2009, Cybercrime and Passwords - Cyber Security Informer

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Krebs on Security

DECEMBER 16, 2019

Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “ Evil Corp ” and stole roughly $100 million from businesses and consumers. LOW FRIENDS IN HIGH PLACES.

Cybercrime

Cybercrime Banking Small Business Accountability

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

One of Megatraffer’s ads on an English-language cybercrime forum. Megatraffer has continued to offer their code-signing services across more than a half-dozen other Russian-language cybercrime forums, mostly in the form of sporadically available EV and non-EV code-signing certificates from major vendors like Thawte and Comodo.

Malware

Malware Cybercrime Software Accountability

RockYou2024 compilation containing 10 billion passwords was leaked online

Security Affairs

JULY 8, 2024

Threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The Cybernews researchers reported that threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. billion passwords from various internet data leaks. RockYou2021 had 8.4

Passwords

Passwords Data breaches Hacking Accountability

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. biz , a long-running crypting service that is trusted by some of the biggest names in cybercrime.

Malware

Malware Antivirus Cybercrime Hacking

RockYou2024: The Largest Password Compilation (10 Billion) Ever Leaked

SecureWorld News

JULY 8, 2024

Case in point: a colossal password compilation dubbed "RockYou2024" has emerged, containing nearly 10 billion unique passwords. The name "RockYou2024" pays homage to the infamous RockYou data breach of 2009, which exposed 32 million passwords due to insecure storage practices.

Passwords

Passwords Password Management Education Accountability

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Krebs on Security

JUNE 29, 2023

Kislitsin is accused of hacking into the now-defunct social networking site Formspring in 2012, and conspiring with another Russian man convicted of stealing tens of millions of usernames and passwords from LinkedIn and Dropbox that same year. A 2009 census found that Russians make up about 24 percent of the population of Kazakhstan.

Cybersecurity

Cybersecurity Cybercrime Hacking Government

Who’s Behind the GandCrab Ransomware?

Krebs on Security

JULY 8, 2019

“In one year, people who worked with us have earned over US $2 billion,” read the farewell post by the eponymous GandCrab identity on the cybercrime forum Exploit[.]in That email address and nickname had been used since 2009 to register multiple identities on more than a half dozen cybercrime forums. Vpn-service[.]us

Ransomware

Ransomware Accountability Cybercrime Passwords

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort began in 2009 as “ super-socks[.]com SocksEscort began in 2009 as “ super-socks[.]com

Malware

Malware VPN Internet Internet

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime

Cybercrime Banking Computers and Electronics DDOS

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

Krebs on Security

NOVEMBER 15, 2022

Wanted Ukrainian cybercrime suspect Vyacheslav “Tank” Penchukov (right) was arrested in Geneva, Switzerland. Ultimately, Penchukov’s political connections helped him evade prosecution by Ukrainian cybercrime investigators for many years. This was enough to positively identify Tank as Penchukov, Warner said.

Banking

Banking Small Business Accountability Malware

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are also massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source. An ad for war.md, circa 2009.

DDOS

DDOS Internet Internet Government

US and UK sanctioned seven Russian members of Trickbot gang

Security Affairs

FEBRUARY 9, 2023

“Today, the United States, in coordination with the United Kingdom, is designating seven individuals who are part of the Russia-based cybercrime gang Trickbot.” The operation aimed at disrupting Russian cybercrime and ransomware. ” reads the press release published by the US Treasury. and allies and partners.

Banking

Banking Ransomware Cybercrime Malware

China-linked APT10 Target Taiwan’s financial trading industry

Security Affairs

FEBRUARY 22, 2022

The group (also known as Cicada, Stone Panda , MenuPass group, Bronze Riverside, and Cloud Hopper ) has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide. .”

Technology

Technology Hacking Passwords Software

Telehealth: A New Frontier in Medicine—and Security

SecureList

FEBRUARY 1, 2022

Number of data leaks from medical organizations, 2009–2020. When registering for telehealth services, always use a strong password; however securely the service stores data, a simple password can allow an attacker to gain access to it. The HIPAA Journal , which is focused on leaks in the U.S. Source: HIPAA Journal.

Phishing

Phishing Healthcare IoT Authentication

IRISSCON 2022 roundup: a new hope

BH Consulting

NOVEMBER 15, 2022

Detective Inspector Gerard Doyle of the Garda Siochana National Cybercrime Bureau urged victims not to pay the ransom. Passwords – and people’s tendency to reuse them – aren’t keeping people secure enough. Passwords are effectively a house key. Our position is, you shouldn’t pay a ransom. Detective Inspector Gerard Doyle.

Social Engineering

Social Engineering Insurance CISO Ransomware

Financial cyberthreats in 2021

SecureList

FEBRUARY 23, 2022

SpyEye, developed in 2009 and described as a “bank Trojan with a form grabbing capability”, surged from the eighth most common banking malware tool with a 3.4% Phishing is one of the most prevalent forms of cybercrime due to minimal effort required and the fact that it really works. Financial Phishing.

Banking

Banking Phishing Cryptocurrency Malware

Who is the Network Access Broker ‘Wazawaka?’

Krebs on Security

JANUARY 11, 2022

This post examines some of the clues left behind by “ Wazawaka ,” the hacker handle chosen by a major access broker in the Russian-speaking cybercrime scene. Wazawaka has been a highly active member of multiple cybercrime forums over the past decade, but his favorite is the Russian-language community Exploit.

DDOS

DDOS Accountability Cybercrime Ransomware

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. Krebs wrote for The Washington Post between 1995 and 2009 before launching his current blog KrebsOnSecurity.com. Enable 2FA and get a password manager. Brian Krebs | @briankrebs.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime

Cybercrime Computers and Electronics Banking Hacking

Cyber Security Informer

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Trending Sources

RockYou2024 compilation containing 10 billion passwords was leaked online

Why Malware Crypting Services Deserve More Scrutiny

RockYou2024: The Largest Password Compilation (10 Billion) Ever Leaked

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Who’s Behind the GandCrab Ransomware?

Who and What is Behind the Malware Proxy Service SocksEscort?

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

Stark Industries Solutions: An Iron Hammer in the Cloud

US and UK sanctioned seven Russian members of Trickbot gang

China-linked APT10 Target Taiwan’s financial trading industry

Telehealth: A New Frontier in Medicine—and Security

IRISSCON 2022 roundup: a new hope

Financial cyberthreats in 2021

Who is the Network Access Broker ‘Wazawaka?’

Top Cybersecurity Accounts to Follow on Twitter

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Stay Connected