2016, Cybercrime and Information Security

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016.

Cybercrime

Cybercrime Cryptocurrency Banking Accountability

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

.” The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums. ” In 2016, Deniskloster.com featured a post celebrating three years in operation. ” the post enthuses.

Advertising

Advertising Cybercrime System Administration Hacking

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

Security Affairs

NOVEMBER 15, 2024

Bitfinex hacker, Ilya Lichtenstein , who stole 1 billion worth of Bitcoins from Bitfinex in 2016, has been sentenced to five years in prison. Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex. ” reads the press release published by DoJ. Law enforcement also seized over $3.6

Cryptocurrency

Cryptocurrency Hacking Government Accountability

U.S. authorities seized cybercrime marketplace Rydox

Security Affairs

DECEMBER 13, 2024

Department of Justice (DoJ) announced the seizure of the cybercrime marketplace Rydox (“rydox.ru” and “rydox[.]cc”). Department of Justice (DoJ) seized Rydox, a cybercrime marketplace for selling stolen personal data and fraud tools. cc”). Thousands of U.S. victims were affected. Attorney Eric G.

Cybercrime

Cybercrime Identity Theft Cryptocurrency Hacking

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.” “Thanks to you, we are now developing in the field of information security and anonymity! RSOCKS, circa 2016. Image: archive.org.

Cybercrime

Cybercrime Advertising IoT Malware

ExCobalt Cybercrime group targets Russian organizations in multiple sectors

Security Affairs

JUNE 24, 2024

The cybercrime group ExCobalt targeted Russian organizations in multiple sectors with a previously unknown backdoor known as GoRed. Positive Technologies researchers reported that a cybercrime gang called ExCobalt targeted Russian organizations in multiple sectors with a previously unknown Golang-based backdoor known as GoRed.

Cybercrime

Cybercrime Telecommunications DNS Technology

DoJ charged 19 individuals in a transnational cybercrime investigation xDedic Marketplace

Security Affairs

JANUARY 8, 2024

19 individuals worldwide were charged in a transnational cybercrime investigation of the now defunct xDedic marketplace. The black marketplace has been active since 2014, it was first analyzed by experts at Kaspersky Lab in 2016. At the time, the domain (xdedic[.]biz) The website quickly reappeared in the Tor network.

Cybercrime

Cybercrime Identity Theft Government Hacking

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

The investigation began in early 2024 after data stolen from a Madrid business association was leaked on dark web cybercrime forums. The hacker claimed responsibility for the attacks on multiple cybercrime forums under different monikers to avoid being identified. ” continues the press release. ” concludes the statement.

Cybercrime

Cybercrime Government Data breaches Information Security

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Krebs on Security

SEPTEMBER 24, 2022

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog , which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.”

Cybercrime

Cybercrime Data breaches Malware Ransomware

Personal health information of 42M Americans leaked between 2016 and 2021

Security Affairs

DECEMBER 31, 2022

Crooks have had access to the medical records of 42 million Americans since 2016 as the number of hacks on healthcare organizations doubled. Medical records of 42 million Americans are being sold on the dark web since 2016, this information comes from cyberattacks on healthcare providers. million in 2016 to close to 16.5

Healthcare

Healthcare Ransomware Backups Hacking

Chinese-speaking cybercrime gang Rocke changes tactics

Security Affairs

OCTOBER 15, 2019

Chinese-speaking cybercrime gang Rocke that carried out several large-scale cryptomining campaigns, has now using news tactics to evade detection. Chinese-speaking cybercrime gang Rocke, that carried out several large-scale cryptomining campaigns in past , has now using news tactics to evade detection. Pierluigi Paganini.

Cybercrime

Cybercrime DNS Malware Advertising

International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists

Security Affairs

FEBRUARY 5, 2025

The International Civil Aviation Organization (ICAO) , a specialized agency of the United Nations, is investigating a significant data breach that has raised concerns about the security of its systems and employees data. ” reads the statement published by the International Civil Aviation Organization.

Data breaches

Data breaches Information Security Hacking Marketing

Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016

Security Affairs

AUGUST 4, 2023

A married couple from New York pleaded guilty this week to laundering billions of dollars stolen from Bitfinex in 2016. The couple pleaded guilty to money laundering charges in connection with the hack of the cryptocurrency stock exchange Bitfinex that took place in 2016. Law enforcement also seized over $3.6

Cryptocurrency

Cryptocurrency Hacking Accountability Banking

US seizes $3.6 billion worth of cryptocurrency stolen in 2016 Bitfinex hack

Security Affairs

FEBRUARY 8, 2022

billion worth of cryptocurrency linked to the 2016 Bitfinex cryptocurrency exchange hack. Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex. billion worth of cryptocurrency stolen in 2016 Bitfinex hack appeared first on Security Affairs. The law enforcement seized $3.6 Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Hacking Accountability Marketing

TrickGate, a packer used by malware to evade detection since 2016

Security Affairs

JANUARY 31, 2023

TrickGate is a shellcode-based packer offered as a service, which is used at least since July 2016, to hide malware from defense programs. TrickGate is a shellcode-based packer offered as a service to malware authors to avoid detection, CheckPoint researchers reported.

