itwbennett quotes a report from The Associated Press: Mattel, the popular toy maker behind Barbie and Hot Wheels, was the victim of a phishing attack last year that nearly cost them $3 million. On April 30, 2015, a Mattel finance executive got a note from the new CEO, Christopher Sinclair, requesting a new vendor payment to China. Transfers required approval from two high-ranking managers; the finance exec qualified and so did the CEO. The transfer was made. The only thing preventing a total loss was the fact that the following day was a bank holiday. Details of the attack against Mattel come from a report by the Associated Press, investigating money laundering and other financial crime in Wenzhou, China. Read more of this story at Slashdot.
Read this article:
Chinese Scammers Take Mattel To the Bank, Phishing Them For $3 Million
itwbennett writes: Cerber, a new file-encrypting ransom ware, has a couple of interesting features. First, according to cyber intelligence outfit SenseCy, it is available for sale ‘as a service’ on a private Russian-language forum, which makes it ‘available to low-level criminals who might not have the coding skills or resources to create their own ransom ware, ‘ writes Lucian Constantin. Second, one of the 3 files it drops on a victim’s desktop is a VBS (Visual Basic Scripting) file containing text-to-speech code that converts text into an audio message. ‘When the above script is executed, your computer will speak a message stating that your computer’s files were encrypted and will repeat itself numerous times, ‘ said Lawrence Abrams, administrator of the technical support forum BleepingComputer.com, in a blog post. Read more of this story at Slashdot. 
An anonymous reader writes: The German Interior Ministry has approved for investigative use a spying Trojan developed by the German Federal Criminal Police (a so-called “federal Trojan”). In fact, it could end up being used as early as this week. The police will have to get a court order to use the spyware, and prove that the suspect is involved in a crime threatening citizens’ “life, limb or liberty”. The malware has been developed in-house, and has been available since autumn 2015. It is supposed to be used only for so-called telecommunication surveillance at the source, i.e. to read emails, chats and wiretap phone calls made by the target via his or her computer or smartphone, and not to access files, steal passwords, or set up video or audio surveillance via the device. Read more of this story at Slashdot. 
An anonymous reader writes: Ransomware has locked computers in three major Indian banks and one pharmaceutical company. While the ransom note asks for 1 Bitcoin, so many computers have been infected that damages racked up millions of dollars. According to an antivirus company that analyzed the ransomware, it’s not even that complex, and seems the work of some amateur Russians. Read more of this story at Slashdot.