2008, Cybercrime and Information Security

Russian authorities arrested the kingpin of cybercrime Infraud Organization

Security Affairs

JANUARY 24, 2022

’ In February 2008, the US authorities dismantled the global cybercrime organization tracked as Infraud Organization, which was involved in stealing and selling credit card and personal identity data. Its purported founder Andrey Novak is wanted in the US on the accusations of cybercrime. Pierluigi Paganini.

Cybercrime

Cybercrime Hacking Cryptocurrency Ransomware

PLAYFULGHOST backdoor supports multiple information stealing features

Security Affairs

JANUARY 5, 2025

The PLAYFULGHOST backdoor shares functionality with Gh0stRAT whose source code was publicly released in 2008. Google researchers analyzed a new malware family called PLAYFULGHOST that supports multiple features, including keylogging, screen and audio capture, remote shell, and file transfer/execution.

Malware

Malware Encryption Phishing Hacking

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Proxy services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they make it difficult to trace malicious traffic to its original source. SocksEscort began in 2009 as “ super-socks[.]com com , segate[.]org

Malware

Malware VPN Internet Internet

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Security Affairs

JANUARY 31, 2024

It was operating between 2008 and 2013. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – cybercrime, Apple) According to German media , one of the two operators was also involved in the operations of the site mega-downloads.net.

Media

Media Cybercrime Advertising Information Security

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Security Affairs

JANUARY 18, 2022

Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem.

VPN

VPN Cybercrime Ransomware Advertising

Qakbot is back and targets the Hospitality industry

Security Affairs

DECEMBER 18, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. In August, the FBI announced that the Qakbot botnet was dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’ Duck Hunt is one of the largest U.S.-led

Malware

Malware Phishing Ransomware Hacking

Black Basta ransomware operators leverage QBot for lateral movements

Security Affairs

JUNE 7, 2022

QBot, aka Qakbot and Pinkslipbot , has been active since 2008, it is used by threat actors for collecting browsing data and banking credentials and other financial information from the victims. Black Basta has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. .

Ransomware

Ransomware Backups Malware Firewall

Qakbot operations continue to evolve to avoid detection

Security Affairs

JULY 13, 2022

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. Experts warn that operators behind the Qakbot malware operation are improving their attack chain in an attempt to avoid detection. The malware spreads via malspam campaigns, it inserts replies in active email threads.

Malware

Malware Hacking Cybercrime Information Security

QakBot threat actors are still operational after the August takedown

Security Affairs

OCTOBER 7, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. In August, the FBI announced that the Qakbot botnet was dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’

Malware

Malware Ransomware Phishing Hacking

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs

DECEMBER 1, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. In August, the FBI announced that the Qakbot botnet was dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’

Ransomware

Ransomware Malware Retail Insurance

Security Affairs newsletter Round 291

Security Affairs

NOVEMBER 29, 2020

A cyberattack crippled the IT infrastructure of the City of Saint John Hundreds of female sports stars and celebrities have their naked photos and videos leaked online Romanians arrested for running underground malware services Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs Computer Security and Data Privacy, the perfect alliance (..)

Data breaches

Data breaches Social Engineering Ransomware Malware

New Kraken botnet is allowing operators to earn USD 3,000 every month

Security Affairs

FEBRUARY 17, 2022

Experts pointed out that despite having the same name, this botnet should not be confused with the Kraken botnet that was spotted in 2008. Kraken is a new Golang-based botnet discovered in late October 2021 by researchers from threat intelligence firm ZeroFox Intelligence.

VPN

VPN Cryptocurrency Hacking Cybercrime

CVE-2019-1132 Windows Zero-Day exploited by Buhtrap Group in government attack

Security Affairs

JULY 11, 2019

The second one, tracked as CVE-2019.0880, affects Windows 7 and Server 2008. The first vulnerability, tracked as CVE-2019-1132, affects the Win32k component and could be exploited to run arbitrary code in kernel mode. The issue resides in the way splwow64 (Thunking Spooler APIs) handles certain calls.

