Krebs on Security

JUNE 1, 2023

One of Megatraffer’s ads on an English-language cybercrime forum. Megatraffer has continued to offer their code-signing services across more than a half-dozen other Russian-language cybercrime forums, mostly in the form of sporadically available EV and non-EV code-signing certificates from major vendors like Thawte and Comodo.

Malware 301

Malware Cybercrime Software Accountability 301

Krebs on Security

APRIL 18, 2023

.'” MRMURZA Faceless is a project from MrMurza , a particularly talkative member of more than a dozen Russian-language cybercrime forums over the past decade. MrMurza’s Faceless advertised on the Russian-language cybercrime forum ProCrd. Image: Darkbeast/Ke-la.com. 2012, from an Internet address in Magnitogorsk, RU.

Malware 292

Malware Passwords Accountability Advertising 292

Krebs on Security

JULY 27, 2022

But a recent review of Ashley Madison mentions across Russian cybercrime forums and far-right websites in the months leading up to the hack revealed some previously unreported details that may deserve further scrutiny. “Full Delete netted ALM $1.7mm in revenue in 2014. In 2014, ALM reported revenues of $115 million.

Cybercrime 62

Cybercrime Hacking Media Advertising 62

Krebs on Security

APRIL 16, 2024

For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the state’s revenue department in 2012 and stealing tax and bank account information for 3.6 million people. said investigators determined the breach began on Aug. ” On Oct.

Identity Theft 290

Identity Theft Banking Cybercrime Hacking 290

Security Affairs

JULY 6, 2020

employee who hacked into the accounts of thousands of users was sentenced to five years of probation. accounts back in 2018. The man accessed the users’ victim accounts, using cracked passwords, but in some cases, he also used internal Yahoo! systems for access to the accounts. A former Yahoo! Pierluigi Paganini.

Accountability 129

Accountability Advertising Hacking Engineering 129

Security Affairs

NOVEMBER 3, 2018

Cybercriminals offered for sale private messages from at least 81,000 Facebook accounts claiming of being in possession of data from 120 million accounts. Crooks are offering for sale Criminals are selling the private messages of 81,000 hacked Facebook accounts for 10 cents per account. ” states the BBC.

Accountability 111

Accountability Advertising Hacking Cybercrime 111

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking 235

Hacking Cybercrime Ransomware Government 235

Security Affairs

JANUARY 8, 2024

19 individuals worldwide were charged in a transnational cybercrime investigation of the now defunct xDedic marketplace. The black marketplace has been active since 2014, it was first analyzed by experts at Kaspersky Lab in 2016. At the time, the domain (xdedic[.]biz) ” reads the press release published by DoJ.

Cybercrime 132

Cybercrime Identity Theft Government Hacking 132

Krebs on Security

JANUARY 18, 2021

Joker’s Stash , by some accounts the largest underground shop for selling stolen credit card and identity data, says it’s closing up shop effective mid-February 2021. The announcement came on the heels of a turbulent year for the major cybercrime store, and just weeks after U.S. 15, 2021. 15 or forfeit those funds.

Marketing 297

Marketing Cybercrime Accountability Cryptocurrency 297

Security Affairs

AUGUST 12, 2019

Researchers discovered a dump containing 6,840,339 records associated with StockX user accounts that surfaced in the cybercrime underground. Now a dump containing 6,840,339 unique StockX user accounts surfaced in the cybercrime underground. How to check if your account has been compromised? Pierluigi Paganini.

Accountability 109

Accountability Data breaches Passwords Cybercrime 109

Security Affairs

SEPTEMBER 2, 2019

Login details of more than 36 million Poshmark accounts are available for sale in the cybercrime underground. “In mid-2018, social commerce marketplace Poshmark suffered a data breach that exposed 36M user accounts. Now Scott told BleepingComputer that a set of one million cracked Poshmark accounts is circulating online.

