Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Dmitry Yuryevich Khoroshev.

Ransomware 260

Ransomware Cybercrime Accountability Malware 260

Krebs on Security

APRIL 30, 2024

Finnish prosecutors quickly zeroed in on a suspect: Julius “Zeekill” Kivimäki , a notorious criminal hacker convicted of committing tens of thousands of cybercrimes before he became an adult. After being charged with the attack in October 2022, Kivimäki fled the country. Kivimäki was 15 years old at the time.

DDOS 263

DDOS Cybercrime Hacking Passwords 263

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime 231

Cybercrime Banking Computers and Electronics DDOS 231

Krebs on Security

JANUARY 10, 2024

Dellone says the crooks then used his phone number to break into his account at Coinbase and siphon roughly $100,000 worth of cryptocurrencies. Also, the New York court found that because the account in question contained a significant sum of money, it was unlikely to be abandoned or forgotten. federal court.”

Cryptocurrency 298

Cryptocurrency Government Cybercrime Accountability 298

Krebs on Security

SEPTEMBER 16, 2020

Prosecutors say the men then laundered the stolen funds through an array of intermediary cryptocurrency accounts — including compromised and fictitiously created accounts — on the targeted cryptocurrency exchange platforms. million from 158 Poloniex users, and $1.17 million from 42 Gemini customers.

Cryptocurrency 353

Cryptocurrency Phishing Accountability Cybercrime 353

Krebs on Security

MAY 4, 2021

In a world in which all databases — including hacker forums — are eventually compromised and leaked online, it can be tough for cybercriminals to maintain their anonymity if they’re in the habit of re-using the same unusual passwords across multiple accounts associated with different email addresses.

Passwords 334

Passwords Cybercrime Accountability Password Management 334

Krebs on Security

FEBRUARY 5, 2023

A notorious hacker convicted of perpetrating tens of thousands of cybercrimes, Kivimäki had been in hiding since October 2022, when he failed to show up in court and Finland issued an international warrant for his arrest. Kivimäki was ultimately convicted of orchestrating more than 50,000 cybercrimes.

Cybercrime 247

Cybercrime DDOS Hacking Accountability 247

Krebs on Security

JUNE 29, 2023

Prosecutors in Northern California indicted Kislitsin in 2014 for his alleged role in stealing account data from Formspring. Kislitsin also was indicted in Nevada in 2013, but the Nevada indictment does not name his alleged victim(s) in that case. ”

Cybersecurity 271

Cybersecurity Cybercrime Hacking Technology 271

Krebs on Security

SEPTEMBER 30, 2024

A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, the government alleges. Troy Woody Jr. In December 2022, Troy Woody Jr.

Cryptocurrency 275

Cryptocurrency Government Internet Internet 275

Krebs on Security

SEPTEMBER 26, 2024

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash , a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. A screenshot of a website reviewing PM2BTC.

Cryptocurrency 244

Cryptocurrency Cybercrime Retail Government 244

Krebs on Security

MARCH 9, 2023

A Croatian national has been arrested for allegedly operating NetWire , a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The WorldWiredLabs website, in 2013. The arrest coincided with a seizure of the NetWire sales website by the U.S.

DNS 273

DNS Cybercrime Passwords Accountability 273

Security Affairs

JUNE 9, 2023

The BTC-e virtual currency is popular in the cybercrime underground because it was used by crooks to launder funds for illegal activities. In accordance with these requests, between in or about March 2012 and in or about April 2013, the New York Bitcoin Broker allegedly transferred more than approximately $6.6 ” reads the DoJ.

Hacking 98

Hacking Cryptocurrency Advertising Banking 98

Security Affairs

JUNE 17, 2023

Polish police, as part of the international law enforcement operation PowerOFF, dismantled a DDoS-for-hire service that has been active since at least 2013. An international operation codenamed PowerOff led to the shutdown of a DDoS-for-hire service that has been active since at least 2013. user accounts, 76 thousand.

DDOS 98

DDOS Computers and Electronics Cybercrime Cryptocurrency 98

Krebs on Security

APRIL 18, 2023

.'” MRMURZA Faceless is a project from MrMurza , a particularly talkative member of more than a dozen Russian-language cybercrime forums over the past decade. MrMurza’s Faceless advertised on the Russian-language cybercrime forum ProCrd. In 2013, U.S. Image: Darkbeast/Ke-la.com.

