2012, Cybercrime and Information Security

Hacker deposited $1M in a popular cybercrime marketplace to buy zero-day exploits

Security Affairs

JULY 8, 2021

Bitcoins on one of the cybercrime forums, he aims at purchasing zero-day exploits from other forum members. Bitcoins on one of the cybercrime forums with the intent to purchase zero-day Exploits from other forum members, researchers from threat intelligence firm Cyble. SecurityAffairs – hacking, cybercrime).

Cybercrime

Cybercrime Malware Hacking Information Security

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces.

Hacking

Hacking Cybercrime Data breaches Advertising

Tank, the leader of the Zeus cybercrime gang, was arrested by the Swiss police

Security Affairs

NOVEMBER 17, 2022

A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last month arrested in Geneva Vyacheslav Igorevich Penchukov (40), also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. Pierluigi Paganini.

Cybercrime

Cybercrime Banking Identity Theft Hacking

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Security Affairs

DECEMBER 4, 2024

Since 2012, Crimenetwork facilitated the sale of illegal goods and services, including drugs, forged documents, hacking tools, and stolen data. The operation was carried out by Public Prosecutor’s Office in Frankfurt am Main, the Central Office for Combating Cybercrime (ZIT), and the Federal Criminal Police Office (BKA).

Cybercrime

Cybercrime Cryptocurrency Hacking Internet

Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

Security Affairs

JULY 13, 2024

In October 2022, Swiss police arrested Penchukov in Geneva, also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. In 2012, Vyacheslav Igorevich Penchukov was accused of being a member of a cybercrime gang known as JabberZeus crew.

Cybercrime

Cybercrime Banking Malware Hacking

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

On October 2022, Swiss police arrested Penchukov in Geneva, also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. In 2012, the Ukrainian national Vyacheslav Igorevich Penchukov was accused of being a member of a cybercrime gang known as JabberZeus crew.

Malware

Malware Cybercrime Banking Hacking

A new variant of Cicada ransomware targets VMware ESXi systems

Security Affairs

SEPTEMBER 2, 2024

Cicada 3301 is the name given to three sets of puzzles posted under the name “3301” online between 2012 and 2014. The first puzzle started on January 4, 2012, on 4chan and ran for nearly a month. Since June, the operators behind Cicada3301 have started recruiting affiliates on the RAMP cybercrime forum.

Ransomware

Ransomware Encryption Malware Cybercrime

Don’t trust links with known domains: BMW affected by redirect vulnerability

Security Affairs

JANUARY 3, 2024

When the victim clicks on a link that appears to be legitimate, they’re redirected to the attacker’s website, where malicious JavaScript is executed in the client’s browser or where they are prompted to enter sensitive information. All attackers need to do is modify the URL value to redirect to a malicious site.

Phishing

Phishing Manufacturing Firewall Cybercrime

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. Forward outlook Ransomware is a dynamic and increasingly hybrid segment of cybercrime. David Balaban is a computer security researcher with over 17 years of experience in malware analysis and antivirus software evaluation.

Ransomware

Ransomware Hacking Encryption Penetration Testing

DeathStalker cyber-mercenary group targets the financial sector

Security Affairs

AUGUST 26, 2020

A hack-for-hire group, tracked as DeathStalker, has been targeting organizations in the financial sector since 2012 Kaspersky researchers say. DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012.

Malware

Malware Hacking Advertising Cybercrime

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Security Affairs

JUNE 9, 2023

The BTC-e virtual currency is popular in the cybercrime underground because it was used by crooks to launder funds for illegal activities. In accordance with these requests, between in or about March 2012 and in or about April 2013, the New York Bitcoin Broker allegedly transferred more than approximately $6.6 ” reads the DoJ.

Hacking

Hacking Cryptocurrency Advertising Banking

Microsoft disrupted US-Based Infrastructure of the Necurs botnet

Security Affairs

MARCH 10, 2020

Necurs botnet is one of the largest spam botnet , it has been active since at least 2012 and was involved in massive campaigns spreading malware such as the Locky ransomware , the Scarab ransomware , and the Dridex banking Trojan. The Necurs botnet is active since at least 2012, it is operated by the cybercrime gang tracked as TA505.

