Attacks/Breaches

2/12/2016
11:22 AM
50%
50%

Man Admits To Laundering $19.6 Million in Hacking, Telecom Fraud Scam

Hacking increasingly being used as a way to enhance a variety of other criminal endeavors.

Thursday, a man admitted laundering over $19.6 million, in support of a massive international computer hacking and telecommunications fraud scheme.

Pakistani citizen Muhammad Sohail Qasmani, 47, formerly of Bangkok, Thailand, pleaded guilty before a US judge to one count of conspiracy to commit wire fraud.

According to court files, hackers first compromised businesses' PBX systems -- the computer systems that run internal telephone systems of the businesses. They would then identify unused extensions, reprogram them so they could be used to make long distance phone calls charged back to the victim business.

The hacked phones were then used to make calls to phony premium telephone numbers -- essentially recordings made to sound like the voicemail messages or prompts of phone sex, psychic hotlines, and other services that charge per-minute.

Qasmani laundered and transmitted money to approximately 650 individuals involved in the scheme over four years. If convicted, the maximum sentence is 20 years in prison and a $250,000 fine.

Hacking is being used to support other kinds of criminal enterprises more often.

In November, unsealed court documents revealed that the attackers behind the massive JP Morgan Chase breach that exposed data on 83 million customers were actually, "using hacking to support a diverse criminal conglomerate," according to the U.S. Attorney. The ringleaders were using cyber-espionage and data breaches to commit and enhance their securities fraud, illegal gambling, illegal Bitcoin exchange, and illegal payment processing operations. 

Interop 2016 Las VegasFind out more about security and cybercrime at Interop 2016, May 2-6, at the Mandalay Bay Convention Center, Las Vegas. Register today and receive an early bird discount of $200.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writer,  6/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12697
PUBLISHED: 2018-06-23
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.
CVE-2018-12698
PUBLISHED: 2018-06-23
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump.
CVE-2018-12699
PUBLISHED: 2018-06-23
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.
CVE-2018-12700
PUBLISHED: 2018-06-23
A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.
CVE-2018-11560
PUBLISHED: 2018-06-23
The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100.