Krebs on Security

JULY 20, 2021

A federal judge in Connecticut today handed down a sentence of time served to spam kingpin Peter “Severa” Levashov , a prolific purveyor of malicious and junk email, and the creator of malware strains that infected millions of Microsoft computers globally. The government argued that under U.S.

Antivirus 299

Antivirus Cybercrime Identity Theft Scams 299

Security Affairs

NOVEMBER 15, 2021

I launched Security Affairs for passion in 2011 and millions of readers walked with me. Over the past decade, I have recovered tens of thousand stories focusing mainly on cybercrime, information warfare, hacktivism and computer security.

Cybercrime 100

Cybercrime Hacking Cybersecurity Data breaches 100

Security Affairs

MAY 30, 2024

Since 2011, Wang and his co-conspirators had been distributing malware through malicious VPN applications, including MaskVPN, DewVPN, PaladinVPN, ProxyGate, ShieldVPN, and ShineVPN. The law enforcement also arrested its administrator, the 35-year-old Chinese national YunHe Wang, in Singapore. based online service providers.

VPN 98

VPN Cryptocurrency Malware Software 98

Security Affairs

JANUARY 28, 2023

The recent Hive infrastructure takedown as well as other major gangs dissolution such as Conti in 2022, is making room in the cybercrime business The Lockbit locker leaked a few months ago in the underground, is increasing its popularity and adoption among micro-criminal actors.

Penetration Testing 93

Penetration Testing Ransomware Firewall Social Engineering 93

Security Affairs

MAY 23, 2020

The source code of the Zeus Trojan is available in the cybercrime underground since 2011 allowing crooks to develop their own release since. Experts found multiple variants in the wild, many of them belonging to the Terdot Zbot/Zloader malware family. The malware is able to infect all operating systems.

Banking 141

Banking Advertising Malware Cybercrime 141

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Image: treasury.gov.

Ransomware 239

Ransomware Cybercrime Accountability Malware 239

Security Boulevard

NOVEMBER 2, 2022

Dear blog readers, Do you know a lot about information security cybercrime research OSINT and threat intelligence gathering including cyber threat actors research? Intelligence Community and Law Enforcement agencies and organizations? Intelligence Community and Law Enforcement agencies and organizations?

Cybercrime 52

Cybercrime InfoSec Cyber threats Accountability 52

Security Affairs

DECEMBER 7, 2021

The blockchain-enabled botnet has been active since at least 2011, researchers estimate that the Glupteba botnet is currently composed of more than 1 million Windows PCs around the world. Botnet operators use to spread the malware via cracked or pirated software and pay-per-install (PPI) schemes.

Backups 120

Backups Advertising Accountability Malware 120

Identity IQ

FEBRUARY 8, 2024

But the dark web is also associated with illegal activities including the trafficking of drugs, weapons, and illegal pornography, hacking and cybercrime, terrorism, and the sale of stolen data or personal information. The hidden service gained traction in 2011 and then hit the mainstream when a Gawker article about the site was published.

Identity Theft 98

Identity Theft Cryptocurrency Government Engineering 98

Security Affairs

OCTOBER 19, 2020

The authorities reported that since 2011, 7 million Bitcoin went into the BTC-e exchange and 5.5 SecurityAffairs – hacking, cybercrime). In 2017, Greek Police arrested the Russian national Alexander Vinnik and they accused the man of running the BTC-e Bitcoin exchange to launder more than US$4bn worth of the cryptocurrency.

Advertising 126

Advertising Cybercrime Hacking Cryptocurrency 126

Security Affairs

DECEMBER 19, 2022

The blockchain-enabled botnet has been active since at least 2011, researchers estimated that the Glupteba botnet was composed of more than 1 million Windows PCs around the world as of December 2021. Botnet operators use to spread the malware via cracked or pirated software and pay-per-install (PPI) schemes.

DNS 104

DNS Antivirus Cryptocurrency Software 104

Krebs on Security

DECEMBER 16, 2019

Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “ Evil Corp ” and stole roughly $100 million from businesses and consumers. According to the U.S.

Cybercrime 224

Cybercrime Banking Small Business Accountability 224

Security Affairs

AUGUST 6, 2023

CDHE provides free access to the identify theft monitoring Experian IdentityWorks SM for 24 months. At the time of this writing, no ransomware group has claimed responsibility for the security breach.