Malware

Malware Antivirus Manufacturing Healthcare

U.S. CISA adds Adobe ColdFusion and Oracle Agile PLM flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 25, 2025

is a Java deserialization vulnerability in the Apache BlazeDS library in Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier. An attacker can exploit the vulnerability to achieve arbitrary code execution.

Hacking

Hacking Cybersecurity Risk Cybercrime

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The infamous Locky ransomware was first spotted in the wild in February 2016. CryptXXX, another major family discovered in April 2016 and later rebranded as UltraCrypter, relied on exploit kits that used software vulnerabilities to infiltrate systems. The first viable Mac ransomware called KeRanger was spotted in the spring of 2016.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Crooks are reviving the Grandoreiro banking trojan

Security Affairs

MARCH 28, 2025

The Trojan has been active since 2016, it initially targeted Brazil but expanded to Mexico, Portugal, and Spain since 2020. Grandoreiro Banking Trojan resurfaces, targeting users in Latin America and Europe in new phishing campaigns.

Banking

Banking Phishing Malware Passwords

Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums

Security Affairs

APRIL 12, 2022

The illegal dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of the international law enforcement Operation TOURNIQUET coordinated by Europol’s European Cybercrime Centre. Europol will continue working with its international partners to make cybercrime harder – and riskier –to commit.

Cybercrime

Cybercrime Banking Accountability Hacking

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces. The Russian criminal was arrested in Prague in October 2016 in an international joint operation with the FBI. SecurityAffairs – hacking, cybercrime).

Hacking

Hacking Cybercrime Advertising Data breaches

Trickbot spreads malware through new distribution channels

Security Affairs

OCTOBER 16, 2021

TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The gang support other cybercrime groups such as known Hive0105, Hive0106 (aka TA551 or Shathak), and Hive0107, supporting them in expanding their malware campaigns. ” reads the post published by IBM X-Force.

Malware

Malware Cybercrime DDOS Social Engineering

A Ukrainian man is the third FIN7 member sentenced in the United States

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). Iarmak was involved in FIN7 criminal activities from approximately November 2016 through November 2018.

Cybercrime

Cybercrime Hacking Software Phishing

Source code of Dharma ransomware now surfacing on public hacking forums

Security Affairs

MARCH 29, 2020

The Dharma ransomware first appeared on the threat landscape in February 2016, at the time experts dubbed it Crysis. In November 2016, the master decryption keys for Crysis were released online, victims of CrySis versions 2 and 3 were able to recover their files.

Ransomware

Ransomware Hacking Advertising Malware

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Security Affairs

OCTOBER 29, 2020

The government agencies receive information about imminent attacks, threat actors are using the TrickBot botnet to deliver the infamous ransomware to the infected systems. “CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.

Healthcare

Healthcare Ransomware Cybercrime Advertising

QQAAZZ crime gang charged for laundering money stolen by malware gangs

Security Affairs

OCTOBER 18, 2020

QQAAZZ attempted to launder tens of millions stolen from victims starting with 2016 by the world’s foremost cybercriminals. SecurityAffairs – hacking, QQAAZZ cybercrime gang). The post QQAAZZ crime gang charged for laundering money stolen by malware gangs appeared first on Security Affairs. Pierluigi Paganini.

Malware

Malware Banking Cryptocurrency Cybercrime

North Korea-linked hackers stole $626 million in virtual assets in 2022

Security Affairs

DECEMBER 22, 2022

. “South Korea’s main spy agency, the National Intelligence Service, said North Korea’s capacity to steal digital assets is considered among the best in the world because of the country’s focus on cybercrimes since U.N. sanctions imposed in 2016 and 1017, and the impact on its economy is dramatic. ” reported the AP agency.

Cryptocurrency

Cryptocurrency Cybercrime Media Government

The Emotet botnet is back and hits 100K recipients per day

Security Affairs

DECEMBER 26, 2020

Emotet is back on Christmas Eve, cybercrime operators are sending out spam messages to deliver the infamous Trickbot Trojan. Emotet is back on Christmas Eve, after two months of silence, cybercrime operators are sending out spam messages to deliver the infamous Trickbot Trojan.

