password, Credit card and bank credentials.

Hamza Bendelladj –man behind the Zeus Botnet arrested

3_bx1Hamza Bendelladj, 24 Years old operated in the nick name of bx1 in Underground.

Hamza BendelladjHe was arrested by police in Thailand. As it turns out, the man might be one of the ZeuS botmasters named by Microsoft in the lawsuit the company filed last year

Paunch – author of Black hole exploit kit arrested 

Paunch CompleteBlack Hole a leading Exploit kit .This is a web application based on php and MySQL .It exploits the known bug in connecting pc, thereby giving option to control the victim pc…

It is easy to be a cyber-terrorist. These modern age terrorist can be script kiddies who just need to spend few dollars .The only requirement for them is Goal. Once they know what their Goal, there is a way to achieve it.

It used to be set of hackers meet in virtual bar in forum and discuss about their recent findings and work hard to find a bug and exploit some or large unknown entity with no expectation in return.

There are some security research organization who tries(trying) to restrict their exploit findings only to Government , Security Organization, Fortune 500 and Research Organization  – Like Vupen ,Netragaurd,Endgame

Vupen Site Zero DayTeam of Researchers from VUPEN participated in Google competition some time in last year, where they were able to successfully bypass the Google Chrome security and declined to take award of $60K USD. They mentioned “We wouldn’t share this with Google for even $1 million” “We don’t want to give them any knowledge that can help them in fixing this exploit or similar exploits. We want to keep this for our customers”

Vupen sell it is exploits only to Trusted entities , they claim they add by identifying new exploits monthly basis in leading desktop application, document readers,browsers.VUPEN subscription fee in the range of $100k + per year .

Hackers becoming Entrepreneur by developing and selling exploit to large number of unknown entities …It is sold at throw away price with lots of fancy claims. These tools contain many options including settings to evade set of leading AV protections. It is sold at throw away price with lots of fancy claims. These tools contain options to evade set of leading AV security settings.

Tool1These tools are offered along with free life time support!!!!

pic3The hackers are looking for partnership to increase their revenue

Bot PartnershipThese growing cyber terrorism influences the customers not just invest on Security Technologies alone, it also demands creating security awareness to their employees.

Reference :


The views and opinions expressed on this blog are 100 % my  own , and it is not my past /present employers . If you have any difference of opinion please post your comments , I will respond to your comments as soon as possible.