Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

2/12/2016
11:22 AM
50%
50%

Man Admits To Laundering $19.6 Million in Hacking, Telecom Fraud Scam

Hacking increasingly being used as a way to enhance a variety of other criminal endeavors.

Thursday, a man admitted laundering over $19.6 million, in support of a massive international computer hacking and telecommunications fraud scheme.

Pakistani citizen Muhammad Sohail Qasmani, 47, formerly of Bangkok, Thailand, pleaded guilty before a US judge to one count of conspiracy to commit wire fraud.

According to court files, hackers first compromised businesses' PBX systems -- the computer systems that run internal telephone systems of the businesses. They would then identify unused extensions, reprogram them so they could be used to make long distance phone calls charged back to the victim business.

The hacked phones were then used to make calls to phony premium telephone numbers -- essentially recordings made to sound like the voicemail messages or prompts of phone sex, psychic hotlines, and other services that charge per-minute.

Qasmani laundered and transmitted money to approximately 650 individuals involved in the scheme over four years. If convicted, the maximum sentence is 20 years in prison and a $250,000 fine.

Hacking is being used to support other kinds of criminal enterprises more often.

In November, unsealed court documents revealed that the attackers behind the massive JP Morgan Chase breach that exposed data on 83 million customers were actually, "using hacking to support a diverse criminal conglomerate," according to the U.S. Attorney. The ringleaders were using cyber-espionage and data breaches to commit and enhance their securities fraud, illegal gambling, illegal Bitcoin exchange, and illegal payment processing operations. 

Interop 2016 Las VegasFind out more about security and cybercrime at Interop 2016, May 2-6, at the Mandalay Bay Convention Center, Las Vegas. Register today and receive an early bird discount of $200.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why AI Will Create Far More Jobs Than It Replaces
John DiLullo, CEO, Lastline,  5/14/2019
97% of Americans Can't Ace a Basic Security Test
Steve Zurier, Contributing Writer,  5/20/2019
Baltimore Ransomware Attack Takes Strange Twist
Kelly Jackson Higgins, Executive Editor at Dark Reading,  5/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-12216
PUBLISHED: 2019-05-20
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a heap-based buffer overflow in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.
CVE-2019-12217
PUBLISHED: 2019-05-20
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_read function in file/SDL_rwops.c.
CVE-2019-12218
PUBLISHED: 2019-05-20
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.
CVE-2019-12219
PUBLISHED: 2019-05-20
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an invalid free error in the SDL function SDL_SetError_REAL at SDL_error.c.
CVE-2019-12220
PUBLISHED: 2019-05-20
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an out-of-bounds read in the SDL function SDL_FreePalette_REAL at video/SDL_pixels.c.