In a blog post, Trusteer CTO Amit Klein ays the scams “exploit the trust relationship between users and these well-known service providers, as well as the Visa and MasterCard brands, to steal users’ debit card data.”

As usual, the fraudsters try to trick users into providing confidential financial information: debit card number, expiration date, security code, and PIN. On Facebook, a web inject offers a 20-percent cash back offer by linking a Visa or MasterCard debit card to their account.

What is unique about this one, Klein writes, is that “in the attacks against Google Mail, Hotmail and Yahoo users, Zeus offers an allegedly new way of authenticating to the 3D Secure service offered by the Verified by Visa and MasterCard SecureCode programs.”

Trusteer’s director of product marketing, Oren Kedem, says while web injects are common, this is the first time he has seen a scam try to use 3D Secure. “Many customers are familiar with it,” he says, “and it has become so trustworthy that victims could see it as a plausible approach.”

In this case, the lure is convenience. Victims are told that if they link their debit card to their web mail accounts, “all future 3D Secure authentication will be performed through Google Checkout and Yahoo Checkout respectively,” and, of course, that they will be protected from fraud in the future, by providing their confidential information. The Hotmail attack is similar.

Users are “reassured” that, “Your Debit Card pin is ONLY used for verification purposes. It activates CashBack option. Never disclose your Debit PIN to anyone, including family and friends. Your Debit PIN is confidential and is for your use online.”

Kedem says he does not know how many people have fallen for the scam, “but since this is a version of Zeus, which is the No. 1 malware out there and since just about everybody uses one of these services, there is a large number of targets.” He says Trusteer has notified the companies of the new variant.

Kedem says the most common way to get infected with the Zeus malware is by “drive-by” download – simply by visiting a website with the malware present. It then takes over the user’s browser when one of the targeted sites, like Facebook, is visited. He says users should take the usual precautions with any unsolicited offer they see online that asks for confidential information.

Another way to tell is to check the use of the language. While this scam uses relatively accurate English, there are mistakes. In the line about the Debit PIN, the web inject uses the lower-case “pin” one time, and capitalizes it the other two times. It also says, “It activates CashBack option,” leaving out “the” before CashBack.

The Gmail web inject starts with: “We are glad to offer you participate …” Such mangling of English, even in a minor way, should amount to a red flag.

There is little else to warn potential victims, Klein writes. “These web injects are well crafted both from a visual and content perspective, making it difficult to identify them as a fraud.”

The real-life Steve Jobs with the real-life Ross Perot -- who may or may not be a character in either or both of these movies -- in 1987

Right now, if you want to watch a fictionalized version of the story of Steve Jobs, you have one option: the so-so 1999 teleflick Pirates of Silicon Valley, with Noah Wyle as Apple’s cofounder. Before too long, though, there will be two fresh new choices: an independent biopic from Five Star Features and one from Sony that’s based on Walter Isaacson’s bestselling authorized biography.

And now Sony has got its wish: The company has signed up screenwriting superstar Aaron Sorkin to write its screenplay. Sorkin, of course, has plenty of experience writing about Silicon Valley tech legends, having already tackled Facebook’s Mark Zuckerberg. And his famously snappy patter should be a good fit for the quick-witted, tart-tongued Jobs.

Meanwhile, the indie film has a head start production-wise, and it snagged a big star in Ashton Kutcher to play the title role. (I’m trying to keep my mind open about that casting, although the first photos of him in costume, as published on TMZ, have me a tad worried.)

Herewith, a comparison of the two movies. (There’s a lot we don’t yet know, especially about Sony’s effort.)

More details will presumably emerge about both epics before they hit theaters. For the moment, the big question is obvious: Who’s going to play Jobs in the Sorkin movie? I still think that Keanu Reeves would make a swell Steve, although at 47, he’s probably too, um, mature for the role.

I first saw the tool mentioned in a recent article by my colleague Violet Blue: Flashmob privacy protests target Facebook tomorrow: New York, San Francisco. Abine is clearly very interested in raising awareness about its services by getting users up in arms about Facebook privacy.

So, how does it work? The calculator asks you seven questions:

1. Where do you live?
2. How many Facebook firends do you have?
3. How do you use Facebook Libe buttons?
4. How many photos do you post on Facebook?
5. Do you have a farm, a gang, or play Words With Friends?
6. How much money do you make?
7. How long do you think you’ll be using Facebook?

Then, it calculates how much your data is worth to Facebook based on a range from $2 to $91. That’s how much Facebook will make from you each year, depending on how you answered the questions.

