Vulnerabilities / Threats

8/9/2017
02:15 PM
50%
50%

Two Iranians Face Charges for Computer Hacking, Credit Card Fraud

Federal prosecutors charged two Iranian nationals with identity theft and use of stolen credit card numbers as well as threatening to expose the breach to one of the victim's customers.

Two Iranian nationals were hit with criminal charges involving identity theft and pilfering credit card information after allegedly hacking into computers of online merchants and stealing their customers' personal and credit card account information, the US Department of Justice announced.

Arash Amiri Abedian, 31, and Danial Jeloudar, 27, were charged with aggravated identity theft, wire fraud, criminal conspiracy, and other charges.

Federal prosecutors say the two defendants were living in the Islamic Republic of Iran in October 2007 when they allegedly conspired to hack into victims' computers to steal credit card and personal information.

The two men used malware to hack into the merchants' systems and pilfer the credit card and personal information. They used the stolen information to purchase goods and services between 2011 to 2016, the DOJ alleges. Then in January, Jeloudar allegedly contacted one of the breached merchants and threatened to release all of the merchant's customers' credit card and personal information unless the merchant paid a blackmail fee in Bitcoins, the DOJ states.

Read more about the case here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
AliM062
50%
50%
AliM062,
User Rank: Apprentice
3/26/2018 | 11:12:55 PM
Re: Enforcement
where exactly will they need to be extradited to when US and Iran have no extradition agreement?

As far as it goes they are safe and well in Iran (teaching programming believe it or not) while on FBI's wanted list!
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
8/10/2017 | 7:18:00 AM
Enforcement
Is the DoJ looking for extradition or what are the sought after terms of disciplinary action?
Russia Hacked Clinton's Computers Five Hours After Trump's Call
Robert Lemos, Technology Journalist/Data Researcher,  4/19/2019
Tips for the Aftermath of a Cyberattack
Kelly Sheridan, Staff Editor, Dark Reading,  4/17/2019
Why We Need a 'Cleaner Internet'
Darren Anstee, Chief Technology Officer at Arbor Networks,  4/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-11498
PUBLISHED: 2019-04-24
WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file that lacks valid sample-rate data.
CVE-2019-11490
PUBLISHED: 2019-04-24
An issue was discovered in Npcap 0.992. Sending a malformed .pcap file with the loopback adapter using either pcap_sendqueue_queue() or pcap_sendqueue_transmit() results in kernel pool corruption. This could lead to arbitrary code executing inside the Windows kernel and allow escalation of privilege...
CVE-2019-11486
PUBLISHED: 2019-04-23
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
CVE-2019-11487
PUBLISHED: 2019-04-23
The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hu...
CVE-2018-7576
PUBLISHED: 2019-04-23
Google TensorFlow 1.6.x and earlier is affected by: Null Pointer Dereference. The type of exploitation is: context-dependent.