Security team hit by electronic smear campaign

Summary:Using compromised credit-card details, attackers donated funds to CastleCops' PayPal account in order to undermine its reputation

A team of volunteers formed to help combat cybercrime has been subjected to an attack which has attempted to undermine its reputation.

CastleCops, a voluntary security community, has received money from victims into its PayPal account, according to Robin Laudanski, who co-runs the organisation.

She blogged that compromised credit-card details had been used to donate sums of money to CastleCops. She suggested that the idea is that, when victims find out their money has been taken, they will assume CastleCops is involved in the fraud.

"The problem is a number of people have had their personal information stolen and used to target us in an attempt to discredit what CastleCops and its volunteers do," blogged Laudanski. "Until this happened to us, I had never heard of anyone being targeted as the recipient of fraudulent charges. Given it has happened, I hope other organisations which fight against criminal activity on the net might want to take a look at their accounts to ensure the current transactions are legitimate."

Laudanski claims CastleCops had been being subjected to an attempted denial-of-service attack for two weeks when her suspicions were raised. She contacted PayPal and asked them to initiate an investigation into CastleCops' PayPal account.

"I explained that I believed most, if not all, of the transactions we'd received within a very short period of time were fraudulent in nature. As a result, our account was frozen so we could not receive any donations until it was determined that we were also a victim," wrote Laudanski.

Andy Buss, a security analyst at Canalys, said the attack was "an interesting variation on an established method" in which attackers make small charity donations to test the validity of compromised credit-card details.

"It's an attack that's difficult to counter: attempting to turn a reputable site into a perceived negative site, and destroy its income and reputation," said Buss.

The analyst said the attack was an indication that fraud management needed to become more sophisticated.

Topics: Security

About

Tom is a technology reporter for ZDNet.com, writing about all manner of security and open-source issues.Tom had various jobs after leaving university, including working for a company that hired out computers as props for films and television, and a role turning the entire back catalogue of a publisher into e-books.Tom eventually found tha... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.