article thumbnail

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. Launched in 2001 under the tagline “Network terrorism,” Mazafaka would evolve into one of the most guarded Russian-language cybercrime communities. Mark Rasch , a former cybercrime prosecutor for the U.S. As well as the cost of my services.”

article thumbnail

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

One of Megatraffer’s ads on an English-language cybercrime forum. Megatraffer has continued to offer their code-signing services across more than a half-dozen other Russian-language cybercrime forums, mostly in the form of sporadically available EV and non-EV code-signing certificates from major vendors like Thawte and Comodo.

Malware 302
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Krebs on Security

That same email address was used to register the account “Isis” at several other top Russian-language cybercrime forums, including Damagelab, Zloy, Evilzone and Priv-8. It also was used in 2007 to register xeka[.]ru ru , a cybercrime forum in its own right that called itself “ The Antichat Mafia.”

article thumbnail

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

article thumbnail

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Emerging in 2007 as a banking trojan, QakBot (a.k.a. Qakbot/Qbot was once again the top malware loader observed in the wild in the first six months of 2023.

Hacking 307
article thumbnail

Evil Corp rebrands their ransomware, this time is the Macaw Locker

Security Affairs

Evil Corp cybercrime gang is using a new ransomware called Macaw Locker to evade US sanctions that prevent victims from paying the ransom. The Evil Corp cybercrime group (aka the Dridex gang Indrik Spider , the Dridex gang, and TA505 ) has been active in cybercrime activities since 2007.

article thumbnail

Grief ransomware gang hit US National Rifle Association (NRA)

Security Affairs

The Evil Corp cybercrime group (aka the Dridex gang Indrik Spider , the Dridex gang, and TA505 ) has been active in cybercrime activities since 2007. Evil Corp has recently launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments.