2013, Cybercrime and Information Security

US offers $2.5M reward for Belarusian man involved in mass malware distribution

Security Affairs

AUGUST 28, 2024

The indictment alleges that from 2013 to 2022, Kadariya played a key role in distributing the Angler Exploit Kit, which was used to spread various malware, including ransomware, through malvertising and other methods. Kadariya has been indicted for distributing the Angler Exploit Kit and other malware to millions of victims.

Malware

Malware Computers and Electronics Cybercrime Internet

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

.” The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums. “Something new was required and I decided to leave Omsk and try to live in the States,” Kloster wrote in 2013.

Advertising

Advertising Cybercrime System Administration Hacking

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Security Affairs

JANUARY 31, 2024

It was operating between 2008 and 2013. In 2013, the Motion Picture Association of America (MPAA) shut down the website due to concerns related to copyright infringement. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – cybercrime, Apple)

Media

Media Cybercrime Advertising Information Security

U.S. sanctioned virtual currency exchanges Cryptex and PM2BTC for facilitating illegal activities

Security Affairs

SEPTEMBER 27, 2024

government sanctioned the virtual currency exchanges Cryptex and PM2BTC for facilitating cybercrime and money maundering. The authorities believe that these exchanges facilitate the laundering of proceeds from cybercrime. ” reads the press release published by DoJ. data breaches. This included over $158 million from fraud, $8.8

Cybercrime

Cybercrime Cryptocurrency Banking Ransomware

Notorious Finnish Hacker sentenced to more than six years in prison

Security Affairs

APRIL 30, 2024

“Finnish prosecutors quickly zeroed in on a suspect: Julius “Zeekill” Kivimäki , a notorious criminal hacker convicted of committing tens of thousands of cybercrimes before he became an adult. .” reads the post published by Brian Krebs. After being charged with the attack in October 2022, Kivimäki fled the country.

Hacking

Hacking Cybercrime Data breaches Information Security

Alleged Extortioner of Psychotherapy Patients Faces Trial

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime

Cybercrime Hacking Data breaches Banking

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Krebs on Security

SEPTEMBER 24, 2022

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog , which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.”

Cybercrime

Cybercrime Data breaches Malware Ransomware

Law enforcement shutdown a long-standing DDoS-for-hire service

Security Affairs

JUNE 17, 2023

Polish police, as part of the international law enforcement operation PowerOFF, dismantled a DDoS-for-hire service that has been active since at least 2013. An international operation codenamed PowerOff led to the shutdown of a DDoS-for-hire service that has been active since at least 2013. Viewer discretion is advised.

DDOS

DDOS Computers and Electronics Cybercrime Cryptocurrency

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Security Affairs

JUNE 9, 2023

The BTC-e virtual currency is popular in the cybercrime underground because it was used by crooks to launder funds for illegal activities. In accordance with these requests, between in or about March 2012 and in or about April 2013, the New York Bitcoin Broker allegedly transferred more than approximately $6.6 ” reads the DoJ.

Hacking

Hacking Cryptocurrency Advertising Banking

A new variant of Cicada ransomware targets VMware ESXi systems

Security Affairs

SEPTEMBER 2, 2024

A second round of puzzles began one year later on January 4, 2013, and then a third round following the confirmation of a fresh clue posted on Twitter on January 4, 2014. Since June, the operators behind Cicada3301 have started recruiting affiliates on the RAMP cybercrime forum. The third puzzle has not been solved yet.

Ransomware

Ransomware Encryption Malware Cybercrime

Local Networks Go Global When Domain Names Collide

Krebs on Security

AUGUST 23, 2024

Mike Barlow , information security manager for the City of Memphis, confirmed the Memphis Police’s systems were sharing their Microsoft Windows credentials with the domain, and that the city was working with Caturegli to have the domain transferred to them. .” Caturegli said setting up an email server record for memrtcc.ad

DNS

DNS Internet Internet Authentication

State attorneys general announced a $1.5 million settlement with Neiman Marcus

Security Affairs

JANUARY 9, 2019

million settlement with The Neiman Marcus Group over a 2013 data breach. million settlement with The Neiman Marcus Group LLC over a data breach suffered by the company in 2013 and disclosed earlier 2014. billion in the Q4 2013. Security Affairs – settlement, cybercrime ). ” reported the Associated Press.

Data breaches

Data breaches Retail Advertising Cybercrime

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. FBI spoofs 2012 – 2013. File encryption 2013 – 2015.

Ransomware

Ransomware Hacking Encryption Penetration Testing

France police arrested Telegram CEO Pavel Durov

Security Affairs

AUGUST 25, 2024

Telegram Messenger is a cloud-based, cross-platform instant messaging service launched in 2013 for iOS and Android. Over the years, Telegram has become the privileged communication channel for cybercriminals and other threat actors. Telegram and the French Interior Ministry have not yet commented on the news.

Media

Media Encryption Hacking Cybercrime

The man behind Cardplanet credit card market sentenced to 9 years in prison

Security Affairs

JUNE 27, 2020

The man operated the Cardplanet site between at least early 2009 through at least August 2013. Burkov was also operating another invite-only cybercrime forum, to obtain membership prospective members needed three existing members to “vouch” for their good reputation in the cybercrime community.

Marketing

Marketing Cybercrime Advertising Insurance

German BKA arrested the alleged operator of Deutschland im Deep Web darknet market

Security Affairs

OCTOBER 30, 2022

The Darknet marketplace was a crucial service for drug trafficking in the cybercrime underground for several years. . ” The DiDW Darknet marketplace first appeared on the threat landscape in 2013. . ” The DiDW Darknet marketplace first appeared on the threat landscape in 2013.

Marketing

Marketing Cybercrime Mobile Internet

FBI shuts down the Russian-based hacker platform DEER.IO

Security Affairs

MARCH 26, 2020

that is hosting various cybercrime products and services were being sold. companies for customers’ personal information.” platform since October 2013. SecurityAffairs – cybercrime, DEER.IO). appeared first on Security Affairs. “A Russian-based cyber platform known as DEER.IO Pierluigi Paganini.

Cybercrime

Cybercrime Advertising Hacking Accountability

Irish Silk Road admin sentenced to 78 months in federal prison

Security Affairs

JULY 26, 2019

The man, who is also known as Libertas also provided customer support to Silk Road users in 2013, for this job he received a weekly salary. According to FBI, between February of 2011 and July 2013, Silk Road managed $1.2 SecurityAffairs – Dark Web, cybercrime). The FBI also seized about $33.6 Pierluigi Paganini.

Marketing

Marketing Advertising Cybercrime Information Security

The parabola of a prolific cyber-criminal known as Dton

Security Affairs

MARCH 17, 2020

The man is active at least since 2013 and already earned at least $100,000 US from his ‘work,’ but researchers believe he has earned several times that amount. Dton’s history demonstrates that it is quite easy, even for relatively unskilled individuals, to enter in the cybercrime arena. SecurityAffairs – Dton, cybercrime).

Cybercrime

Cybercrime Malware Advertising Phishing

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Security Affairs

DECEMBER 1, 2022

In 2013, Yahoo suffered one of the worst data breaches in history, exposing over 3 billion user accounts. Near the holiday season of 2013, hackers exposed the credit and debit card information of over 110 million Target customers. Here are three of the worst data breaches that could have been avoided: Yahoo. Pierluigi Paganini.

Data breaches

Data breaches Passwords Social Engineering Encryption

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

CDHE provides free access to the identify theft monitoring Experian IdentityWorks SM for 24 months.

Education

Education Data breaches Ransomware Hacking

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

The SEC said that under First American’s remediation policies, if the person responsible for fixing the problem is unable to do so based on the timeframes listed above, that employee must have their management contact the company’s information security department to discuss their remediation plan and proposed time estimate.

