11297241203_453f1342a6_b-300x225

On Tracking the Creator of Bitcoin, a Breach at Sally Beauty and Facebook Clickjacking: Security News Update

Mar 09, 2014 By Sarah Vonnegut

It was a crazy week, with the secretive Bitcoin creator supposedly outed, details of 280,000+ payment cards tied to Sally Beauty purchases discovered for sale online and a new Facebook clickjacking campaign that preys on the curious, so let’s get down to it shall we? Here are your weeks biggest security stories: 

Newsweek Article Claims To Unveil Bitcoin Creator, Rest of World Disagrees

Is he or is he not the Bitcoin creator? That’s the question the world has been asking ever since Newsweek published an article last week by Leah McGrath Goodman that claimed to have unmasked the notoriously secretive Bitcoin creator, Satoshi Nakamoto as Dorian Nakamoto, a 64-year-old father of six living in Temple City, California.

“I am no longer involved in that and I cannot discuss it,” Goodman reports Nakamoto said to her on his doorstep, presumably speaking about Bitcoin. “It’s been turned over to other people. They are in charge of it now. I no longer have any connection.”

Doubts have been raised by critics who noted stark differences between the Nakamoto that Goodman spoke with and the Nakamoto who has written on his cryptocurrency. In a strange story that’s only turned stranger with the release of new information, the Dorian Nakamoto whom Goodman had pinpointed as the Bitcoin creator has turned around and said he had never even heard of Bitcoin prior to being contacted for the Newsweek story. He told the Associated Press that he believed Goodman had been asking about his work on other projects.

A group of Bitcoin supporters have taken a different approach, one of protecting Dorian Nakamoto, whether he’s the Bitcoin creator or not. The subreddit r/Bitcoin has been raising donations for Nakamoto, which organizer Andreas Antonopoulos explained as “I have no idea if this person is Satoshi, though it seems increasingly unlikely. However, it doesn’t matter either way. If this person is Satoshi, then the funds are a small ‘thanks’ and won’t make much of a difference,” if the Newsweek Nakamoto is indeed the Bitcoin Nakamoto. “However, if this person is not Satoshi, then these funds will serve as a ‘sorry for what happened to you’,” Antonopoulos continued.

Read more about Goodman’s encounter with (a) Dorian Nakamoto here.

Breach of the Week: Sally Beauty…Possibly

International specialty retailer Sally Beauty was most likely hit by a credit card breach that occurred between late February and early March. The data of 282,000 stolen credit and debit cards were discovered for sale in an underground black market store and the common point of purchase, or CPP, is Sally Beauty stores.

sally beauty breach krebs

An advertisement for the cards believed to have been stolen from Sally Beauty

The CPP in fifteen cards tested by financial institutions contacted by Brian Krebs was Sally Beauty, but in a statement to their investors, Sally Beauty responded that they do not believe the payment information found on the black market came from their systems:

“Recently, our systems detected an attempted intrusion into our network, and we believe we promptly mitigated potential issues arising from this intrusion. As a result of our ongoing investigation, which included assistance from a top-tier security firm, we have no reason to believe there has been any loss of credit card or consumer data. We will continue to investigate and actively monitor this situation.”

Continue reading here.  

Facebook Clickjacking Scam Promises ‘Naked Videos’, Hits 2 Million Victims

The most recent Facebook malware scam to pop up takes advantage of our natural curiosity in a maliciously clever way. This particular clickjacking campaign entices Facebook users to click on a video claiming to show a particular friends’ naked video. After clicking, you’d get redirected to a site that looks like YouTube prompting you to download the latest version of Adobe Flash.

The hackers first try to install the malware when someone first gets to the malicious web page. If your anti-virus detects it, they try to get you again with the fake Adobe Flash download. Those that hit ‘download’ actually install a Trojan which then steals your pictures.  The clickjacking ‘virus’ continues as your photos get used to spread the scam on your Facebook profile and timeline. The scam has already hit 2 million curious people.

Clickjacking is one of the most common scams used on social networks like Facebook and Twitter, simply because they’re so easy to fall for. It can be difficult to tell when someone’s account has been hacked, and hackers are constantly getting better. Protect yourselves by using a strong anti-virus…and by using common sense on the internet.

Read more about the latest Facebook scam here

The following two tabs change content below.
Sarah is in charge of social media and an editor and writer for the content team at Checkmarx. Her team sheds light on lesser-known AppSec issues and strives to launch content that will inspire, excite and teach security professionals about staying ahead of the hackers in an increasingly insecure world.

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.