2018 and Cybercrime - Cyber Security Informer

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

FEBRUARY 7, 2024

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. Launched in 2001 under the tagline “Network terrorism,” Mazafaka would evolve into one of the most guarded Russian-language cybercrime communities. One representation of the leaked Mazafaka database. As well as the cost of my services.”

Cybercrime

Cybercrime Accountability Identity Theft Hacking

How Does One Get Hired by a Top Cybercrime Gang?

Krebs on Security

JUNE 15, 2021

This post explores answers to those questions, as well as some of the ways Trickbot and other organized cybercrime gangs gradually recruit, groom and trust new programmers. nl — circa October 2018. ” According to the DOJ, Witte had access to Trickbot for roughly two years between 2018 and 2020. 6 in Miami, Fla.

Cybercrime

Cybercrime Ransomware Passwords Banking

UK Ad Campaign Seeks to Deter Cybercrime

Krebs on Security

MAY 28, 2020

The United Kingdom’s anti-cybercrime agency is running online ads aimed at young people who search the Web for services that enable computer crimes, specifically trojan horse programs and DDoS-for-hire services. law enforcement agents in connection with various cybercrime investigations. FLATTENING THE CURVE.

Cybercrime

Cybercrime DDOS Advertising Hacking

A Year Later, Cybercrime Groups Still Rampant on Facebook

Krebs on Security

APRIL 8, 2019

Almost exactly one year ago, KrebsOnSecurity reported that a mere two hours of searching revealed more than 100 Facebook groups with some 300,000 members openly advertising services to support all types of cybercrime, including spam, credit card fraud and identity theft. Facebook responded by deleting those groups.

Cybercrime

Cybercrime Passwords Identity Theft Accountability

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Krebs on Security

DECEMBER 16, 2019

Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “ Evil Corp ” and stole roughly $100 million from businesses and consumers. LOW FRIENDS IN HIGH PLACES.

Cybercrime

Cybercrime Banking Small Business Accountability

How cybercrime will cost the world $1 trillion this year

Tech Republic Security

DECEMBER 7, 2020

Including both financial losses and cybersecurity spending, the $1 trillion in costs will represent a 50% increase over 2018, says McAfee.

Cybercrime

Cybercrime Cybersecurity

The strange business of cybercrime

CSO Magazine

JUNE 27, 2022

The old hacker stereotype—the antisocial lone wolf with coding skills—has been eclipsed by something far stranger: the cybercrime enterprise. This mutant business model has grown exponentially, with annual cybercrime revenues reaching $1.5 trillion, according to a 2018 study by endpoint security provider Bromium.

Cybercrime

Cybercrime Engineering

2023 FBI Internet Crime Report reported cybercrime losses reached $12.5 billion in 2023

Security Affairs

MARCH 7, 2024

The FBI Internet Crime Complaint Center (IC3) 2023 report states that reported cybercrime losses reached $12.5 The 2023 Internet Crime Report published the FBI’s Internet Crime Complaint Center (IC3) reveals that reported cybercrime losses reached $12.5 billion in 2023. billion in 2023. ” concludes the report. million.

Cybercrime

Cybercrime Internet Internet Scams

Two Russians Charged in $17M Cryptocurrency Phishing Spree

Krebs on Security

SEPTEMBER 16, 2020

authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges.

Cryptocurrency

Cryptocurrency Phishing Accountability Cybercrime

Cybercrime Group TA558 Targeting Hospitality, Hotel, and Travel Organizations

The Hacker News

AUGUST 19, 2022

A financially motivated cybercrime group has been linked to an ongoing wave of attacks aimed at hospitality, hotel, and travel organizations in Latin America with the goal of installing malware on compromised systems. Since 2018,

Cybercrime

Cybercrime Malware

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

Worse still, the DFS found, the vulnerability was discovered in a penetration test First American conducted on its own in December 2018. But in Wednesday’s filing, the DFS said First American was unable to determine whether records were accessed prior to Jun 2018. In the days that followed, the DFS and U.S.

Insurance

Insurance Financial Services Penetration Testing Scams

Breached Data Indexer ‘Data Viper’ Hacked

Krebs on Security

JULY 13, 2020

The incident also highlights the often murky area between what’s legal and ethical in combating cybercrime. ” As KrebsOnSecurity noted in a 2018 story , Troia has acknowledged posing as a buyer or seller on various dark web forums as a way to acquire old and newly-hacked databases from other forum members.

Hacking

Hacking Marketing Cybercrime Accountability

Spam Kingpin Peter Levashov Gets Time Served

Krebs on Security

JULY 20, 2021

Levashov has been in federal custody since his extradition to the United States and guilty plea in 2018, and was facing up to 12 more years in prison. Severa created and then leased out to others some of the nastiest cybercrime engines in history — including the Storm worm , and the Waledac and Kelihos spam botnets. A native of St.