Insurance

Insurance Risk Financial Services CISO

HawkEye Keylogger is involved in attacks against business users

Security Affairs

MAY 28, 2019

The malware has been under active development since at least 2013 and it is offered for sale on various hacking forums as a keylogger and stealer. It allows to monitor systems and exfiltrate information. The latest variant appeared in the cybercrime underground in December 2018, it was named HawkEyeReborn v9.

Cybercrime

Cybercrime Malware Advertising Healthcare

Threat actor has been targeting the aviation industry since at least 2018

Security Affairs

SEPTEMBER 18, 2021

Talos researchers believe that the group was able to remain under the radar using crypters that it bought on cybercrime forums. ” Evidence collected by the experts suggests that the threat actor has been active at least since 2013. Microsoft 365 Defender detects the multiple components of this attack. .”

Malware

Malware Phishing DNS Cybercrime

A member of the FIN7 group was sentenced to 10 years in prison

Security Affairs

APRIL 18, 2021

CARBANAK cybercrime gang was first uncovered in 2014 by Kaspersky Lab that dated its activity back to 2013 when the group leveraged the Anunak malware in targeted attacks on financial institutions and ATM networks. Between 2014 and 2016 the group used a new custom malware dubbed Carbanak that is considered a newer version of Anunak.

System Administration

System Administration Penetration Testing Malware Hacking

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

Beta, D6220, D6400, D7000 CVE-2018-10561, CVE-2018-10562 GPON home routers CVE-2013-3307 Linksys X3000 1.0.03 d26m CVE-2013-5223 D-Link DSL-2760U Gateway CVE-2020-8958 Guangzhou 1GE ONU V2801RW 1.9.1-181203 Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 CVE-2016-6277 NETGEAR R6250 before 1.0.4.6.Beta,

IoT

IoT Firmware Malware Wireless

The phone monitoring app LetMeSpy disclosed a data breach

Security Affairs

JUNE 29, 2023

DDoSecrets said it was limiting the distribution of the data to journalists and researchers, given the amount of personally identifiable information in the cache.” India, and Africa.

Data breaches

Data breaches Spyware Hacking Accountability

Play ransomware attacks use a new exploit to bypass ProxyNotShell mitigations on Exchange servers

Security Affairs

DECEMBER 21, 2022

they impact Exchange Server 2013, 2016, and 2019, an authenticated attacker can trigger them to elevate privileges to run PowerShell in the context of the system and gain arbitrary or remote code execution on vulnerable servers. The ProxyNotShell flaws are: CVE-2022-41040 – Microsoft Exchange Server Elevation of Privilege Vulnerability.

Ransomware

Ransomware Authentication Hacking Cybercrime

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

The OceanLotus APT group is a state-sponsored group that has been active since at least 2013. The APT32 also targeted peripheral network security and technology infrastructure corporations, and security firms that may have connections with foreign investors. ” Microsoft said.

Cryptocurrency

Cryptocurrency Antivirus Manufacturing Government

CERT-UA warns of an ongoing SmokeLoader campaign

Security Affairs

MAY 8, 2023

CERT-UA attributed the campaign to the financially motivated threat actor UAC-0006 which has been active since at least 2013. SmokeLoader acts as a loader for other malware, once it is executed it will inject malicious code into the currently running explorer process (explorer.exe) and downloads another payload to the system.

Malware

Malware Phishing VPN Accountability

US CISA appointed Kiersten Todt as new chief of staff

Security Affairs

SEPTEMBER 14, 2021

She was also a member of the team supporting the National Institute of Standards and Technology (NIST) in the development of the Voluntary Cybersecurity Framework called for in President Obama’s 2013 Executive Order 13636 on cybersecurity.

Small Business

Small Business Government Cybersecurity Hacking

A job ad published by the UK’s Ministry of Defence revealed a secret hacking squad

Security Affairs

AUGUST 15, 2021

.” “ MAB5 was described in gushing terms and with incredible detail, even naming the military leader – a Lieutenant Colonel (Lt Col) in the Royal Corps of Signals, who was awarded the MBE in the Queen’s Birthday Honours List 2013 when he was a Major. SecurityAffairs – hacking, cybercrime). Pierluigi Paganini.