“The Facebook Val-You calculator relies on data from the Facebook S-1 Filing, independent financial and market research analysts, data from Facebook advertisers, as well as Abine’s internal modeling and estimates,” an Abine spokesperson said in a statement. “It considers how an individual uses Facebook along with personal details in order to determine approximately how much revenue they may generate for Facebook this year.”

Jeremy Hammond, a hacker with ties to both Lulzsec and Anonymous, pled guilty in a New York courtroom yesterday. Hammond is accused of being a part of an attack on Strategic Forecasting, Inc, which resulted in the personal info of over 800,000 of the company’s clients being stolen. The attack included the publishing of 60,000 credit card numbers and over $700,000 in fraudulent charges. Hammon has a long rap sheet going back nearly a decade that includes theft, drug, and assault charges, and if convicted faces up to 10 years in prison.

Via [Chicagoist]

The public-facing website does not contain any sensitive information, the information watchdog said.

“Access to the ICO website has been disrupted over the past few days. We believe this is due to a distributed denial of service attack,” a spokesperson for the ICO said.

“The website itself has not been damaged, but people have been unable to access it.”

He added: “We regret this disruption to our service and we are working to try to bring the website back online as soon as possible.”

Despite a number of reports online claiming that a group with links to the Anonymous hacktivist collective is behind the attack, over what it believes is corruption in the Leveson inquiry into press standards, the ICO spokesperson said that this could not be confirmed.

Being unable to access the website may cause some problems for businesses that have not yet taken the necessary steps to comply with the new EU cookies law that comes into force next week (26 May).

Under the new regulation, all websites must allow visitors to be able to stop cookies being installed on their own machines, if they so wish on privacy grounds.

The ICO website hosts guidance for website operators on how to comply with the law, and failure to do so could result in a fine of up to £500,000.

Other cookies guidance, based on the information from the ICO, can be found on the International Chamber of Commerce website.

The Jester is known on the hacking scene as a “patriot hacker”, a WikiLeaks hater, and in some cases even a snitch. That’s probably why there are a lot of people who don’t like him. However, this particular situation raises a lot of questions.

@truelai has been following the incident and released an objective timeline of the facts. So let’s take a look at the events.

First, this Smedley guy shows up and tries to get The Jester’s attention. Then, he publishes a number of screenshots in which he confronts the hacker with details that appear to be true.

According to @cubespherical, @th3j35t3r is a former member of the 75th Ranger Regiment, he owns a Chevy Silverado, and his initials are R.D.C. The mystery actor knows this because he bumped into a mutual friend which gave up the hacker’s true identity.

Now, @cubespherical opened a Bitcoin account for donations and claims that when “it hits” $100,000 (76,000 EUR), he will make public the identity of The Jester. He also states that 51% of the sum will be given to WikiLeaks, after which he disappears.

Ever since the confrontation, The Jester has deleted his Twitter account and started removing posts from his blog, which means that he is genuinely afraid of being unmasked. However, some believe that the “patriotic hacker” may actually own the Smedley Manning account, this being a clever plot to raise money from people who would like nothing more than to see him exposed.

Since The Jester acquired many enemies as a result of his actions, it shouldn’t surprise anyone if the sum of money was raised in a short amount of time.

Infosec Island has found an interesting Pastebin post that apparently contains The Jesters’ entire blog in which he details, among other things, the downfall of TeaMp0isoN. He hints that he may have some implication in the arrests that have recently taken place.

Reported by Trend Micro, the first attack is a straightforward piece of social engineering, attempting to trick mobile browser users into downloading a bogus Flash app.

Falling for the ruse causes the download of a malicious .APK (Android package) file which installs Androids_Boxer.A which sends premium rate SMS messages varying according to the geographical location of the infected smartphone.

A second attack of a similar ilk detected by Avast reels in mobile users looking for screen savers and free games, giving them a variant of the Android:FakeInst malware that also sets the victim up for premium SMS fraud.

Both malware attacks are currently being posted on Russian-language websites which lowers the chances of anyone outside that region encountering them but the intention is clear. Whether using shady app sites beyond the relative safety of the Android Marketplace or via websites, the malware peddlers are developing more sophisticated ways to attack mobile users.

When the threat moves beyond Russia in earnest, the social engineering design of using bogus apps to spread malware is likely to be the attack method – Angry Birds and Instagram have already been ‘adopted’ in recent weeks to carry out this type of attack.

Typically, the domains used to host the malware were temporary, a tactic borrowed from the desktop malware world.

“Analysing the trail the malware creators left for us, we’ve discovered a few sites they [the malware writers] have used in order to attract users and all of them target Russian speaking people and look like an alternative markets. In reality, these sites exist for a short period of time and offers only fake downloaders,” said Avast’s blog.

