2013 and Cybercrime - Cyber Security Informer

KrebsOnSecurity in New Netflix Series on Cybercrime

Krebs on Security

JUNE 7, 2022

They didn’t specify what additional topics the series would scrutinize, but Netflix’s teaser for the show suggests it concerns cybercrimes that result in deadly, real-world kinetic attacks. Our first swatting, in March 2013, resulted in Fairfax County, Va. “Conspiracy.

Cybercrime

Cybercrime Internet Internet Web Fraud

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. “Helkern was my friend, I [set up a] meeting with Golubov and him in 2013,” Shefel said.

Retail

Retail Advertising Cryptocurrency Marketing

U.S. Offered $10M for Hacker Just Arrested by Russia

Krebs on Security

DECEMBER 4, 2024

Matveev’s hacker identities were remarkably open and talkative on numerous cybercrime forums. image: x.com/vxunderground The golden rule of cybercrime in Russia has always been that as long as you never hack, extort or steal from Russian citizens or companies, you have little to fear of arrest. “Mother Russia will help you.

Cybercrime

Cybercrime Ransomware Cryptocurrency Government

Police cracks down on DDoS-for-hire service active since 2013

Bleeping Computer

JUNE 16, 2023

Polish police officers part of the country's Central Cybercrime Bureau detained two suspects believed to have been involved in the operation of a long-running DDoS-for-hire service (aka booter or stresser) active since at least 2013. [.]

DDOS

DDOS Cybercrime

Cybercrime Year in Review: 2013

SiteLock

AUGUST 27, 2021

In its annual Data Breach Investigations Report , published at the beginning of 2013, Verizon revealed that businesses with fewer than 100 employees made up the single largest group of victims of data breaches. Early in 2013, Chinese hackers were easily able to breach the extensive defenses the Times had in place.

Cybercrime

Cybercrime Small Business Antivirus Malware

Mariposa Botnet Author, Darkcode Crime Forum Admin Arrested in Germany

Krebs on Security

OCTOBER 1, 2019

A Slovenian man convicted of authoring the destructive and once-prolific Mariposa botnet and running the infamous Darkode cybercrime forum has been arrested in Germany on request from prosecutors in the United States, who’ve recently re-indicted him on related charges. issued international arrest warrant for his extradition.

Cybercrime

Cybercrime Malware Antivirus Banking

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

.” The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums. “Something new was required and I decided to leave Omsk and try to live in the States,” Kloster wrote in 2013.

Advertising

Advertising Cybercrime System Administration Hacking

Finland’s Most-Wanted Hacker Nabbed in France

Krebs on Security

FEBRUARY 5, 2023

A notorious hacker convicted of perpetrating tens of thousands of cybercrimes, Kivimäki had been in hiding since October 2022, when he failed to show up in court and Finland issued an international warrant for his arrest. Kivimäki was ultimately convicted of orchestrating more than 50,000 cybercrimes.

Cybercrime

Cybercrime DDOS Hacking Accountability

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years

Krebs on Security

APRIL 30, 2024

Finnish prosecutors quickly zeroed in on a suspect: Julius “Zeekill” Kivimäki , a notorious criminal hacker convicted of committing tens of thousands of cybercrimes before he became an adult. After being charged with the attack in October 2022, Kivimäki fled the country. Kivimäki was 15 years old at the time.

DDOS

DDOS Cybercrime Hacking Passwords

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Krebs on Security

JUNE 29, 2023

Kislitsin also was indicted in Nevada in 2013, but the Nevada indictment does not name his alleged victim(s) in that case. ”] Kislitsin was hired by Group-IB in January 2013, nearly six months after the Formspring hack. ”

Cybersecurity

Cybersecurity Cybercrime Hacking Government

Who Stole 3.6M Tax Records from South Carolina?

Krebs on Security

APRIL 16, 2024

KrebsOnSecurity examined posts across dozens of cybercrime forums around that time, and found only one instance of someone selling large volumes of tax data in the year surrounding the breach date. As it happens, Rescator’s criminal hacking crew was directly responsible for the 2013 breach at Target and the 2014 hack of Home Depot.