Malware 257

Malware Passwords Accountability Advertising 257

BH Consulting

AUGUST 31, 2023

Having policies and procedures to secure social media accounts and minimise the potential for incidents can help. Recently, a client with several different social media accounts and a large team of people working on them approached BH Consulting to review its security and policies around them. More than 4.7

Media 52

Media Accountability Authentication Passwords 52

Hot for Security

JUNE 2, 2021

The DOJ claimed this illegal operation drove profits exceeding $17 million since October 2013, with a turnover of at least $1.2 The US Attorney’s Office of the Southern District of California said the accused was aware that his platform was peddling stolen and counterfeit accounts, including several icons for US-based companies.

Cybercrime 98

Cybercrime Accountability Internet Internet 98

Krebs on Security

FEBRUARY 14, 2020

In May 2013, the U.S. Justice Department seized Liberty Reserve , alleging the virtual currency service acted as a $6 billion financial hub for the cybercrime world. “We’re just getting to the point where we have received funds,” the investigator said.

Identity Theft 240

Identity Theft Government Scams Cybercrime 240

Security Affairs

OCTOBER 9, 2018

According to the FBI , the number of business email account (BEC) and email account compromise (EAC) scam incidents worldwide reached 78,000 between October 2013 and May 2018. If these passwords have been reused for corporate accounts, this may leave organizations at risk to account takeovers.”

Scams 108

Scams Accountability Hacking Passwords 108

Krebs on Security

NOVEMBER 8, 2021

” These last two nicknames correspond to accounts on several top cybercrime forums way back in 2013, where a user named “Yaroslav2468” registered using the email address yarik45@gmail.com. Prosecutors say Vasinskyi also used the monikers “ Yarik45 ,” and “ Yaroslav2468.”

Ransomware 320

Ransomware Cybercrime System Administration Passwords 320

Krebs on Security

SEPTEMBER 30, 2023

.” New York City-based cyber intelligence firm Flashpoint said the Snatch ransomware group was created in 2018, based on Truniger’s recruitment both on Russian language cybercrime forums and public Russian programming boards. was also used to register an account at the online game stalker[.]so ru account and posted as him.

Ransomware 241

Ransomware Accountability Cybercrime Backups 241

Krebs on Security

DECEMBER 3, 2021

Since the beginning of 2020, Babam has set up numerous auctions on the Russian-language cybercrime forum Exploit , mainly selling virtual private networking (VPN) credentials stolen from various companies. The username associated with that account was “ bo3dom.” All of these domains date back to between 2012 and 2013.

Ransomware 316

Ransomware Passwords Accountability Cybercrime 316

SiteLock

AUGUST 27, 2021

The same rules apply to the criminal underworld, where it’s becoming very obvious that information is the top currency – more valuable even than bank accounts and credit cards. According to Kaspersky, social networks are the top target for cybercriminals because they offer so much more than bank accounts and credit cards.

Data privacy 52

Data privacy Cybercrime Banking Marketing 52

Krebs on Security

NOVEMBER 3, 2022

In 2013, Kurittu worked on investigation involving Kivimaki’s use of the Zbot botnet, among other activities Kivimaki engaged in as a member of the hacker group Hack the Planet. A Twitter account by that name was verified by Kivimaki’s attorney as his, and through that account he denied being involved in the Vastaamo extortion.

Data breaches 208

Data breaches Cybercrime Telecommunications Accountability 208

Security Affairs

MARCH 26, 2020

that is hosting various cybercrime products and services were being sold. which is a Shopify-like platform that has been hosting hundreds of online shops used for the sale of hacked accounts and stolen user data. platform since October 2013. SecurityAffairs – cybercrime, DEER.IO). Feds reviewed approximately 250 DEER.IO

Cybercrime 144

Cybercrime Advertising Hacking Accountability 144

Krebs on Security

SEPTEMBER 6, 2021

In May 2015, KrebsOnSecurity briefly profiled “ The Manipulaters ,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. ” The IT network of The Manipulaters, circa 2013. Image: Facebook.

