Secret Service investigating massive credit card breach at Target (Updated)

UPDATE Thursday 5:34am CT: In a statement posted to its website early Thursday morning, Target acknowledged that "approximately 40 million credit and debit card accounts may have been impacted between Nov. 27 and Dec. 15, 2013," adding that the company is "partnering with a leading third-party forensics firm to conduct a thorough investigation of the incident."

Original story follows:

According to the Wall Street Journal and independent journalist Brian Krebs, retail giant Target was hit with a major theft of customers’ credit-card and debit-card data captured in stores during the Black Friday weekend.

Read 6 remaining paragraphs | Comments

Secret Service Seizes JotForm.com, Nuking Millions of Online Forms (Updated)


Jotform.com, the domain name of a business providing hosting for online forms, has been seized by the Secret Service, essentially gutting the company’s business.

The Wednesday seizure of JotForm.com, with the assistance of the domain name’s registrar, GoDaddy, disabled about 2 million JotForm.com forms, said Aytekin Tank, the site’s founder. The embeddable forms are hosted by the company and let sites quickly put up contact and sign-up forms online.

GoDaddy told Wired it took the site down at the request of law enforcement.

Tank has informed its “hundreds of thousands of users” in a blog post to alter their form URLs to jotform.net, which should revive a customer’s hosted forms.

“They have disabled the DNS without any prior notice or request,” Tank said of GoDaddy. “They have told us the domain name was suspended as part of an ongoing law enforcement investigation.”

Update: JotForm seems to have gotten its domain name returned late Thursday afternoon Pacific time, according to Tank, who said DNS records were slowly reverting. “They have not notified us but it looks like they might have lifted the suspension,” Tank said in an e-mail. “We will probably never find out the reason for the suspension. It has been a very difficult 2 days for both our users and for us. So, I hope this is the end.”

In a Wednesday e-mail to Tank from GoDaddy’s Spam and Abuse Department, which Tank forwarded to Wired on Thursday, GoDaddy referred Tank to the Secret Service.

The agency did not immediately respond to Wired’s request for comment.

GoDaddy’s director of network abuse Ben Butler said in an e-mail to Wired that the registrar’s privacy policy prevents him from directly addressing the case, and did not specify if the company received a subpoena or simply gave the domain to the Secret Service based on a request.

“But, we can tell you in general terms, at the specific request of law enforcement, GoDaddy sometimes takes action to prevent further harm being caused by a website hosted on our servers,” Butler wrote. “This would include things like sites engaged in phishing, malware installation, securities fraud, and so on.”

The seizure came two weeks after Immigration and Customs Enforcement announced it had seized 307 domains allegedly engaged in unauthorized live sports streaming and for selling fake professional sports merchandise.

Tank speculated in a Hacker News forum that the investigation surrounds an e-mail phishing program being run by a customer using a hosted JotForm form.

“Our guess is that this is probably about a phishing form. We take phishing very seriously. Our Bayesian phishing filter … suspended 65,000 accounts last year,” he said.

On the New York company’s blog, he said, “We have 2 million user-generated forms. It is not possible for us to manually review all forms. This can happen to any website that allows user-generated content.”

JotForm is hardly alone in the business of online forms. Google Docs allows sites to embed forms, and SurveyMonkey recently bought Jotform competitor WuFoo last April for $35 million.

Techdirt’s Mike Masnick adequately sums up the concerns about this seizure.

“Even if the forms were being used for some illegal purpose,” Masnick said, “I still can’t fathom a reason why it should lead to everyone else getting censored and an internet startup facing a massive hardship wherein tons of users have had their service disrupted with millions of useful forms being suddenly disappeared.”

Poo owns up to hacking of Federal Reserve computers

ToiletDo you think hacking financial institutions and selling stolen information onto others is a viable career? You could be flushing your life down the toilet…

A Malaysian man who was arrested last year by an undercover Secret Service agent, has admitted hacking into a series of financial institutions, and pleaded guilty to possessing stolen credit and debit card numbers with the intention to defraud.

Officers arrested 32-year-old Lin Mun Poo in a diner, shortly after he flew into New York from Malaysia, and claimed to recover over 400,000 credit card numbers and bank account details from his “heavily encrypted laptop computer”.

Court documents

Poo found a security vulnerability on Federal Reserve Bank of Cleveland’s network in June 2010, and claims to have added malicious code to a Federal Reserve computer. However, it is believed that he stole the treasure trove of credit card numbers and other account information from other financial institutions.

No Federal Reserve data or information was accessed or compromised, according to a spokeswoman for the bank.

It seems that Poo didn’t limit himself to merely breaking into financial systems, as court documents have alleged that he also hacked into the network of a major Department of Defense contractor.

Poo is being held in a Brooklyn jail, and faces up to 10 years in jail when he is sentenced on 13th September.

If you’re considering a career of cybercrime, and think that hacking and identity theft could be your route to riches, just take a minute or two to reflect on how you could be making the worst decision of your life.

How would you feel, waiting to find out how many years of your life you’ll be wasting locked up in jail?