Krebs on Security

JUNE 28, 2022

AWMproxy, the storefront for renting access to infected PCs, circa 2011. Launched in March 2008, AWM Proxy quickly became the largest service for crooks seeking to route their malicious Web traffic through compromised devices. An example of a cracked software download site distributing Glupteba. Image: Google.com.

Passwords 300

Passwords Malware Internet Internet 300

Krebs on Security

MARCH 23, 2020

Searching the Internet for some of these Web listing domains mentioned in the company’s Twitter account brings up a series of press releases once issued on behalf of the company. Cached versions of this site from 2011 show it naming Web Listings Inc. as a business partner. That same management@helpmego.to

Scams 295

Scams Marketing Internet Internet 295

Krebs on Security

AUGUST 4, 2023

” Indeed, KrebsOnSecurity first covered RLO-based phishing attacks back in 2011 , and even then it wasn’t a new trick. . “When the same email is sent through Mimecast, Mimecast is smart enough to detect the encoding and it renames the attachment to ‘ fdp.eml.’

Phishing 239

Phishing Scams Computers and Electronics Software 239

Krebs on Security

APRIL 18, 2023

That document indicates the Liberty Reserve account claimed by MrMurza/AccessApproved — U1018928 — was assigned in 2011 to a “ Vadim Panov ” who used the email address lesstroy@mgn.ru. PANOV Constella Intelligence , a threat intelligence firm that tracks breached databases, says lesstroy@mgn.ru

Malware 290

Malware Passwords Accountability Advertising 290

Krebs on Security

JUNE 21, 2023

has been associated with the user Kerens on the Russian hacking forum Exploit from 2011 to the present day. The very first post by Kerens on Exploit in 2011 was a negative review of a popular crypting service that predated Cryptor[.]biz .” Meanwhile, the Jabber address masscrypt@exploit.im

Malware 269

Malware Antivirus Cybercrime Hacking 269

Krebs on Security

JULY 16, 2019

Here’s a snippet from one of Yalishanda’s advertisements to a cybercrime forum in 2011, when he was running a bulletproof service under the domain real-hosting[.]biz: The one or two domain names registered to Aleksandr Volosovyk and that mail.ru The nickname Yalishanda means “Alexander” in Mandarin (????).

Cybercrime 215

Cybercrime Phishing Banking Malware 215

Krebs on Security

FEBRUARY 9, 2022

Debuting in 2011, Ferum Shop is one of the oldest observed dark web marketplaces selling “card not present” data (customer payment records stolen from hacked online merchants), according to Gemini. . “Unless those shops were somehow selling data on Russian cardholders, which they weren’t.”

Cybercrime 295

Cybercrime Marketing Identity Theft Retail 295