Remove 2011 Remove Cybercrime Remove System Administration
article thumbnail

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Dmitry Yuryevich Khoroshev.

article thumbnail

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Security Affairs

Our investigation revealed that this remote endpoint is associated with criminal activities dating back to 2019, indicating that these hosts were likely under the control of the same technical administration. He is a former member of the ANeSeC CTF team, one of the firsts Italian cyber wargame teams born back in 2011.

Scams 145
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Dissecting the malicious arsenal of the Makop ransomware gang

Security Affairs

The tool is basically a search engine for local and network shared files inside a Windows environment: unlike the default Windows search, it is designed to locate files and folders by filename instantly, speeding up system information discovery. Its name is YDArk and it is an open-source tool available even on GitHub ( link ).

article thumbnail

Updates from the MaaS: new threats delivered through NullMixer

Security Affairs

The Originating Malvertising Campaign According to CTI investigation on the adversary infrastructure, we were able to identify an ongoing campaign luring system administrators to install the malicious code into their machines. He is a former member of the ANeSeC CTF team, one of the firsts Italian cyber wargame teams born back in 2011.

Malware 98