Accountability 108

Accountability Data breaches Passwords Advertising 108

Krebs on Security

JULY 23, 2020

As first reported here last year , First American’s website exposed 16 years worth of digitized mortgage title insurance records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images. It employs some 18,000 people and brought in $6.2

Insurance 347

Insurance Financial Services Penetration Testing Scams 347

Krebs on Security

APRIL 30, 2024

Finnish prosecutors quickly zeroed in on a suspect: Julius “Zeekill” Kivimäki , a notorious criminal hacker convicted of committing tens of thousands of cybercrimes before he became an adult. After being charged with the attack in October 2022, Kivimäki fled the country.

DDOS 298

DDOS Cybercrime Hacking Passwords 298

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. Chaput said that at one point last week the volume of bot accounts being registered for the crypto spam campaign started overwhelming the servers that handle new signups at Mastodon.social.

Scams 300

Scams DDOS Cryptocurrency Accountability 300

Krebs on Security

SEPTEMBER 26, 2024

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash , a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. Joker’s sold cards stolen in a steady drip of breaches at U.S.

Cryptocurrency 292

Cryptocurrency Cybercrime Retail Government 292

Security Affairs

NOVEMBER 17, 2022

A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last month arrested in Geneva Vyacheslav Igorevich Penchukov (40), also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. Pierluigi Paganini.

Cybercrime 107

Cybercrime Banking Identity Theft Hacking 107

Security Affairs

OCTOBER 9, 2018

According to the FBI , the number of business email account (BEC) and email account compromise (EAC) scam incidents worldwide reached 78,000 between October 2013 and May 2018. If these passwords have been reused for corporate accounts, this may leave organizations at risk to account takeovers.” Pierluigi Paganini.

Scams 108

Scams Accountability Hacking Passwords 108

Krebs on Security

FEBRUARY 5, 2023

A notorious hacker convicted of perpetrating tens of thousands of cybercrimes, Kivimäki had been in hiding since October 2022, when he failed to show up in court and Finland issued an international warrant for his arrest. Kivimäki was ultimately convicted of orchestrating more than 50,000 cybercrimes.

Cybercrime 274

Cybercrime DDOS Hacking Accountability 274

Security Affairs

APRIL 24, 2020

Nintendo has disconnected the NNID legacy login system from main Nintendo profiles after it has discovered a massive account hijacking campaign. The gaming giant Nintendo announced that hackers gained accessed at least 160,000 user accounts as part of an account hijacking campaign since early April. ” reported ZDNet.

Accountability 119

Accountability Passwords Data breaches Advertising 119

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime 261

Cybercrime Banking Computers and Electronics DDOS 261

Krebs on Security

JUNE 29, 2023

Prosecutors in Northern California indicted Kislitsin in 2014 for his alleged role in stealing account data from Formspring. Kislitsin also was indicted in Nevada in 2013, but the Nevada indictment does not name his alleged victim(s) in that case.

Cybersecurity 298

Cybersecurity Cybercrime Hacking Government 298

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. New cybercrime groups are also expected to start operations in Asia and Latin America. million, accounting for only 17% of the overall market value, compared to 19.9

Cybercrime 108

Cybercrime Hacking Banking Phishing 108

Security Affairs

JUNE 26, 2019

Experts discovered security flaws in EA Games’ login process that could allow an attacker to take over EA gamers’ accounts and steal sensitive data. Experts pointed out that over 300 million players are at risk, stolen gaming credentials are a valuable commodity in the cybercrime underground.

Accountability 106

Accountability Hacking DNS Advertising 106

Security Affairs

OCTOBER 5, 2020

According to the SonntagsZeitung , the Basel public prosecutor’s office confirmed that hackers compromised the systems at the universities, then the threat actors hijacked the employee salary transfers by changing the beneficiaries’ accounts. It added that part of the misappropriated funds was now in foreign accounts.”

Advertising 145

Advertising Phishing Cybercrime Hacking 145

Security Affairs

OCTOBER 18, 2020

. “Comprised of several layers of members mainly from Latvia, Georgia, Bulgaria, Romania, and Belgium, the QQAAZZ network opened and maintained hundreds of corporate and personal bank accounts at financial institutions throughout the world to receive money from cybercriminals who stole it from accounts of victims.”