Antivirus

Antivirus Cybercrime Identity Theft Scams

Who’s Behind the GandCrab Ransomware?

Krebs on Security

JULY 8, 2019

In the 15-month span of the GandCrab affiliate enterprise beginning in January 2018 , its curators shipped five major revisions to the code, each corresponding with sneaky new features and bug fixes aimed at thwarting the efforts of computer security firms to stymie the spread of the malware. The GandCrab identity on Exploit[.]in

Ransomware

Ransomware Accountability Cybercrime Passwords

M?ris Bot infects MikroTik routers compromised in 2018

Security Affairs

SEPTEMBER 14, 2021

The network equipment maker MikroTik revealed that the routers were previously compromised in 2018. “As far as we have seen, these attacks use the same routers that were compromised in 2018, when MikroTik RouterOS had a vulnerability, that was quickly patched.” ” reads a post published by MikroTik in a forum post.

DDOS

DDOS Firewall Passwords Internet

BulletProofLink, a large-scale phishing-as-a-service active since 2018

Security Affairs

SEPTEMBER 23, 2021

BulletProofLink has been active since 2018, it was used by multiple threat actors in either one-off or monthly subscription-based business models. The double theft tactic allows the PhaaS operators to maximize their profits, the operators also earn selling victims’ credentials in the cybercrime underground. Pierluigi Paganini.

Phishing

Phishing Cybercrime Advertising Hacking

TA558 cybercrime group targets hospitality and travel orgs

Security Affairs

AUGUST 20, 2022

TA558 cybercrime group is behind a malware campaign targeting hospitality, hotel, and travel organizations in Latin America. Researchers from Proofpoint are monitoring a malware campaign conducted by a cybercrime group, tracked as TA558, that is targeting hospitality, hotel, and travel organizations in Latin America.

Cybercrime

Cybercrime Malware Phishing Internet

Threat actor has been targeting the aviation industry since at least 2018

Security Affairs

SEPTEMBER 18, 2021

Talos researchers believe that the group was able to remain under the radar using crypters that it bought on cybercrime forums. The post Threat actor has been targeting the aviation industry since at least 2018 appeared first on Security Affairs. Microsoft 365 Defender detects the multiple components of this attack. .

Malware

Malware Phishing DNS Cybercrime

Credentials for cybercrime forums found on roughly 120K computers infected with info stealers

Security Affairs

AUGUST 15, 2023

Researchers discovered credentials associated with cybercrime forums on roughly 120,000 computers infected with information stealers. Threat intelligence firm Hudson Rock has discovered credentials associated with cybercrime forums on roughly 120,000 computers infected with various information stealer malware.

Cybercrime

Cybercrime Passwords Data breaches Malware

TrickBot indictment reveals the scale and complexity of organized cybercrime

Malwarebytes

JUNE 8, 2021

A Latvian woman has been charged for their alleged role in a transnational cybercrime organisation. As touched on above, the group hired experts in a variety of cybercrime fields. The wire transfers listed range from $44,900 to $230,400 across most of 2017 to 2018. What happened this week, you ask? How bad is it really?

Cybercrime

Cybercrime Malware Banking Phishing

Three cybercrime technology trends to watch in 2023

CyberSecurity Insiders

JANUARY 3, 2023

The “ NotPetya ” attack of 2017 – the most financially damaging cyberattack in history – and the 2018 “ Olympic Destroyer ” attack, which took down the entire technology system of the Winter Olympics in Seoul, South Korea, used wiper malware.

Technology

Technology Cybercrime Artificial Intelligence Government

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. Conclusion: cybersecurity and cybercrime have matured.

Cybercrime

Cybercrime Banking Malware Ransomware

Over 120,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums

The Hacker News

AUGUST 15, 2023

A "staggering" 120,000 computers infected by stealer malware have credentials associated with cybercrime forums, many of them belonging to malicious actors. The findings come from Hudson Rock, which analyzed data collected from computers compromised between 2018 to 2023.

Cybercrime

Cybercrime Data collection Malware Software

New IRS Site Could Make it Easy for Thieves to Intercept Some Stimulus Payments

Krebs on Security

APRIL 10, 2020

Most people who who filed a tax return in 2018 and/or 2019 and provided their bank account information for a debit or credit should soon see an Economic Impact Payment direct-deposited into their bank accounts. More importantly, it appears one doesn’t really need to supply one’s AGI in 2018.

Computers and Electronics

Computers and Electronics Banking Accountability Scams

First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Krebs on Security

MAY 24, 2019

billion in 2018. According to the FBI, BEC scams are the most costly form of cybercrime today. In December 2018, the parent company of Kay Jewelers and Jared Jewelers fixed a weakness in their site that exposed the order information for all of their online customers. In August 2018, financial industry giant Fiserv Inc.

