Remove 2014 Remove Internet Remove Malware
article thumbnail

Why Phishers Love New TLDs Like.shop,top and.xyz

Krebs on Security

Interisle sources data about cybercrime domains from anti-spam organizations, including the Anti-Phishing Working Group (APWG), the Coalition Against Unsolicited Commercial Email (CAUCE), and the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG). Image: Interisle Cybercrime Supply Chain 2014.

article thumbnail

An Interview With the Target & Home Depot Hacker

Krebs on Security

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. “My nickname was MikeMike, and I worked with Dmitri Golubov and made technologies for him,” Shefel said.

Retail 254
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. as a media sharing device on a local network that was somehow exposed to the Internet. Image: spur.us.

Malware 292
article thumbnail

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. WHO IS MEGATRAFFER?

Malware 301
article thumbnail

U.S. Offered $10M for Hacker Just Arrested by Russia

Krebs on Security

Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies. “It’s possible this is a shakedown by Kaliningrad authorities of a local internet thug who has tens of millions of dollars in cryptocurrency,” Intel 471 wrote in an analysis published Dec.

article thumbnail

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?

Malware 271
article thumbnail

TroyStealer – A new info stealer targeting Portuguese Internet users

Security Affairs

The world of cybercrime is changing, and more and more malware variants have spread every day. There seems to be a new stealer in town called #TroyStealer , targeting Portuguese internet users EXE: [link] Exfil email address: domionhuby@gmail.com Has anyone seen this threat before? /cc Figure 5: TroyStealer malware high flow diagram.

Internet 143