Advertising

Advertising Malware Cybercrime Government

DoJ announced to have shut down Slilpp marketplace in international operation

Security Affairs

JUNE 11, 2021

The US Department of Justice seized the servers and domains of the popular cybercrime marketplace SlilPP. In the past, law enforcement shut down other cybercrime marketplace focused on the sale of login credentials, such as xDedic and DEER.IO. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Cybercrime

Cybercrime Accountability Retail Cyber threats

The Financial Dynamics Behind Ransomware Attacks

Security Affairs

JUNE 18, 2024

Over the last few years, ransomware attacks have become one of the most prevalent and expensive forms of cybercrime. RaaS : Mirroring the Legitimate SaaS Models In mid-2012, the ransomware ecosystem evolved with the introduction of Reveton , the first Ransomware-as-a-Service (RaaS). She is also a regular writer at Bora.

Ransomware

Ransomware Cryptocurrency Insurance Cybercrime

Belarusian authorities seized XakFor, one of the largest Russian-speaking hacker sites

Security Affairs

SEPTEMBER 8, 2019

XakFor has been active since 2012, most of its visitors were Russian-speaking hackers and crooks. The news was first reported by the Belarusian news outlet Reformation. “As a result, the Ministry of Internal Affairs and the IC joint efforts were able to close the site.”

Advertising

Advertising Malware Cybercrime Hacking

Pakistani man sentenced to 12 years of prison for his role in AT&T hacking scheme

Security Affairs

SEPTEMBER 19, 2021

Fahd was the mind behind a criminal scheme that begun in 2012 and that caused more than $200 million in losses to the company, according to DoJ, he continued his activity even after he became aware that law enforcement was investigating. ” reads the press release published by DoJ.

Hacking

Hacking Malware Cybercrime Information Security

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Security Affairs

NOVEMBER 22, 2019

Lisov operated the infrastructure behind the NeverQuest malware between June 2012 and January 2015, the managed a network of servers containing lists of millions of stolen login credentials.

Banking

Banking Malware Advertising Passwords

Experts warn of a surge in zero-day flaws observed and exploited in 2021

Security Affairs

APRIL 25, 2022

Mandiant states that From 2012 to 2021, China exploited more zero-days than any other nation. From 2012 to 2021, China-linked threat actors exploited more zero-days than any other nation-state actors. Most of the zero-days discovered by the company were exploited by nation-state APT groups. ” concludes the report.”The

Ransomware

Ransomware Hacking Software Risk

Law enforcement seized the website selling the NetWire RAT and arrested a Croatian man

Security Affairs

MARCH 10, 2023

The NetWire Remote Access Trojan (RAT) is available for sale on cybercrime forums since 2012, it allows operators to steal sensitive data from the infected systems. DomainTools further shows this email address was used to register one other domain in 2012: wwlabshosting[.]com, ” reads the press release published DoJ.

Malware

Malware Cybercrime Data breaches Internet

A study on malicious plugins in WordPress Marketplaces

Security Affairs

AUGUST 30, 2022

The experts studied the evolution of CMS plugins in the production web servers dating back to 2012, to do this they developed an automated framework named YODA to detect malicious plugins. The number of malicious plugins on WordPress websites has increased over the years, and malicious activity reached a peak in March 2020.

Backups

Backups Malware Technology Hacking

Lockbit ransomware gang claims to have breached the Italian Revenue Agency

Security Affairs

JULY 25, 2022

“From 1 December 2012 the Revenue Agency incorporated the Territory Agency (article 23-quater of Legislative Decree 95/2012).” The bodies of the Agency are made up of the Director, the Management Committee, the Board of Auditors.” ” reads the message published on the leak site.

Ransomware

Ransomware Government Scams Hacking

Russian national sentenced to 40 months for selling stolen data on the dark web

Security Affairs

AUGUST 16, 2024

The marketplace had been active since 2012, it was allowing sellers to offer stolen login credentials, including usernames and passwords for bank accounts, online payment accounts, mobile phone accounts, retailer accounts, and other online accounts.