Computers and Electronics

Computers and Electronics Hacking Engineering Mobile

Prominent Carding Marketplace UniCC announced it’s shutting down

Security Affairs

JANUARY 15, 2022

The site was launched in 2013 and according to the Elliptic Threat Intel about $358 million (across Bitcoin, Litecoin, Ether and Dash) in purchases were made through the platform. One of the biggest underground carding marketplaces, UniCC, announced it’s shutting down its operations.

Marketing

Marketing Retail Cryptocurrency Banking

Two Estonian citizens arrested in $575M cryptocurrency fraud scheme

Security Affairs

NOVEMBER 22, 2022

” The defendants are accused to have defrauded the victims between December 2013 and August 2019, they operated with other co-conspirators residing in Estonia, Belarus, and Switzerland. . “In reality, Polybius was never actually a bank, and never paid out the promised dividends.

Cryptocurrency

Cryptocurrency Banking Marketing Hacking

Latitude Data breach is worse than initially estimated. 14 million individuals impacted

Security Affairs

MARCH 28, 2023

million) were provided before 2013. million records include some, but not all of the following personal information: name, address, telephone, and date of birth. The statement also reported that approximately 6.1 million records dating back to at least 2005 were also compromised in the data breach. 94% of these records (5.7

Data breaches

Data breaches Financial Services Passwords Hacking

Pakistani man sentenced to 12 years of prison for his role in AT&T hacking scheme

Security Affairs

SEPTEMBER 19, 2021

In 2013, AT&T implemented a new system to monitor the activity of the employees, for this reason, the Pakistani man corrupted the employees to install malware and other tools on the infrastructure of the company to unlock the devices remotely.

Hacking

Hacking Malware Cybercrime Information Security

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

Security Affairs

MAY 24, 2023

In a classified report cited by Chosun, the US National Intelligence Service (DNI) found that North Korea was financing its ‘priority policies’, such as nuclear and missile development, through cybercrime. The 110th Research Center was also involved in the theft of sensitive government information from entities in South Korea.

Government

Government Cryptocurrency Media Technology

Rackspace: Play Ransomware gang used a previously unknown exploit to access its Hosted Exchange email environment

Security Affairs

JANUARY 6, 2023

they impact Exchange Server 2013, 2016, and 2019, an authenticated attacker can trigger them to elevate privileges to run PowerShell in the context of the system and gain arbitrary or remote code execution on vulnerable servers. The ProxyNotShell flaws are: CVE-2022-41040 – Microsoft Exchange Server Elevation of Privilege Vulnerability.

Ransomware

Ransomware Data breaches Authentication Hacking

Journalist Matthew Keys is now charged with an attack on a magazine

Security Affairs

APRIL 29, 2020

Keys was accused of providing Anonymous login credentials that allowed the group to deface access and deface the website of the Los Angeles Times in 2013. When Keys left Tribune Company-owned Sacramento KTXL Fox 40 in 2010, he shared login credentials of the CMS used by the website with members of Anonymous.

Hacking

Hacking Advertising Accountability Media

FBI arrested a Russian citizen suspected to be the mastermind of Deer.io

Security Affairs

MARCH 10, 2020

platform since October 2013. The Russian man also advertised the platform on other hacking forums. Firsov was arrested at the John F. Kennedy Airport, in New York, on March 7, the man is accused of running the Deer.io “The suspect, named Kirill Victorovich Firsov, was arrested on Saturday, March 7, at the John F.

Accountability

Accountability Advertising Passwords Hacking

Ticketmaster will pay $10 Million fine over hacking a competitor

Security Affairs

JANUARY 2, 2021

The intrusions into the competitor’s systems took place repeatedly between 2013 and 2015. The attacks aimed at stealing information to gain an advantage over CrowdSurge, which was acquired by Warner Music Group (WMG) in 2017.