Government

Government Advertising Passwords Banking

FBI: Operation ‘Duck Hunt’ dismantled the Qakbot botnet

Security Affairs

AUGUST 30, 2023

’ Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. The FBI announced that the Qakbot botnet has been dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’

Malware

Malware Manufacturing Data breaches Cyber threats

Avast released a free decryptor for the Windows version of the Akira ransomware

Security Affairs

JULY 1, 2023

Files are encrypted by Chacha 2008 ( D. . “During the run, the ransomware generates a symmetric encryption key using CryptGenRandom() , which is the random number generator implemented by Windows CryptoAPI. Bernstein’s implementation ).” ” reads the report published by Avast.

Ransomware

Ransomware Encryption Malware Hacking

New QBot campaign delivered hijacking business correspondence

Security Affairs

APRIL 17, 2023

QBot has been active since 2008, it is used by threat actors for collecting browsing data and banking credentials, and other financial information from the victims. Kaspersky researchers warn of a new QBot campaign leveraging hijacked business emails to deliver malware.

Malware

Malware Education Banking Media

Dancho Danchev’s Testimony on “How Facebook Today’s Meta Failed To Protect Its Users and React To The Koobface Botnet And What We Should Do About It?”

Security Boulevard

JANUARY 16, 2025

I'm a 41 years old security blogger cybercrime researcher OSINT analyst and threat intelligence analyst from Bulgaria. Acknowledgement from someone in the field for my Koobface Gang research from 2008 to 2013. A cybersecurity expert who has navigated the complex and often murky waters of the information security industry.

Education

Education Technology Cybersecurity Information Security

Indicators of compromise (IOCs): how we collect and use them

SecureList

DECEMBER 2, 2022

Usually after the phrase there are MD5 hashes [1] , IP addresses and other technical data that should help information security specialists to counter a specific threat. We have been doing so since 2008, benefiting from Kaspersky’s decades of cyberthreat data management, and unrivaled technologies.

Cyber threats

Cyber threats DNS Data collection Engineering

Growing Cyber Threats to the Energy and Industrial Sectors

NopSec

DECEMBER 7, 2016

SCADA Access As A Service (SAaaS) Cybercrime is a business. It gives the example of Hacking Team, based in Italy, and Vupen Security, based in France. According to the information security giants, there is one known criminal that uses the handle of Bonito, and has been identified as selling access to SCADA systems.

Cyber threats

Cyber threats Ransomware Cyber Attacks Government

The Hacker Mind Podcast: The Fog of Cyber War

ForAllSecure

JULY 6, 2022

Mikko Hypponen joins The Hacker Mind to discuss cybercrime unicorns, the fog of cyber war that surrounds the Ukrainian war with its much larger neighbor, and of course Mikko’s new book, If it’s Smart, it’s Vulnerable. Vamosi: The slogan of the RSA Conference is “Where the World Talks Security,” and, in general.

Cybercrime

Cybercrime Government Ransomware Hacking

Why Were the Russians So Set Against This Hacker Being Extradited?

Krebs on Security

NOVEMBER 18, 2019

Burkov calls himself a specialist in information security and denies having committed the crimes for which he’s been charged. A screen shot from the Mazafaka cybercrime forum, circa 2011. K0pa also was a top staff member at Verified , among the oldest and most venerated of Russian language cybercrime forums.

Cybercrime

Cybercrime Government Hacking Banking

Cyber Security Informer

Russian authorities arrested the kingpin of cybercrime Infraud Organization

PLAYFULGHOST backdoor supports multiple information stealing features

Webinars

Trending Sources

Who and What is Behind the Malware Proxy Service SocksEscort?

Webinars

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Qakbot is back and targets the Hospitality industry

Black Basta ransomware operators leverage QBot for lateral movements

Qakbot operations continue to evolve to avoid detection

QakBot threat actors are still operational after the August takedown

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs newsletter Round 291

New Kraken botnet is allowing operators to earn USD 3,000 every month

CVE-2019-1132 Windows Zero-Day exploited by Buhtrap Group in government attack

FBI: Operation ‘Duck Hunt’ dismantled the Qakbot botnet

Avast released a free decryptor for the Windows version of the Akira ransomware

New QBot campaign delivered hijacking business correspondence

Dancho Danchev’s Testimony on “How Facebook Today’s Meta Failed To Protect Its Users and React To The Koobface Botnet And What We Should Do About It?”

Indicators of compromise (IOCs): how we collect and use them

Growing Cyber Threats to the Energy and Industrial Sectors

The Hacker Mind Podcast: The Fog of Cyber War

Why Were the Russians So Set Against This Hacker Being Extradited?

Stay Connected