Security Watch

Mobile Mayhem

Google Inc. has removed close to 60 malicious apps from its Android Market for smartphones, CNET reported in a March 6 story. The apps affected phones that run on Android operating system versions earlier than 2.2.2. About 260,000 users downloaded the apps, CNET reported.

Google reportedly said that the malware searched for the unique identifying numbers of the phones, as well as the version of Android the phones were running. Many mobile banking customers use Android phones.

The apps were corrupted versions of products from legitimate developers, and the malware was configured to run during nighttime hours when users were most likely to be asleep, so they would not notice any unusual activity, The Wall Street Journal reported Tuesday.

A separate piece of malware called DroidDream, which hides in pirated apps, can download more code and do significant damage to phones, CNET reported.

Google also said it had removed the bad apps from the Android Market, The Wall Street Journal reported.

Ghost Busted

Four people who ran what was reportedly the largest English-language criminal ring for selling credit card data and tools for stealing such data have been sentenced to a combined total of 15 years in prison in the U.K., PC World reported March 4.

The criminals ran a site called the GhostMarket Forum, which had more than 8,000 members involved in selling Zeus malware, manufacturing the drug crystal meth and bomb-making, among other schemes.

Police said the marketplace was a "full-service cyber crime forum" that sold passwords and PINs for PayPal Inc. accounts, Social Security numbers, phishing kits, and details on website and server vulnerabilities.

Police found more than 130,000 credit card numbers on the criminals' hard drives. The ringleaders pleaded guilty to computer misuse and fraud; they were sentenced in London.

WordPressed

The free, popular blogging website WordPress was shuttered by a distributed Denial of Service attack twice in the course of a week, CNET reported. DDOS attacks have been responsible for darkening a number of consumer sites in recent months, including Rabobank Group in the Netherlands in late February.

CNET reported late last week WordPress founder Matt Mullenweg said the attacks may have been politically motivated, and they were launched initially against blogs that were not in English.

DDOS attacks are accomplished by hackers hijacking thousands of consumer computers and turning them into botnets that, on command, inundate targeted websites with requests, ultimately forcing the sites offline.

Ivy League

The Federal Trade Commission has shut down a company that reportedly sold fraudulent Internet business development plans to people hoping to set up business websites, the L.A. Times reported March 6. The company, Ivy Capital Inc., of Nevada, and 29 others are accused of bilking consumers out of $40 million, primarily charged to their credit cards.

The complaint filed by the FTC says Ivy and the other defendants have been involved in fraudulent sales since at least 2007.

According to the complaint, filed in the U.S. District Court of Nevada, Ivy representatives used high-pressure sales tactics to sell services, for which consumers were charged between $2,000 and $20,000. The complaint alleges Ivy promised customers between $3,000 and $10,000 a month in sales, but the coaching and advice offered were reportedly inept, and the support offered for website design, and from certified public accountants and lawyers for tax and legal questions, did not exist.

The complaint also alleges that Ivy failed to make clear its refund policy, and that in many cases the company did not refund any money when its policy said it should have.

Security Watch is a weekly roundup of news and developments in data security and their impact on financial services companies.
Please e-mail us any comments, ideas, and suggestions about this column.