Identity Theft

Identity Theft Banking Cybercrime Hacking

Two Russians Charged in $17M Cryptocurrency Phishing Spree

Krebs on Security

SEPTEMBER 16, 2020

In February 2020, KrebsOnSecurity wrote about being contacted by an Internal Revenue Service investigator seeking to return funds seized seven years earlier as part of the governments 2013 seizure of Liberty Reserve , a virtual currency service that acted as a $6 billion hub for the cybercrime world.

Cryptocurrency

Cryptocurrency Phishing Accountability Cybercrime

XE Group shifts from credit card skimming to exploiting zero-days

Security Affairs

FEBRUARY 10, 2025

The cybercrime group XE Group exploited a VeraCore zero-day to deploy reverse shells, web shells in recent attacks. Active since at least 2013 , XE Group is a cybercriminal group focused on credit card skimming and password theft via supply chain attacks. ” reads the analysis published by Intezer.

Manufacturing

Manufacturing Cybercrime Passwords Authentication

The Wages of Password Re-Use: Your Money or Your Life

Krebs on Security

MAY 4, 2021

Which means when a cybercrime forum gets hacked and its user databases posted online, it is often possible to work backwards from some of the more unique passwords for each account and see where else that password was used. Mistake number two was the password for his email account was the same as his cybercrime forum admin account.

Passwords

Passwords Cybercrime Accountability Password Management

The Stark Truth Behind the Resurgence of Russia’s Fin7

Krebs on Security

JULY 10, 2024

The Russia-based cybercrime group dubbed “ Fin7 ,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities.

Phishing

Phishing Cybercrime Malware Software

A Light at the End of Liberty Reserve’s Demise?

Krebs on Security

FEBRUARY 14, 2020

In May 2013, the U.S. Justice Department seized Liberty Reserve , alleging the virtual currency service acted as a $6 billion financial hub for the cybercrime world.

Identity Theft

Identity Theft Government Scams Cybercrime

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Krebs on Security

MARCH 10, 2020

was responsible for $17 million worth of stolen credential sales since its inception in 2013. That same email address was used to register the account “Isis” at several other top Russian-language cybercrime forums, including Damagelab, Zloy, Evilzone and Priv-8. An example seller’s panel at deer.io.

Accountability

Accountability Advertising Hacking Cybercrime

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Dmitry Yuryevich Khoroshev.

Ransomware

Ransomware Cybercrime Accountability Malware

This Service Helps Malware Authors Fix Flaws in their Code

Krebs on Security

MAY 18, 2020

is cybercrime forum. “We can examine your (or not exactly your) PHP code for vulnerabilities and backdoors,” reads his offering on several prominent Russian cybercrime forums. ” From 2013 to 2016, upO was a major player on Exploit[.]in The cybercrime actor “upO” on Exploit[.]in

Malware

Malware Cybercrime Ransomware Marketing

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Krebs on Security

NOVEMBER 8, 2021

” These last two nicknames correspond to accounts on several top cybercrime forums way back in 2013, where a user named “Yaroslav2468” registered using the email address yarik45@gmail.com. Prosecutors say Vasinskyi also used the monikers “ Yarik45 ,” and “ Yaroslav2468.” 3 was Lublin, Poland.

Ransomware

Ransomware Cybercrime System Administration Passwords

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash , a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. A screenshot of a website reviewing PM2BTC.

Cryptocurrency

Cryptocurrency Cybercrime Retail Government

Party Like a Russian, Carder’s Edition

Krebs on Security

JULY 17, 2019

To alleviate the cash from a whole entire nation…” KrebsOnSecurity has seen some creative yet truly bizarre ads for dodgy services in the cybercrime underground, but the following animated advertisement for a popular credit card fraud shop likely takes the cake. “It takes a certain kind of man with a certain reputation.

Cybercrime

Cybercrime Advertising Cybersecurity

Who’s Behind the SWAT USA Reshipping Service?

Krebs on Security

NOVEMBER 6, 2023

Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Cyber intelligence firm Intel 471 says Fearlless first registered on Verified in February 2013. As detailed in this Nov.

Passwords

Passwords Cybercrime Accountability Hacking

Here’s Some Bitcoin: Oh, and You’ve Been Served!

Krebs on Security

JANUARY 10, 2024

Rasch said it could be that Dellone’s stolen crypto was seized as part of a government asset forfeiture, but that either way there is no reason Uncle Sam should hold some cybercrime victims’ life savings indefinitely. For example, in 2013 the U.S. court orders, then it’s yours,” Bax said. federal court.”