Insurance

Insurance Banking Identity Theft Scams

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Silent Push said Araneida is being advertised by an eponymous user on multiple cybercrime forums. Araneida Scanner’s Telegram channel bragging about how customers are using the service for cybercrime. That user, “ Exorn ,” has posts dating back to August 2018. co — first came online in February 2023.

Hacking

Hacking Cybercrime Advertising Data breaches

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Brad Marden , superintendent of cybercrime operations for the Australian Federal Police (AFP), said their investigation into who was behind U-Admin began in late 2018, after Australian citizens began getting deluged with phishing attacks via mobile text messages that leveraged the software.

Phishing

Phishing Scams Banking Mobile

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Security Affairs

JULY 6, 2021

The alleged perpetrator, who turned out to be a citizen of Morocco, was arrested in May by the Moroccan police based on the data about his cybercrimes that was provided by Group-IB. Over the period from 2009 to 2018, the threat actor defaced over 130 web pages. Original post at [link]. Pierluigi Paganini.

Cybercrime

Cybercrime Phishing Banking Telecommunications

This Service Helps Malware Authors Fix Flaws in their Code

Krebs on Security

MAY 18, 2020

is cybercrime forum. “We can examine your (or not exactly your) PHP code for vulnerabilities and backdoors,” reads his offering on several prominent Russian cybercrime forums. The cybercrime actor “upO” on Exploit[.]in RedBear’s profile on the Russian-language xss[.]is

Malware

Malware Cybercrime Ransomware Marketing

Thinking of Hiring or Running a Booter Service? Think Again.

Krebs on Security

JANUARY 17, 2023

Proprietors of these so-called “booter” or “stresser” services — designed to knock websites and users offline — have long operated in a legally murky area of cybercrime law. In 2018, the feds seized 15 stresser sites, and levied cybercrime charges against three men for their operation of booter services.

DDOS

DDOS Cybercrime Engineering Government

Feds Take Down 13 More DDoS-for-Hire Services

Krebs on Security

MAY 9, 2023

In December 2018, the feds targeted 15 booter sites, and three booter store defendants who later pleaded guilty. man charged in the government’s first 2018 mass booter bust-up. In December 2022, the feds seized four-dozen booter domains and charged six U.S. Charles, Ill.

DDOS

DDOS Cybercrime Internet Internet

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years

Krebs on Security

APRIL 30, 2024

Finnish prosecutors quickly zeroed in on a suspect: Julius “Zeekill” Kivimäki , a notorious criminal hacker convicted of committing tens of thousands of cybercrimes before he became an adult. After being charged with the attack in October 2022, Kivimäki fled the country.

DDOS

DDOS Cybercrime Hacking Passwords

Secret Service Investigates Breach at U.S. Govt IT Contractor

Krebs on Security

SEPTEMBER 9, 2019

Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. In mid-August, a member of a popular Russian-language cybercrime forum offered to sell access to the internal network of a U.S.

Cybercrime

Cybercrime Government Data collection Internet

Experts link the Black Basta ransomware operation to FIN7 cybercrime gang

Security Affairs

NOVEMBER 3, 2022

aka BIRDDOG)’ It is a backdoor that was used by the FIN7 group since at least 2018, it also connects to a C2 IP address 45[.]67[.]229[.]148 The post Experts link the Black Basta ransomware operation to FIN7 cybercrime gang appeared first on Security Affairs. ” Follow me on Twitter: @securityaffairs and Facebook.

Cybercrime

Cybercrime Ransomware Antivirus Malware

New Charges Derail COVID Release for Hacker Who Aided ISIS

Krebs on Security

JANUARY 19, 2021

The release was granted in part due to Ferizi’s 2018 diagnosis if asthma, as well as a COVID outbreak at the facility where he was housed in 2020. In the years leading up to his arrest, Ferizi was the administrator of a cybercrime forum called Pentagon Crew.

Identity Theft

Identity Theft Government Social Engineering Accountability

Half of all Phishing Sites Now Have the Padlock

Krebs on Security

NOVEMBER 26, 2018

Recent data from anti-phishing company PhishLabs shows that 49 percent of all phishing sites in the third quarter of 2018 bore the padlock security icon next to the phishing site domain name as displayed in a browser address bar. That’s up from 25 percent just one year ago, and from 35 percent in the second quarter of 2018.

Phishing

Phishing Scams Cryptocurrency Internet

Mariposa Botnet Author, Darkcode Crime Forum Admin Arrested in Germany

Krebs on Security

OCTOBER 1, 2019

A Slovenian man convicted of authoring the destructive and once-prolific Mariposa botnet and running the infamous Darkode cybercrime forum has been arrested in Germany on request from prosecutors in the United States, who’ve recently re-indicted him on related charges. issued international arrest warrant for his extradition.