Banking

Banking Accountability Retail Mobile

The Dark Web Has Nothing on Data Brokers

Daniel Miessler

FEBRUARY 1, 2020

And some people really go there to steal identities, buy things in your name, and all those cybercrime things you’ve heard about. But for me, and most of the other security professionals I know, the Dark Web is insignificant compared to its corporate counterparts. And sure—the Dark Web can be…well, dark.

Advertising

Advertising InfoSec Password Management Education

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

Security Affairs

JULY 11, 2024

An attacker can exploit the flaw to bypass protections for a previous vulnerability, CVE-2012-1823, using specific character sequences. The issue resides in the Best-Fit feature of encoding conversion within the Windows operating system.

Malware

Malware DDOS Internet Internet

A new Adwind variant involved in attacks on US petroleum industry

Security Affairs

OCTOBER 1, 2019

The Adwind RAT was first discovered early 2012, the experts dubbed it Frutas RAT and later it was identified with other names, Unrecom RAT (February 2014), AlienSpy (October 2014), and recently JSocket RAT (June 2015).

Malware

Malware Advertising DDOS Cybercrime

US CISA appointed Kiersten Todt as new chief of staff

Security Affairs

SEPTEMBER 14, 2021

Between 2012 and 2016 she served as president and managing partner at cyber consulting firm Liberty Group Ventures. .” reads CISA’s announcement. Todt has been directing the Cyber Readiness Institute (CRI), a non-profit focused on developing cybersecurity tools for small businesses.

Small Business

Small Business Government Cybersecurity Hacking

New Version of Meduza Stealer Released in Dark Web

Security Affairs

DECEMBER 29, 2023

Presently, Meduza password stealer supports Windows Server 2012/2016/2019/2022 and Windows 10/11. Atom, Comodo Dragon, Torch, Comodo, Slimjet, 360Browser, 360 Secure Browser, Maxthon3, Maxthon5, Maxthon, QQBrowser, K-Meleon, Xpom, Lenovo Browser, Xvast, Go!

Password Management

Password Management Cryptocurrency Passwords Authentication

After ChatGPT, Anonymous Sudan took down the Cloudflare website

Security Affairs

NOVEMBER 10, 2023

Skynet was first discovered in 2012 and has since grown to become one of the largest botnets in the world. This week the group hit OpenAI, which confirmed that the outage suffered by ChatGPT and its API on Wednesday was caused by a distributed denial-of-service (DDoS) attack.

DDOS

DDOS Cryptocurrency Accountability Media

New Cyber Attack Campaign Leverages the COVID-19 Infodemic

Security Affairs

FEBRUARY 26, 2020

Figure 8: Path and file containing the sensitive information about the victim. Finally, all the loot is sent to the remote command and control hosted at 66.154.98.108, operated by “Total server solutions LLC”, an US hosting provider operating since 2012. Figure 9: C2 connection.

Cyber Attacks

Cyber Attacks Malware Social Engineering Advertising

Google provides rules to detect tens of cracked versions of Cobalt Strike

Security Affairs

NOVEMBER 21, 2022

The experts were able to locate versions of the Cobalt Strike JAR file starting with version 1.44 (which was released in 2012) up to the latest version at the time of publishing the analysis, Cobalt Strike 4.7. The researchers noticed that each Cobalt Strike version contains approximately 10 to 100 attack template binaries.

Penetration Testing

Penetration Testing Hacking Cybersecurity Cybercrime

US DoJ seizes $3.36B Bitcoin from Silk Road hacker

Security Affairs

NOVEMBER 8, 2022

“JAMES ZHONG pled guilty to committing wire fraud in September 2012 when he unlawfully obtained over 50,000 Bitcoin from the Silk Road dark web internet marketplace. The man funded nine fraudulent accounts with an initial deposit of 200 to 2,000 bitcoin and then triggered 140 withdrawal transactions in rapid succession.