Cryptocurrency

Cryptocurrency Government Cybercrime Accountability

Who’s Behind the NetWire Remote Access Trojan?

Krebs on Security

MARCH 9, 2023

A Croatian national has been arrested for allegedly operating NetWire , a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The WorldWiredLabs website, in 2013. The arrest coincided with a seizure of the NetWire sales website by the U.S.

DNS

DNS Cybercrime Passwords Accountability

Kelvin Security cybercrime gang suspect seized by Spanish police

Graham Cluley

DECEMBER 12, 2023

A malicious hacking group, thought to have been operating since at least 2013, may have suffered a significant blow after the arrest of a suspected leading member by Spanish police late last week. Read more in my article on the Tripwire State of Security blog.

Cybercrime

Cybercrime Hacking Data breaches

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime

Cybercrime Banking Computers and Electronics DDOS

Thinking of Hiring or Running a Booter Service? Think Again.

Krebs on Security

JANUARY 17, 2023

Proprietors of these so-called “booter” or “stresser” services — designed to knock websites and users offline — have long operated in a legally murky area of cybercrime law. The only work experience Dobbs listed on his resume was as a freelance developer from 2013 to the present day.

DDOS

DDOS Cybercrime Engineering Government

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Krebs on Security

SEPTEMBER 24, 2022

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog , which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.”

Cybercrime

Cybercrime Data breaches Malware Ransomware

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, the government alleges. Troy Woody Jr. In December 2022, Troy Woody Jr.

Cryptocurrency

Cryptocurrency Government Internet Internet

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

Krebs on Security

JUNE 18, 2020

Federal prosecutors in Pittsburgh allege that in 2013 and 2014 Johnson hacked into the Oracle PeopleSoft databases for UPMC, a $21 billion nonprofit health enterprise that includes more than 40 hospitals.

Identity Theft

Identity Theft Healthcare Hacking Technology

US offers $2.5M reward for Belarusian man involved in mass malware distribution

Security Affairs

AUGUST 28, 2024

The indictment alleges that from 2013 to 2022, Kadariya played a key role in distributing the Angler Exploit Kit, which was used to spread various malware, including ransomware, through malvertising and other methods. Kadariya has been indicted for distributing the Angler Exploit Kit and other malware to millions of victims.

Malware

Malware Computers and Electronics Cybercrime Internet

Alleged Extortioner of Psychotherapy Patients Faces Trial

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime

Cybercrime Hacking Data breaches Banking

Who Is the Network Access Broker ‘Babam’?

Krebs on Security

DECEMBER 3, 2021

Since the beginning of 2020, Babam has set up numerous auctions on the Russian-language cybercrime forum Exploit , mainly selling virtual private networking (VPN) credentials stolen from various companies. All of these domains date back to between 2012 and 2013. com and wwwpexpay[.]com. com , and portalsagepay[.]com.

Ransomware

Ransomware Passwords Accountability Cybercrime

Operation Endgame

Troy Hunt

MAY 29, 2024

Since 2013 when I kicked off HIBP as a pet project , it has become an increasingly important part of the security posture of individuals, organisations, governments and law enforcement agencies.

Passwords

Passwords Password Management Data breaches Cybercrime

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. FBI spoofs 2012 – 2013. File encryption 2013 – 2015.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

Krebs on Security

AUGUST 6, 2020

In 2013, KrebsOnSecurity broke the news that the U.S. Also in 2013, KrebsOnSecurity broke the news that ssndob[.]ms ms , then a major identity theft service in the cybercrime underground, had infiltrated computers at some of America’s large consumer and business data aggregators , including LexisNexis Inc. ,

Accountability

Accountability Identity Theft Hacking Insurance

Hacker Charged With Extorting Online Psychotherapy Service

Krebs on Security

NOVEMBER 3, 2022

In 2013, Kurittu worked on investigation involving Kivimaki’s use of the Zbot botnet, among other activities Kivimaki engaged in as a member of the hacker group Hack the Planet. The entire archive has since been made into a searchable website on the Dark Web. “There were also other projects and databases.”