Software 262

Software Phishing Cybercrime Accountability 262

Krebs on Security

MAY 18, 2020

is cybercrime forum. “We can examine your (or not exactly your) PHP code for vulnerabilities and backdoors,” reads his offering on several prominent Russian cybercrime forums. ” From 2013 to 2016, upO was a major player on Exploit[.]in The cybercrime actor “upO” on Exploit[.]in

Malware 320

Malware Cybercrime Ransomware Marketing 320

Security Affairs

OCTOBER 6, 2018

Davis also provided customer support to Silk Road users in 2013, for this job he received a weekly salary. “From May 2013 up to June 2013, DAVIS served as a forum moderator for Silk Road. From June 2013 up to October 2, 2013, DAVIS worked as a site administrator on Silk Road. The FBI also seized about $33.6

Advertising 110

Advertising Marketing Cybercrime Hacking 110

Krebs on Security

JULY 28, 2022

Launched in 2013, Microleaves is a service that allows customers to route their Internet traffic through PCs in virtually any country or city around the globe. The very first discussion thread started by the new user Microleaves on the forum BlackHatWorld in 2013 sought forum members who could help test and grow the proxy network.

Advertising 234

Advertising Software Computers and Electronics Internet 234

Krebs on Security

JUNE 30, 2021

Such is the curse of the fraud fighter known online by the handles “ Brianna Ware ” and “ BWare ” for short, a longtime member of a global group of volunteers who’ve infiltrated a cybercrime gang that disseminates counterfeit checks tied to a dizzying number of online scams. ” SHRINKING FROM THE FIREHOSE?

Scams 269

Scams Banking Accountability Cybercrime 269

Krebs on Security

AUGUST 26, 2020

By the time the Secret Service caught up with him in 2013, he’d made over $3 million selling fullz data to identity thieves and organized crime rings operating throughout the United States. Ngo said he started taking classes again back in Vietnam, but soon found he was spending most of his time on cybercrime forums.

Identity Theft 353

Identity Theft Computers and Electronics Hacking Accountability 353

Identity IQ

FEBRUARY 8, 2024

But the dark web is also associated with illegal activities including the trafficking of drugs, weapons, and illegal pornography, hacking and cybercrime, terrorism, and the sale of stolen data or personal information. From 2011 to 2013, the Silk Road hosted 1.2 The FBI shut down the Silk Road in October 2013. billion in value.

Identity Theft 98

Identity Theft Cryptocurrency Government Engineering 98

Security Affairs

DECEMBER 1, 2022

In 2013, Yahoo suffered one of the worst data breaches in history, exposing over 3 billion user accounts. This allowed hackers to breach many user accounts. Near the holiday season of 2013, hackers exposed the credit and debit card information of over 110 million Target customers.

Data breaches 108

Data breaches Passwords Social Engineering Encryption 108

Security Affairs

MARCH 10, 2020

which is a Shopify-like platform that has been hosting hundreds of online shops used for the sale of hacked accounts and stolen user data. platform since October 2013. international financial and corporate data, Personally Identifiable Information (PII), and compromised user accounts from many U.S. store ACCOUNTS-MARKET.

Accountability 144

Accountability Advertising Passwords Hacking 144

Security Affairs

JUNE 29, 2023

As a result of the attack, the criminals gained access to e-mail addresses, telephone numbers and the content of messages collected on accounts,” reads a statement published by the company. Customers can use the app by paying a monthly subscription of $6 for a standard license or $12 for a Pro license. “As India, and Africa.

Data breaches 98

Data breaches Spyware Hacking Accountability 98

Schneier on Security

JULY 26, 2021

Paying a ransom starts with a victim turning a large sum of money into bitcoin and then transferring it to a criminal controlled “account.” Conceptually, bitcoin combines numbered Swiss bank accounts with public transactions and balances. The reason requires understanding how criminals collect their profits.

Ransomware 363

Ransomware Cryptocurrency Banking Accountability 363

Security Affairs

MAY 8, 2023

Threat actors are using emails sent from compromised accounts with the subject “bill/payment” with an attachment in the form of a ZIP archive. CERT-UA attributed the campaign to the financially motivated threat actor UAC-0006 which has been active since at least 2013.

Malware 98

Malware Phishing VPN Accountability 98

Security Affairs

APRIL 29, 2020

Keys was accused of providing Anonymous login credentials that allowed the group to deface access and deface the website of the Los Angeles Times in 2013. When Keys left Tribune Company-owned Sacramento KTXL Fox 40 in 2010, he shared login credentials of the CMS used by the website with members of Anonymous. ” states the Sacramento Bee.

Hacking 130

Hacking Advertising Accountability Media 130