Cybercrime

Cybercrime Malware Banking Ransomware

Uber hacked, internal systems and confidential documents were allegedly compromised

Security Affairs

SEPTEMBER 16, 2022

We don’t have an estimate right now as to when full access to tools will be restored, so thank you for bearing with us,” Latha Maripuri, Uber’s chief information security officer, told NYT via email. This is not the first time that the company suffered a security breach.

Hacking

Hacking Data breaches Information Security Engineering

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Security Affairs

MAY 13, 2024

New Jersey’s Cybersecurity and Communications Integration Cell (NJCCIC) reported that since April, threat actors used the the Phorpiex botnet to send millions of phishing emails as part of a LockBit Black ransomware campaign. In December 2021, experts at Check Point Research observed the resurgence of the Phorpiex botnet.

Phishing

Phishing Ransomware Security Awareness Authentication

No More Ransom helped ransomware victims to save almost €1B

Security Affairs

JULY 26, 2021

The “No More Ransom” website is an initiative launched in 2016 by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre, Kaspersky and McAfee to help victims of ransomware retrieve their encrypted data without having to pay the criminals.

Ransomware

Ransomware Encryption Cybercrime Hacking

A member of the FIN7 group was sentenced to 10 years in prison

Security Affairs

APRIL 18, 2021

CARBANAK cybercrime gang was first uncovered in 2014 by Kaspersky Lab that dated its activity back to 2013 when the group leveraged the Anunak malware in targeted attacks on financial institutions and ATM networks. Between 2014 and 2016 the group used a new custom malware dubbed Carbanak that is considered a newer version of Anunak.

System Administration

System Administration Penetration Testing Malware Hacking

State-sponsored hackers are launching Coronavirus-themed attacks

Security Affairs

MARCH 13, 2020

In the last weeks, security experts reported many Coronavirus-themed attacks carried out by cybercrime gangs, now experts warn of similar attacks from nation – s tate actors. ” reads the analysis published by the CheckPoint experts.

Malware

Malware Cybercrime Advertising Phishing

Helix Bitcoin Mixer operator charged for laundering over $300M worth of Bitcoin

Security Affairs

FEBRUARY 14, 2020

In November 2016, Harmon started a partnership with AlphaBay , the popular black market that was seized by authorities in July 2017. SecurityAffairs – Helix mixer, cybercrime). The post Helix Bitcoin Mixer operator charged for laundering over $300M worth of Bitcoin appeared first on Security Affairs. Pierluigi Paganini.

Advertising

Advertising Cryptocurrency Cybercrime Engineering

RevengeHotels campaign – crooks target the hospitality industry

Security Affairs

NOVEMBER 28, 2019

Security experts at Kaspersky have published a report on a targeted cybercrime malware campaign, tracked as RevengeHotels, that hit hotels, hostels, hospitality and tourism companies. The files downloaded in the attacks observed in 2016 were divided into two modules, a backdoor and a module to capture screenshots.

Cybercrime

Cybercrime Malware Advertising Phishing

UK and US sanctioned 11 members of the Russia-based TrickBot gang

Security Affairs

SEPTEMBER 11, 2023

governments sanctioned 11 more individuals who were alleged members of the Russia-based TrickBot cybercrime gang. The United States, in coordination with the United Kingdom, sanctioned eleven more individuals who are members of the Russia-based Trickbot cybercrime group. The sanctions were provided by the U.S. Government and U.S.

Cybercrime

Cybercrime Government Ransomware Banking

Members of GozNym gang sentenced for stealing $100 Million

Security Affairs

DECEMBER 22, 2019

Justice Department announced that three members of the cybercrime group behind the GozNym banking Trojan have been sentenced to prison. Justice Department announced that three members of the cybercrime group behind the GozNym banking Trojan have been sentenced to prison. Brady announced today.”

Computers and Electronics

Computers and Electronics Banking Cybercrime Malware

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Security Affairs

OCTOBER 19, 2020

French authorities accused Vinnik of defrauding more than 100 people in six French cities between 2016 and 2018. SecurityAffairs – hacking, cybercrime). The post Alexander Vinnik, the popular cyber criminal goes on trial in Paris appeared first on Security Affairs. ” reported the AFP news. . Pierluigi Paganini.

Advertising

Advertising Hacking Cybercrime Cryptocurrency

Hackers threaten to leak a copy of the World-Check database used to assess potential risks associated with entities

Security Affairs

APRIL 22, 2024

This is sensitive information that could lead to discrimination, persecution, or otherwise cause harm to individuals by violating their privacy and exposing them to various types of cyberattacks. In June 2016, security researcher Chris Vickery found a copy of the World-Check database dated 2014 that was accidentally exposed online.