“And this scam costs you money. If somebody clicks on the OK or Agree button, they have probably already been defrauded by the creators,” said Avast’s blog.

The slow convergence of desktop malware techniques with mobile (read Android) threats continues, including the first example of a website drive-by Android attack detected last week.

Should the tool find a Flashback trojan, users will be presented with a dialogue notifying them that it was removed; depending on the variant removed, the tool may require users to restart their system. Additionally, the tool disables the Java plug-in in the Safari web browser. This is important, as Apple has not issued an updated version of Java for Leopard, leaving the security holes exploited by malware such as Flashback open. However, users can re-enable Java by selecting Safari ➤ Preferences ➤ Security and checking “Enable Java”.

The company has also published Leopard Security Update 2012-003 to disable older versions of the Adobe Flash Player which don’t include the current security updates; Apple did the same thing in its recent Safari 5.1.7 update. For users with older versions of Flash Player installed, the update provides an option for users to get the latest release from Adobe’s web site.

The Flashback Removal tool and Security Update 2012-003 are available from Apple’s Support Downloads site. Alternatively, users can install the security update using the built-in Software Update function. All users are advised to install these updates.

Friday’s theft came after hackers accessed Bitcoinica’s production servers and depleted its online wallet of 18,547 BTC, as individual Bitcoin units are called, company officials said in a blog post published on Friday. It said the heist affected only a small fraction of Bitcoinica’s overall bitcoin deposits and that all withdrawal requests will be honored once the platform reopens.

It was at least the second time in 10 weeks Bitcoinica has been stung by a computer intrusion that has cost it dearly. In early March, a security lapse at cloud services provider Linode allowed hackers tomake off with about $210,000 worth of bitcoin after they gained unauthorized access to bitcoin wallets stored by Bitcoinica and seven other customers. Last June, an anonymous person claimed to havelost $500,000 worth of bitcoin to online thieves, but the claims were never independently verified.

“It is with much regret that we write to inform our users of a recent security breach at Bitcoinica,” Friday’s blog post stated. “The overwhelming majority of our bitcoin deposits were not stolen. The thief stole from us not you. All withdrawal requests will be honored.”

The post went on to warn that a database storing user names, e-mail addresses, and account histories was also accessed, and it also suggested cryptographically hashed passwords may also have been compromised. It advised customers who reused their Bitcoinica passwords on other sites to change them. Documents used to legally verify users’ identities are stored on separate servers at a separate data center with a different encryption regimen.

“Even full access to website database would not give the attacker access to this data,” the post stated. “We will have more to say soon about the circumstances surrounding this attack and what we will do to handle it.”

Ars has sent e-mails sent to Bitcoinica CEO and lead developer Zhou Tong and other officials seeking comment for this article, but hadn’t received a response by time of writing.

According to comments Tong left in an online forum, hackers penetrated a webserver hosted by Rackspace after they managed to reset a password, most likely through an automated e-mail. Other participants in the discussion castigated Tong for not relying on two-factor authentication to manage the account. They also criticized Bitcoinica for storing such large amounts of liquid currency online, rather than keeping it offline and in an encrypted format. Tong didn’t address the authentication issue, but he defended the decision to store such a large amount of currency online.

“The sum of margin balance is the absolute minimum of funds we have to keep (so that we can honor every withdrawal request),” Tong explained. “Since the system is down at the moment, we don’t have the knowledge of open positions. We’re pretty sure that margin balance can be covered with our off-site reserves, but we are unable to determine value of unpaid unrealized profits and the unpaid swaps.”

Other participants complained that the theft of such a large amount of bitcoin threatened to devalue the currency. At time of writing, those fears appeared to be unfounded, with the value of a BTC remaining largely unchanged at about $4.94, according to current exchange rates.

Bitcoin is a digital currency that’s transferred through a peer-to-peer network, making it virtually impossible to trace those who use it. Strong cryptographic controls ensure that once bitcoins are spent they can’t be taken back, although a recently published research paper reports limitations that allow the same bitcoins can be double spent.

The March heist that hit Bitcoinica also affected several other trading platforms that have also lamented the necessity of storing large amounts of the currency in liquid form in “hot wallets” to automatically cover payout requests made by customers. Also hit in the earlier Linode breach was Gavin Andresen, the lead Bitcoin programmer, who lost about $25 worth of the currency.

He told Ars at the time that he’s working on an update to the Bitcoin framework that would largely prevent such thefts by requiring “multisignature transactions.” Under such a system, wallets would contain only one of two private encryption keys needed to spend coins, with the other residing on a separate machine at a different location.

Andreson didn’t immediately respond to a request for comment on late Friday.