In this issue

Jonathan Tobin: Defending the Right to a Jewish State

Heather Hale: Compliment your kids without giving them big heads

Megan Shauri: 10 ways you are ruining your own happiness

Carolyn Bigda: 8 Best Dividend Stocks for 2015

Kiplinger's Personal Finance editors: 7 Things You Didn't Know About Paying Off Student Loans

Samantha Olson: The Crucial Mistake 55% Of Parents Are Making At Their Baby's Bedtime

Densie Well, Ph.D., R.D. Open your eyes to yellow vegetables

The Kosher Gourmet by Megan Gordon With its colorful cache of purples and oranges and reds, COLLARD GREEN SLAW is a marvelous mood booster --- not to mention just downright delish
April 18, 2014

Rabbi Yonason Goldson: Clarifying one of the greatest philosophical conundrums in theology

Caroline B. Glick: The disappearance of US will

Megan Wallgren: 10 things I've learned from my teenagers

Lizette Borreli: Green Tea Boosts Brain Power, May Help Treat Dementia

John Ericson: Trying hard to be 'positive' but never succeeding? Blame Your Brain

The Kosher Gourmet by Julie Rothman Almondy, flourless torta del re (Italian king's cake), has royal roots, is simple to make, . . . but devour it because it's simply delicious

April 14, 2014

Rabbi Dr Naftali Brawer: Passover frees us from the tyranny of time

Greg Crosby: Passing Over Religion

Eric Schulzke: First degree: How America really recovered from a murder epidemic

Georgia Lee: When love is not enough: Teaching your kids about the realities of adult relationships

Cameron Huddleston: Freebies for Your Lawn and Garden

Gordon Pape: How you can tell if your financial adviser is setting you up for potential ruin

Dana Dovey: Up to 500,000 people die each year from hepatitis C-related liver disease. New Treatment Has Over 90% Success Rate

Justin Caba: Eating Watermelon Can Help Control High Blood Pressure

The Kosher Gourmet by Joshua E. London and Lou Marmon Don't dare pass over these Pesach picks for Manischewitz!

April 11, 2014

Rabbi Hillel Goldberg: Silence is much more than golden

Caroline B. Glick: Forgetting freedom at Passover

Susan Swann: How to value a child for who he is, not just what he does

Cameron Huddleston: 7 Financial Tasks You Should Tackle Right Now

Sandra Block and Lisa Gerstner: How to Profit From Your Passion

Susan Scutti: A Simple Blood Test Might Soon Diagnose Cancer

Chris Weller: Have A Slow Metabolism? Let Science Speed It Up For You

The Kosher Gourmet by Diane Rossen Worthington Whitefish Terrine: A French take on gefilte fish

April 9, 2014

Jonathan Tobin: Why Did Kerry Lie About Israeli Blame?

Samuel G. Freedman: A resolution 70 years later for a father's unsettling legacy of ashes from Dachau

Jessica Ivins: A resolution 70 years later for a father's unsettling legacy of ashes from Dachau

Kim Giles: Asking for help is not weakness

Kathy Kristof and Barbara Hoch Marcus: 7 Great Growth Israeli Stocks

Matthew Mientka: How Beans, Peas, And Chickpeas Cleanse Bad Cholesterol and Lowers Risk of Heart Disease

Sabrina Bachai: 5 At-Home Treatments For Headaches

The Kosher Gourmet by Daniel Neman Have yourself a matzo ball: The secrets bubby never told you and recipes she could have never imagined

April 8, 2014

Lori Nawyn: At Your Wit's End and Back: Finding Peace

Susan B. Garland and Rachel L. Sheedy: Strategies Married Couples Can Use to Boost Benefits

David Muhlbaum: Smart Tax Deductions Non-Itemizers Can Claim

Jill Weisenberger, M.S., R.D.N., C.D.E : Before You Lose Your Mental Edge

Dana Dovey: Coffee Drinkers Rejoice! Your Cup Of Joe Can Prevent Death From Liver Disease

Chris Weller: Electric 'Thinking Cap' Puts Your Brain Power Into High Gear

The Kosher Gourmet by Marlene Parrish A gift of hazelnuts keeps giving --- for a variety of nutty recipes: Entree, side, soup, dessert

April 4, 2014

Rabbi David Gutterman: The Word for Nothing Means Everything

Charles Krauthammer: Kerry's folly, Chapter 3

Amy Peterson: A life of love: How to build lasting relationships with your children

John Ericson: Older Women: Save Your Heart, Prevent Stroke Don't Drink Diet

John Ericson: Why 50 million Americans will still have spring allergies after taking meds

Cameron Huddleston: Best and Worst Buys of April 2014

Stacy Rapacon: Great Mutual Funds for Young Investors

Sarah Boesveld: Teacher keeps promise to mail thousands of former students letters written by their past selves

The Kosher Gourmet by Sharon Thompson Anyone can make a salad, you say. But can they make a great salad? (SECRETS, TESTED TECHNIQUES + 4 RECIPES, INCLUDING DRESSINGS)

April 2, 2014

Paul Greenberg: Death and joy in the spring

Dan Barry: Should South Carolina Jews be forced to maintain this chimney built by Germans serving the Nazis?

Mayra Bitsko: Save me! An alien took over my child's personality

Frank Clayton: Get happy: 20 scientifically proven happiness activities

Susan Scutti: It's Genetic! Obesity and the 'Carb Breakdown' Gene

Lecia Bushak: Why Hand Sanitizer May Actually Harm Your Health

Stacy Rapacon: Great Funds You Can Own for $500 or Less

Cameron Huddleston: 7 Ways to Save on Home Decor

The Kosher Gourmet by Steve Petusevsky Exploring ingredients as edible-stuffed containers (TWO RECIPES + TIPS & TECHINQUES)

Jewish World Review

'Project Blitzkrieg': Are Russian cybercriminals about to invade US banks?