Risk

Risk Spyware Hacking Accountability

Data from Sephora and StreetEasy data breaches added to HIBP

Security Affairs

OCTOBER 7, 2019

The StreetEasy data breach took place in the mid-2016 and exposed 988k records that included names, usernames, email addresses and SHA-1 password hashes. The data has been available for sale in the cybercrime underground since February. “In approximately June 2016, the real estate website StreetEasy suffered a data breach.

Data breaches

Data breaches Passwords Advertising Cybercrime

CISA and FBI warn of ongoing TrickBot attacks

Security Affairs

MARCH 19, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) warn of ongoing Trickbot attacks despite in October multiple security firms dismantled its C2 infrastructure in a joint operation. ” reads the advisory.

Phishing

Phishing Cybercrime Malware Ransomware

FBI links the Diavol ransomware to the TrickBot gang

Security Affairs

JANUARY 20, 2022

. “The FBI has not yet observed Diavol leak victim data, despite ransom notes including threats to leak stolen information.” ” TrickBot is a popular banking Trojan that has been around since October 2016, its authors have continuously upgraded it by implementing new features.

Ransomware

Ransomware Banking Malware Encryption

Caketap, a new Unix rootkit used to siphon ATM banking data

Security Affairs

MARCH 18, 2022

Mandiant researchers discovered a new Unix rootkit named Caketap, which is used to steal ATM banking data, while investigating the activity of the LightBasin cybercrime group (aka UNC1945 ). The China-linked hacking group has been active since at least 2016, according to the CrowdStrike researchers it is using a very sophisticated toolset.

Banking

Banking Telecommunications System Administration Hacking

TrickBot gang developer arrested at the Seoul international airport

Security Affairs

SEPTEMBER 6, 2021

TrickBot is a popular banking Trojan that has been around since October 2016, its authors have continuously upgraded it by implementing new features. The man was recruited by the criminal organization in 2016. Operators continue to offer the botnet through a multi-purpose malware-as-a-service (MaaS) model. ” Mr.

Malware

Malware Banking Hacking Government

Russian national sentenced to 40 months for selling stolen data on the dark web

Security Affairs

AUGUST 16, 2024

Between July 2016 and May 2021, Kavzharadze listed over 626,100 stolen login credentials on Slilpp and sold more than 297,300 of them. The Russian man was sentenced to 40 months in prison and ordered to pay $1,233,521.47 in restitution. These credentials were linked to $1.2 million in fraudulent transactions.

Banking

Banking Accountability Retail Mobile

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Meet the Administrators of the RSOCKS Proxy Botnet

Trending Sources

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

U.S. authorities seized cybercrime marketplace Rydox

Administrator of RSOCKS Proxy Botnet Pleads Guilty

ExCobalt Cybercrime group targets Russian organizations in multiple sectors

DoJ charged 19 individuals in a transnational cybercrime investigation xDedic Marketplace

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Personal health information of 42M Americans leaked between 2016 and 2021

Chinese-speaking cybercrime gang Rocke changes tactics

International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists

Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016

US seizes $3.6 billion worth of cryptocurrency stolen in 2016 Bitfinex hack

TrickGate, a packer used by malware to evade detection since 2016

U.S. CISA adds Adobe ColdFusion and Oracle Agile PLM flaws to its Known Exploited Vulnerabilities catalog

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Crooks are reviving the Grandoreiro banking trojan

Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Trickbot spreads malware through new distribution channels

A Ukrainian man is the third FIN7 member sentenced in the United States

Source code of Dharma ransomware now surfacing on public hacking forums

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

QQAAZZ crime gang charged for laundering money stolen by malware gangs

North Korea-linked hackers stole $626 million in virtual assets in 2022

The Emotet botnet is back and hits 100K recipients per day

Uber hacked, internal systems and confidential documents were allegedly compromised

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

No More Ransom helped ransomware victims to save almost €1B

A member of the FIN7 group was sentenced to 10 years in prison

State-sponsored hackers are launching Coronavirus-themed attacks

Helix Bitcoin Mixer operator charged for laundering over $300M worth of Bitcoin

RevengeHotels campaign – crooks target the hospitality industry

UK and US sanctioned 11 members of the Russia-based TrickBot gang

Members of GozNym gang sentenced for stealing $100 Million

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Hackers threaten to leak a copy of the World-Check database used to assess potential risks associated with entities

Data from Sephora and StreetEasy data breaches added to HIBP

CISA and FBI warn of ongoing TrickBot attacks

FBI links the Diavol ransomware to the TrickBot gang

Caketap, a new Unix rootkit used to siphon ATM banking data

TrickBot gang developer arrested at the Seoul international airport

Russian national sentenced to 40 months for selling stolen data on the dark web

Stay Connected