Cryptocurrency

Cryptocurrency Internet Internet Hacking

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

Security Affairs

FEBRUARY 16, 2023

Below is the list of vulnerabilities exploited by V3G4: CVE-2012-4869 : FreePBX Elastix Remote Command Execution Vulnerability Gitorious Remote Command Execution Vulnerability CVE-2014-9727 : FRITZ!Box

IoT

IoT DDOS Encryption Malware

Law enforcement agencies can extract data from thousands of cars’ infotainment systems

Security Affairs

DECEMBER 4, 2022

Recently security the security expert researcher Sam Curry warned of vulnerabilities in mobile apps that exposed Hyundai and Genesis car models after 2012 to remote attacks. Law enforcement and intelligence worldwide are buying technologies that exploit weaknesses in vehicle systems.

Surveillance

Surveillance Technology Mobile Hacking

Security Affairs newsletter Round 355

Security Affairs

FEBRUARY 28, 2022

Researchers shared technical details of NSA Equation Group’s Bvp47 backdoor Sophos linked Entropy ransomware to Dridex malware. Are both linked to Evil Corp? worth of NFTs from tens of OpenSea users Trickbot operation is now controlled by Conti ransomware.

Ransomware

Ransomware Malware Encryption Phishing

Growing Cyber Threats to the Energy and Industrial Sectors

NopSec

DECEMBER 7, 2016

Remember Shamoon, the malware that disabled some 35,000 computers at one of the world’s largest oil companies in 2012? SCADA Access As A Service (SAaaS) Cybercrime is a business. It gives the example of Hacking Team, based in Italy, and Vupen Security, based in France. One is called SCADA Access as a Service, or SAaaS.

Cyber threats

Cyber threats Ransomware Cyber Attacks Manufacturing

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. .” A copy of pictrace[.]com

Hacking

Hacking Accountability Data breaches Marketing

Herjavec Group is Recognized by Cyber Defence Black Unicorn Awards

Herjavec Group

AUGUST 2, 2021

Herjavec Group’s award-winning Managed Security Services Practice defends global, enterprise-level organizations from increasingly sophisticated, targeted cybercrime threats. He has over 30 years of experience in information security and has established himself as a leading voice in business and cybersecurity.

InfoSec

InfoSec Cybersecurity Computers and Electronics Technology

Cyber Security Informer

Hacker deposited $1M in a popular cybercrime marketplace to buy zero-day exploits

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Trending Sources

Tank, the leader of the Zeus cybercrime gang, was arrested by the Swiss police

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

A new variant of Cicada ransomware targets VMware ESXi systems

Don’t trust links with known domains: BMW affected by redirect vulnerability

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

DeathStalker cyber-mercenary group targets the financial sector

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Microsoft disrupted US-Based Infrastructure of the Necurs botnet

DoJ announced to have shut down Slilpp marketplace in international operation

The Financial Dynamics Behind Ransomware Attacks

Belarusian authorities seized XakFor, one of the largest Russian-speaking hacker sites

Pakistani man sentenced to 12 years of prison for his role in AT&T hacking scheme

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Experts warn of a surge in zero-day flaws observed and exploited in 2021

Law enforcement seized the website selling the NetWire RAT and arrested a Croatian man

A study on malicious plugins in WordPress Marketplaces

Lockbit ransomware gang claims to have breached the Italian Revenue Agency

Russian national sentenced to 40 months for selling stolen data on the dark web

The Dark Web Has Nothing on Data Brokers

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

A new Adwind variant involved in attacks on US petroleum industry

US CISA appointed Kiersten Todt as new chief of staff

New Version of Meduza Stealer Released in Dark Web

After ChatGPT, Anonymous Sudan took down the Cloudflare website

New Cyber Attack Campaign Leverages the COVID-19 Infodemic

Google provides rules to detect tens of cracked versions of Cobalt Strike

US DoJ seizes $3.36B Bitcoin from Silk Road hacker

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

Law enforcement agencies can extract data from thousands of cars’ infotainment systems

Security Affairs newsletter Round 355

Growing Cyber Threats to the Energy and Industrial Sectors

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Herjavec Group is Recognized by Cyber Defence Black Unicorn Awards

Stay Connected