By Mark Clayton

Security researchers uncovered 'Project Blitzkrieg', a plan for a major cyberheist of US banks, after its purported Russian mastermind posted recruitment messages online. It's not clear whether the publicity halted the plot

JewishWorldReview.com | (TCSM) In one of the most ambitious cyber-bank-heist plots ever uncovered, Russian cybercriminals plan to use a mass of fake wire transfers to steal millions from 30 big US financial institutions, possibly before spring 2013, security researchers say.

A key reason that "Project Blitzkrieg" has been exposed is that its purported mastermind, a cybercriminal who goes by the hacker alias "vorVzakone," which translates to "thief in law," posted notices in an underground criminal online forum advertising for accomplices, researchers say.

The messages vorVzakone posted, including key pictures of his computer setup, screenshots of his malware, and a general description of the plan to organize an army of 100 "botmasters" to attack the banks, were tantalizing, but also suspect — at least initially.


Every weekday JewishWorldReview.com publishes what many in the media and Washington consider "must-reading". HUNDREDS of columnists and cartoonists regularly appear. Sign up for the daily update. It's free. Just click here.

Was this bluster just evidence of the Russian police setting up sting operation to entrap would-be cyberthieves? No. New findings indicate the plot was all too real, and appears to have progressed since its first discovery in October, according to a new report released Thursday by McAfee, the Santa Clara, Calif., cybersecurity firm.

"McAfee Labs believes that Project Blitzkrieg is a credible threat to the financial industry and appears to be moving forward as planned," the report concludes.

"Not only did we find evidence validating the existence of an early pilot campaign operated by vorVzakone and his group using the Trojan Prinimalka that infected at a minimum 300 to 500 victims across the United States, but we were also able to track additional campaigns as a result of the forum posting."

But the report also notes that discovery and exposure of vorVzakone's message may have slowed the plot, McAfee admits later in the report. Other researchers say the plot might have been delayed, torpedoed entirely — or be progressing as McAfee avers.

What vorVzakone originally proposed in his Sept. 9, 2012, message to the cybercriminal underground was a novel mass attack that would organize previously unorganized cells of the cybercriminal community. The idea was to collaborate in exploiting the US banks' vulnerabilities in authenticating wire transfers.

"The goal — together, en-masse and simultaneously process large amount of the given material before antifraud measures are increased," vorVzakone wrote in his message, according to a translation by cybersecurity blogger Brian Krebs.

The McAfee findings largely confirm and expand on earlier findings by RSA, the Bedford, Mass.-based cybersecurity division of EMC Corp., which published its findings on Project Blitzkrieg on the company's security blog in October.

McAfee and RSA agree that vorVzakone sought to put the prospective participants into a "boot camp-style process" in which "accomplice botmasters will be individually selected and trained, thereby becoming entitled to a percentage of the funds they will siphon from victims' accounts into mule accounts controlled by the gang," RSA researchers blogged in October.

"To make sure everyone is working hard, each botmaster will select their own 'investor,' who will put down the money required to purchase equipment for the operation (servers, laptops) with the incentive of sharing in the illicit profits. The gang and a long list of other accomplices will also reap their share of the spoils, including the money-mule herder and malware developers."

A key feature of the plot was to purchase computerized "phone flooding" equipment so that banks seeking to call or text victims to verify whether a wire transfer was real or not, would not be able to reach them by phone because the digital pathways to the phones would be blocked. Meanwhile, the fraudster can call the bank, claiming to be the accountholder approving the transaction.

The planned attack, both RSA and McAfee agree, is built on a particularly nasty piece of a malicious software called Prinimalka, which is itself a previously little-known private variant of a better-known piece of criminal malware called Gozi that was specifically designed to steal banking login credentials.

The insidious difference between the two malwares is that Prinimalka clones the victim's computer — sending all the essential variables to Russia so a "virtual machine" can assemble a fake version of the victim's computer complete with all the same cookies, operating system, and other software configurations. The fake can then be operated from Russia, but appear to bank security systems to be the victim's legitimate machine sitting somewhere in the US.

"Their method of doing this is to essentially clone the victim's computer so the copy can be run on a virtual machine anywhere in the world," says Daniel Cohen, head of RSA's Knowledge Delivery branch, which deals with external cyber threats. "It looks to the bank like that computer belongs to Joe Schmo sitting somewhere in America."

While McAfee says the Blitzkrieg plot appears to have been real until very recently, based on the tracking of malware deposited on victim machines across the US, it is now possible that the plot has been sunk by all the publicity. Or it might merely be on hold — or even still in deep development.

"Some recent reports argue that vorVzakone has called off this attack because it has been made public," notes the McAfee study. "Yet it is possible that the publicity may merely drive his activities deeper underground."

After media picked up the story, vorVzakone wrote in a final message that things had become "too hot, too much media attention," Mr. Cohen agrees.

"The guy in charge of phone flooding said on the same forum that he was now out of a job and available for hire. We tracked vorVzakone as he went into deeper underground forums, but haven't seen him posting. He's also being chastised by members of the forum for bringing so much unwanted attention."


Every weekday JewishWorldReview.com publishes what many in Washington and in the media consider "must reading." Sign up for the daily JWR update. It's free. Just click here.

Comment by clicking here.

© 2011, The Christian Science Monitor