Education 88

Education Data breaches Ransomware Hacking 88

The Last Watchdog

JUNE 21, 2020

Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. Forward outlook Ransomware is a dynamic and increasingly hybrid segment of cybercrime.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

OCTOBER 16, 2021

FinCEN analyzed a data set composed of 2,184 SARs filed between 1 January 2011 and 30 June 2021 and identified 177 CVC (convertible virtual currency) wallets addresses that were used in ransomware operations associated with the above ransomware variants.

Ransomware 117

Ransomware Cryptocurrency Hacking Cybercrime 117

SecureList

SEPTEMBER 28, 2022

Prilex is a Brazilian threat actor that has evolved out of ATM-focused malware into modular point-of-sale malware. Active since 2014, in 2016, the group decided to give up ATM malware and focus all of their attacks on PoS systems, targeting the core of the payment industry. Evolving into PoS malware.

Malware 113

Malware Banking Software Encryption 113

eSecurity Planet

SEPTEMBER 14, 2022

Cybercrime is a growth industry like no other. Malware like SharkBot can record your keystrokes and browser cookies to steal logins, ransomware can block access to data until victims pay the hackers their requested fee, hijack Internet browsers, and so much more. In 2021 alone, IC3 received 847,376 complaints which amounted to $6.9

Social Engineering 120

Social Engineering Energy and Utilities Phishing Scams 120

Krebs on Security

JULY 28, 2022

According to the cyber intelligence company Intel 471 , a user named Acidut with the email address iulyan87_4u@gmail.com had an active presence on almost a dozen shadowy money-making and cybercrime forums from 2010 to 2017, including BlackHatWorld , Carder[.]pro 1, 2021: 15-Year-Old Malware Proxy Network VIP72 Goes Dark.

Advertising 220

Advertising Software Computers and Electronics Internet 220

Security Affairs

AUGUST 8, 2018

Ramnit is one of the most popular banking malware families in existence today, it was first spotted in 2010 as a worm, in 2011, its authors improved it starting from the leaked Zeus source code turning the malware into a banking Trojan. Malware actor publishes the address of the Bot-A in DNS (or using any other public channel).

Malware 49

Malware DNS Encryption Banking 49

Krebs on Security

OCTOBER 1, 2019

A Slovenian man convicted of authoring the destructive and once-prolific Mariposa botnet and running the infamous Darkode cybercrime forum has been arrested in Germany on request from prosecutors in the United States, who’ve recently re-indicted him on related charges. issued international arrest warrant for his extradition.

Cybercrime 39

Cybercrime Malware Antivirus Banking 39

Security Affairs

DECEMBER 8, 2020

The French court acquitted Vinnik of charges of extortion and association with a cybercrime organization. The authorities reported that since 2011, 7 million Bitcoin went into the BTC-e exchange and 5.5 million withdrawn.

Cryptocurrency 100

Cryptocurrency Hacking Ransomware Cybercrime 100

Security Affairs

SEPTEMBER 2, 2018

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware 41

Spyware Banking Data breaches Mobile 41

Security Affairs

MARCH 14, 2023

Indicators of Compromise and Yara Rules are available in the original post published by Luca Mella [link] About the author: Luca Mella , Cyber Security Expert, Response & Threat Intel | Manager In 2019, Luca was mentioned as one of the “32 Influential Malware Research Professionals”.

Ransomware 86

Ransomware Software System Administration Encryption 86

Krebs on Security

DECEMBER 14, 2023

The malware used in the Target breach included the text string “ Rescator ,” which also was the handle chosen by the cybercriminal who was selling all of the cards stolen from Target customers. For starters, the text string “Rescator” was found in some of the malware used in the Target breach.

Cybercrime 227

Cybercrime Accountability Advertising Computers and Electronics 227

Krebs on Security

JULY 16, 2019

For at least the past decade, a computer crook variously known as “ Yalishanda ,” “ Downlow ” and “ Stas_vl ” has run one of the most popular “bulletproof” Web hosting services catering to a vast array of phishing sites, cybercrime forums and malware download servers.