Hacking

Hacking Passwords Accountability Cybercrime

Hundreds of thousands of routers exposed to Eternal Silence campaign via UPnP?

Security Affairs

JANUARY 31, 2022

In early 2013, researchers at Rapid7 published an interesting whitepaper entitled “Security Flaws in Universal Plug and Play” that evaluated the global exposure of UPnP-enabled network devices. The UPnP communication protocol is widely adopted even if it is known to be vulnerable.

Internet

Internet Internet Firmware Hacking

Interview With the Guy Who Tried to Frame Me for Heroin Possession

Krebs on Security

SEPTEMBER 25, 2019

In April 2013, I received via U.S. But the plan failed and the Ukrainian mastermind behind it soon after was imprisoned for unrelated cybercrime offenses. After the heroin showed up, I gave the drugs to the local police and wrote about the experience in Mail From the Velvet Cybercrime Underground.

Cybercrime

Cybercrime Identity Theft Accountability Passwords

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Security Affairs

JANUARY 10, 2022

A malware campaign spreads ZLoader malware by exploiting a Windows vulnerability that was fixed in 2013 but in 2014 Microsoft revised the fix. The threat actors exploit a vulnerability, tracked as CVE-2013-3900, that was discovered and fixed in 2013 but in 2014 Microsoft revised the fix.

Malware

Malware Banking Software Cybercrime

US offers $2.5M reward for Belarusian man involved in mass malware distribution

Meet the Administrators of the RSOCKS Proxy Botnet

Trending Sources

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

U.S. sanctioned virtual currency exchanges Cryptex and PM2BTC for facilitating illegal activities

Notorious Finnish Hacker sentenced to more than six years in prison

Alleged Extortioner of Psychotherapy Patients Faces Trial

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Law enforcement shutdown a long-standing DDoS-for-hire service

Russians charged with hacking Mt. Gox exchange and operating BTC-e

A new variant of Cicada ransomware targets VMware ESXi systems

Local Networks Go Global When Domain Names Collide

State attorneys general announced a $1.5 million settlement with Neiman Marcus

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

France police arrested Telegram CEO Pavel Durov

The man behind Cardplanet credit card market sentenced to 9 years in prison

German BKA arrested the alleged operator of Deutschland im Deep Web darknet market

FBI shuts down the Russian-based hacker platform DEER.IO

Irish Silk Road admin sentenced to 78 months in federal prison

The parabola of a prolific cyber-criminal known as Dton

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

First American Financial Pays Farcical $500K Fine

HawkEye Keylogger is involved in attacks against business users

Threat actor has been targeting the aviation industry since at least 2018

A member of the FIN7 group was sentenced to 10 years in prison

BotenaGo botnet targets millions of IoT devices using 33 exploits

The phone monitoring app LetMeSpy disclosed a data breach

Play ransomware attacks use a new exploit to bypass ProxyNotShell mitigations on Exchange servers

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

CERT-UA warns of an ongoing SmokeLoader campaign

US CISA appointed Kiersten Todt as new chief of staff

A job ad published by the UK’s Ministry of Defence revealed a secret hacking squad

Prominent Carding Marketplace UniCC announced it’s shutting down

Two Estonian citizens arrested in $575M cryptocurrency fraud scheme

Latitude Data breach is worse than initially estimated. 14 million individuals impacted

Pakistani man sentenced to 12 years of prison for his role in AT&T hacking scheme

The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea

Rackspace: Play Ransomware gang used a previously unknown exploit to access its Hosted Exchange email environment

Journalist Matthew Keys is now charged with an attack on a magazine

FBI arrested a Russian citizen suspected to be the mastermind of Deer.io

Ticketmaster will pay $10 Million fine over hacking a competitor

Hundreds of thousands of routers exposed to Eternal Silence campaign via UPnP?

Interview With the Guy Who Tried to Frame Me for Heroin Possession

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Stay Connected