Malware 141

Malware Banking Cryptocurrency Cybercrime 141

Krebs on Security

NOVEMBER 15, 2022

Wanted Ukrainian cybercrime suspect Vyacheslav “Tank” Penchukov (right) was arrested in Geneva, Switzerland. Penchukov was named in a 2014 indictment by the U.S. Ultimately, Penchukov’s political connections helped him evade prosecution by Ukrainian cybercrime investigators for many years.

Banking 324

Banking Small Business Accountability Malware 324

Security Affairs

MARCH 26, 2020

that is hosting various cybercrime products and services were being sold. which is a Shopify-like platform that has been hosting hundreds of online shops used for the sale of hacked accounts and stolen user data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Feds reviewed approximately 250 DEER.IO

Cybercrime 144

Cybercrime Advertising Hacking Accountability 144

Security Affairs

MARCH 13, 2020

European authorities dismantled two cybercrime organizations responsible for stealing millions through SIM hijacking. European authorities managed to dismantle the operations of two cybercrime gangs responsible for stealing millions through SIM hijacking. The authorities arrested tens of individuals in Spain and Romania. .

Banking 144

Banking Cybercrime Mobile Accountability 144

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. biz , a long-running crypting service that is trusted by some of the biggest names in cybercrime.

Malware 271

Malware Antivirus Cybercrime Hacking 271

Security Affairs

FEBRUARY 12, 2020

The FBI’s Internal Crime Complaint Center (IC3) released the FBI 2019 Internet Crime Report , a document that outlines cybercrime trends over the past year. The figure that most of all capture our attention is that victims of cybercrime activities lost $3.5 Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Internet 143

Internet Internet Scams Cybercrime 143

Krebs on Security

MAY 23, 2024

But by all accounts, few attacks from those gangs have come close to the amount of firepower wielded by a pro-Russia group calling itself “ NoName057(16).” He also co-runs SURBL , an anti-abuse service that flags domains and Internet address ranges that are strongly associated with spam and cybercrime activity, including DDoS.

DDOS 323

DDOS Internet Internet Government 323

Security Affairs

MARCH 15, 2020

A cybercrime gang focused on Business Email Compromise (BEC) has started using coronavirus-themed scam emails in its attacks. The researchers received a coronavirus-themed scam email that attempted to trick victims into using a different bank account for the payment due to the COVID-19 outbreak. A change of the bank account).

Scams 139

Scams Banking Cybercrime Advertising 139

Krebs on Security

DECEMBER 29, 2022

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. Internal Revenue Service website for months: Anyone seeking to create an account to view their tax records online would soon be required to provide biometric data to a private company in Virginia — ID.me.

Cryptocurrency 288

Cryptocurrency Cybercrime Computers and Electronics Scams 288

Schneier on Security

NOVEMBER 7, 2017

There's a new criminal tactic involving hacking an e-mail account of a company that handles high-value transactions and diverting payments. Criminals hack into an art dealer's email account and monitor incoming and outgoing correspondence. EDITED TO ADD (11/14): Brian Krebs wrote about this in 2014.

Scams 191

Scams Accountability Banking Hacking 191

Security Affairs

SEPTEMBER 8, 2024

Between 2014 and 2024, the duo operated the dark web marketplace WWH Club (wwh-club[.]ws) WWH Club had over 353,000 users by 2023 and offered courses on fraud and cybercrime, generating profits through membership and tuition fees. ws) which focused on selling stolen personal data and conducting illegal activities.

Cybercrime 138

Cybercrime Accountability Banking Advertising 138

Security Affairs

AUGUST 18, 2020

Ukrainian authorities arrested the members of a cybercrime gang who ran 20 cryptocurrency exchanges involved in money laundering. Police in Ukraine announced the arrest of the members of a cybercrime gang composed of three individuals who ran 20 cryptocurrency exchanges used in money laundering activities. Pierluigi Paganini.

Cryptocurrency 140

Cryptocurrency Computers and Electronics Cybercrime Digital transformation 140

Security Affairs

JULY 13, 2024

In October 2022, Swiss police arrested Penchukov in Geneva, also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. In 2012, Vyacheslav Igorevich Penchukov was accused of being a member of a cybercrime gang known as JabberZeus crew. Since May 2019, Penchukov had a prominent role in the Zeus operation.

Cybercrime 127

Cybercrime Banking Malware Hacking 127