Data breaches

Data breaches Cybercrime Accountability Telecommunications

“FudCo” Spam Empire Tied to Pakistani Software Firm

Krebs on Security

SEPTEMBER 6, 2021

In May 2015, KrebsOnSecurity briefly profiled “ The Manipulaters ,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. ” The IT network of The Manipulaters, circa 2013. Image: Facebook.

Software

Software Phishing Cybercrime Accountability

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Security Affairs

JANUARY 31, 2024

It was operating between 2008 and 2013. In 2013, the Motion Picture Association of America (MPAA) shut down the website due to concerns related to copyright infringement. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – cybercrime, Apple)

Media

Media Cybercrime Advertising Information Security

Breach Exposes Users of Microleaves Proxy Service

Krebs on Security

JULY 28, 2022

Launched in 2013, Microleaves is a service that allows customers to route their Internet traffic through PCs in virtually any country or city around the globe. The very first discussion thread started by the new user Microleaves on the forum BlackHatWorld in 2013 sought forum members who could help test and grow the proxy network.

Advertising

Advertising Software Computers and Electronics Internet

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Security Affairs

JANUARY 10, 2022

A malware campaign spreads ZLoader malware by exploiting a Windows vulnerability that was fixed in 2013 but in 2014 Microsoft revised the fix. The threat actors exploit a vulnerability, tracked as CVE-2013-3900, that was discovered and fixed in 2013 but in 2014 Microsoft revised the fix.

Malware

Malware Banking Software Cybercrime

Notorious Finnish Hacker sentenced to more than six years in prison

Security Affairs

APRIL 30, 2024

“Finnish prosecutors quickly zeroed in on a suspect: Julius “Zeekill” Kivimäki , a notorious criminal hacker convicted of committing tens of thousands of cybercrimes before he became an adult. .” reads the post published by Brian Krebs. After being charged with the attack in October 2022, Kivimäki fled the country.

Hacking

Hacking Cybercrime Data breaches Information Security

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

” MRMURZA Faceless is a project from MrMurza , a particularly talkative member of more than a dozen Russian-language cybercrime forums over the past decade. MrMurza’s Faceless advertised on the Russian-language cybercrime forum ProCrd. In 2013, U.S. Image: Darkbeast/Ke-la.com.

Malware

Malware Passwords Accountability Advertising

KrebsOnSecurity in New Netflix Series on Cybercrime

An Interview With the Target & Home Depot Hacker

Trending Sources

U.S. Offered $10M for Hacker Just Arrested by Russia

Police cracks down on DDoS-for-hire service active since 2013

Cybercrime Year in Review: 2013

Mariposa Botnet Author, Darkcode Crime Forum Admin Arrested in Germany

Meet the Administrators of the RSOCKS Proxy Botnet

Finland’s Most-Wanted Hacker Nabbed in France

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Who Stole 3.6M Tax Records from South Carolina?

Two Russians Charged in $17M Cryptocurrency Phishing Spree

XE Group shifts from credit card skimming to exploiting zero-days

The Wages of Password Re-Use: Your Money or Your Life

The Stark Truth Behind the Resurgence of Russia’s Fin7

A Light at the End of Liberty Reserve’s Demise?

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

How Did Authorities Identify the Alleged Lockbit Boss?

This Service Helps Malware Authors Fix Flaws in their Code

REvil Ransom Arrest, $6M Seizure, and $10M Reward

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Party Like a Russian, Carder’s Edition

Who’s Behind the SWAT USA Reshipping Service?

Here’s Some Bitcoin: Oh, and You’ve Been Served!

Who’s Behind the NetWire Remote Access Trojan?

Kelvin Security cybercrime gang suspect seized by Spanish police

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Thinking of Hiring or Running a Booter Service? Think Again.

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

US offers $2.5M reward for Belarusian man involved in mass malware distribution

Alleged Extortioner of Psychotherapy Patients Faces Trial

Who Is the Network Access Broker ‘Babam’?

Operation Endgame

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

Hacker Charged With Extorting Online Psychotherapy Service

“FudCo” Spam Empire Tied to Pakistani Software Firm

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Breach Exposes Users of Microleaves Proxy Service

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Notorious Finnish Hacker sentenced to more than six years in prison

Giving a Face to the Malware Proxy Service ‘Faceless’

Stay Connected