SpyEye Banking Trojan Developer pleads guilty

Aleksandr Andreevich Panin

Source: thehackersnews
A Russian man has pleaded guilty to conspiracy charges in a federal court in Atlanta on Tuesday for developing and distributing a malicious banking malware ‘SpyEye’ that infected more than 1.4 million computers worldwide since 2009. Aleksandr Andreevich Panin, a 24 year old programmer…

Read more: 24-year-old Russian Hacker and Developer of SpyEye Banking Trojan pleads guilty.

Malware Result in Theft Of Millions Credit Card Numbers

RAM Scraping Malware was an integral part of a number of recent prominent data breaches that resulted in the theft of many tens of millions of credit card numbers. This type of malware typically installs itself into Point of Sale (PoS) terminals and steals data directly from it. Examples of such malware include Dexter, Alina, BlackPoS, and Kaptoxa.
Find more chalk talks here: http://sfi.re/Chalk_Talks

2014 Nigerian Cyber Threat Barometer- Read it here first!


Ninety Six (96) page research paper.

Input provided by 11 Nigerian Banks (Inducing Central Bank of Nigeria), NITDA, and EFCC; document endorsed by Nigerian Inter-Bank Settlement System (NIBSS), and sponsored by British High Commission in Nigeria.

Document available on demand, kindly request download @ efraudafrica@gmail.com.

File size: 11.5 GB

Nigeria: Bank Customers to pay $6 for trapped ATM Card


Customers who have their card issued by a Deposit Money Bank (DMB) in Nigeria may be expected to pay at least $6.00 (1000.00 NGN) each time their card got trapped in the ATM; this move has become necessary given Central Bank of Nigeria (CBN) new guideline on Card Issuance and usage.

The CBN guideline read, “Any trapped card in the ATM shall be rendered unusable (by perforation) by the acquirer and returned to the issuer on the next working day”. Explaining the rational for the new guideline, the Director, Banking and Payment System Department, Mr. Dipo Fatokun alluded this is meant to augment non-disclosure on cardholder information to the minimum.

Fatokun explained- if information such as the Primary Account Number (PAN) is disclosed, it could be used for Card Not Present’ transactions. Card Not Present transaction normally happen over the web in which case you only need the information on the card (PAN) and don’t need the PIN (PAN is the sixteen digits information displayed on the customer card).

Some of our DMB sources has however asserted this move may be retrogressive as most banks now have Securecode (Mandatory second factor authentication other than the PAN) enabled for their CNP transactions.

NDIC Report- Fraud figures is on the rise


A release from the Nigeria Deposit Insurance Corporation (NDIC) reveals fraud figures is on the rise within Deposit Money Banks in Nigeria. According to the NDIC report, the banking sector recorded a total of 3,380 cases in 2012 alone, with ATM Fraud topping the list. Other fraud sources include those perpetuated through Internet Transfer/Withdrawals, and suppression of customer deposit.

Evidence Act 2011- Stakeholders gather to discuss Implementation


Further to the Federal Government’s repeal of the Evidence Act, Cap. E14, Laws of the Federation of Nigeria, and subsequent enacting of a new Evidence Act, 2011, the National Information Technology Development Agency (NITDA) called a National Technical Committee (NTC) meeting to address the implementation of the amended FG act.

The NTC meeting took place Wednesday, 30th April 2014 at the Tinapa Business Resort Calabar, with delegates from the EFCC, Nigerian Police, Nigerian Army, NDLA, Judiciary, and Deposit Money Banks in attendance.

The objectives of the National Technical Committee (NTC) meeting are as follows:

  • To develop the Standards for the implementation of digital and computer forensics in Nigeria in terms of electronic evidence acquisition, examination, analysis and presentation in a manner that will be admissible in the law courts;
  • To develop standards for: (a) forensic laboratories where admissible forensic evidence could be extracted; and (b) develop standards for the quality of forensic laboratory staff