Cybercrime 183

Cybercrime Phishing Banking Malware 183

Security Affairs

MARCH 27, 2023

A technical analysis of NullMixer malware operation revealed Italy and France are the favorite European countries from the attackers’ perspective. Executive Summary Our insights into a recent NullMixer malware operation revealed Italy and France are the favorite European countries from the opportunistic attackers’ perspective.

Malware 87

Malware Social Engineering Encryption Marketing 87

Security Affairs

OCTOBER 3, 2023

On August 2023, the security researcher 0xToxin documented an infection chain leveraging AutoIT scripts to deliver the DarkGate malware, a particular stealer supporting also HVNC and HAnyDesk, and the C2 he decoded was using the same hostname too. This hostname connection is particularly heterogeneous, but it technically makes sense.

Scams 129

Scams Ransomware System Administration Malware 129

Malwarebytes

JULY 21, 2021

In the context of cybercrime though, ZeuS (aka the Zbot Trojan) is a once-prolific malware that could easily be described as one of a handful of information stealers ahead of its time. Collectively, this malware and its variants infected millions of systems and stole billions of dollars worldwide. was leaked. Is ZeuS dead?

Banking 125

Banking Malware Encryption Accountability 125

Security Affairs

NOVEMBER 15, 2022

I launched Security Affairs for passion in November 2011 and since then the blog was visited by tens of millions of readers. Happy BirthDay Security Affairs! Eleven years together! Eleven years ago I decided to launch Security Affairs, a blog that is considered today one of the most valuable sources of the cybersecurity industry.

Cybersecurity 96

Cybersecurity Government Hacking Data breaches 96

Security Affairs

MAY 8, 2020

Malware delivery: what’s on the menu? H2 2019 has proved the tendency of past several years: mail remains the main method of delivering ransomware, spyware, backdoors and other malware, being used by cyber crooks in 94 percent of cases.

Phishing 57

Phishing Spyware Banking Malware 57

SecureList

APRIL 27, 2021

In our initial report on Sunburst , we examined the method used by the malware to communicate with its C2 (command-and-control) server and the protocol used to upgrade victims for further exploitation. This campaign made use of a previously unknown malware family we dubbed FourteenHi.

Malware 143

Malware Spyware Government Social Engineering 143

eSecurity Planet

NOVEMBER 2, 2022

If you’ve used a computer for more than 5 minutes, you probably know a thing or two about computer viruses and malware. On the modern Internet, malware is a near-constant presence. Though often conflated with one another, malware and computer viruses aren’t necessarily the same thing. Looking to Protect Yourself Against Malware?

Malware 140

Malware Ransomware Antivirus Internet 140

Fox IT

JUNE 23, 2020

Evil Corp were previously associated to the Dridex malware and BitPaymer ransomware, the latter came to prominence in the first half of 2017. Business associations are fairly fluid in organised cybercrime groups, Partnerships and affiliations are formed and dissolved much more frequently than in nation state sponsored groups, for example.

Ransomware 45

Ransomware Encryption Malware Architecture 45

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

Krebs on Security

FEBRUARY 26, 2019

Sergei Mikhailov , formerly deputy chief of Russia’s top anti-cybercrime unit, was sentenced today to 22 years in prison. In 2013, Vrublevsky was convicted of hiring his most-trusted spammer and malware writer to launch a crippling distributed denial-of-service (DDoS) attack against one of his company’s chief competitors.

Cybersecurity 223

Cybersecurity Cybercrime Media Antivirus 223

SecureWorld News

NOVEMBER 4, 2021

Their cyber methods include such things as malware insertions, such as MUD-ing, wiper attacks, like the Shamoon virus. The evolution of Iran's cybercrime objectives. Notably, our research did not reveal new evidence of the threat actor's adoption of malware in its campaigns. And this face-off continues: "The U.S. and Israel.

Social Engineering 83

Social Engineering Government DDOS Engineering 83

Krebs on Security

JUNE 27, 2020

Vovnenko also served as administrator of his own cybercrime forum, which he used in 2013 to carry out a plan to have Yours Truly framed for heroin possession. The Justice Department says Yakubets/aqua ran a transnational cybercrime organization called “Evil Corp.” that stole roughly $100 million from victims. Aqua, a.k.a.

Cybercrime 324

Cybercrime Banking Government Accountability 324