Cybercrime

Cybercrime Malware Antivirus Banking

Over 100,000 Hackers Exposed in Data from Top Cybercrime Forums

SecureWorld News

AUGUST 16, 2023

Recent research conducted by Hudson Rock has shed light on the extensive compromise of computers and the exposure of hackers within cybercrime forums. Hudson Rock's research delved deep into the underbelly of the cyber world, focusing on the top 100 cybercrime forums.

Cybercrime

Cybercrime Passwords Data collection Data breaches

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

.” New York City-based cyber intelligence firm Flashpoint said the Snatch ransomware group was created in 2018, based on Truniger’s recruitment both on Russian language cybercrime forums and public Russian programming boards. ” In at least some of those recruitment ads — like one in 2018 on the forum sysadmins[.]ru

Ransomware

Ransomware Accountability Cybercrime Backups

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash , a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The answer involved Bitcoin, but also Taleon’s new service.

Cryptocurrency

Cryptocurrency Cybercrime Retail Government

US dismantled and seized SSNDOB cybercrime marketplace

Security Affairs

JUNE 8, 2022

“Between December 2018 and June 2019, SSNDOB sent over $100,000 worth of Bitcoin to Joker’s Stash, suggesting the two markets may have had some relationship to one another, including possibly shared ownership.” The post US dismantled and seized SSNDOB cybercrime marketplace appeared first on Security Affairs.

Cybercrime

Cybercrime Cryptocurrency Marketing Advertising

North Korean APT43 Group Uses Cybercrime to Fund Espionage Operations

The Hacker News

MARCH 28, 2023

A new North Korean nation-state cyber operator has been attributed to a series of campaigns orchestrated to gather strategic intelligence that aligns with Pyongyang's geopolitical interests since 2018.

Cybercrime

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Security Affairs

DECEMBER 4, 2024

The operation was carried out by Public Prosecutor’s Office in Frankfurt am Main, the Central Office for Combating Cybercrime (ZIT), and the Federal Criminal Police Office (BKA). Nearly $100M in cryptocurrency was traded on the platform from 2018-2024, with operators taking 1-5% commissions. Now in custody.

Cybercrime

Cybercrime Cryptocurrency Hacking Internet

Joker’s Stash Carding Market to Call it Quits

Krebs on Security

JANUARY 18, 2021

The announcement came on the heels of a turbulent year for the major cybercrime store, and just weeks after U.S. Like many other top cybercrime bazaars, Joker’s Stash was a frequent target of phishers looking to rip off unwary or unsophisticated thieves. and European authorities seized a number of its servers.

Marketing

Marketing Cybercrime Accountability Cryptocurrency

From Cybercrime Saul Goodman to the Russian GRU

How Does One Get Hired by a Top Cybercrime Gang?

Trending Sources

UK Ad Campaign Seeks to Deter Cybercrime

A Year Later, Cybercrime Groups Still Rampant on Facebook

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

How cybercrime will cost the world $1 trillion this year

The strange business of cybercrime

2023 FBI Internet Crime Report reported cybercrime losses reached $12.5 billion in 2023

Two Russians Charged in $17M Cryptocurrency Phishing Spree

Cybercrime Group TA558 Targeting Hospitality, Hotel, and Travel Organizations

NY Charges First American Financial for Massive Data Leak

Breached Data Indexer ‘Data Viper’ Hacked

Spam Kingpin Peter Levashov Gets Time Served

Who’s Behind the GandCrab Ransomware?

M?ris Bot infects MikroTik routers compromised in 2018

BulletProofLink, a large-scale phishing-as-a-service active since 2018

TA558 cybercrime group targets hospitality and travel orgs

Threat actor has been targeting the aviation industry since at least 2018

Credentials for cybercrime forums found on roughly 120K computers infected with info stealers

TrickBot indictment reveals the scale and complexity of organized cybercrime

Three cybercrime technology trends to watch in 2023

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

Over 120,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums

New IRS Site Could Make it Easy for Thieves to Intercept Some Stimulus Payments

First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

This Service Helps Malware Authors Fix Flaws in their Code

Thinking of Hiring or Running a Booter Service? Think Again.

Feds Take Down 13 More DDoS-for-Hire Services

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years

Secret Service Investigates Breach at U.S. Govt IT Contractor

Experts link the Black Basta ransomware operation to FIN7 cybercrime gang

New Charges Derail COVID Release for Hacker Who Aided ISIS

Half of all Phishing Sites Now Have the Padlock

Mariposa Botnet Author, Darkcode Crime Forum Admin Arrested in Germany

Over 100,000 Hackers Exposed in Data from Top Cybercrime Forums

A Closer Look at the Snatch Data Ransom Group

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

US dismantled and seized SSNDOB cybercrime marketplace

North Korean APT43 Group Uses Cybercrime to Fund Espionage Operations

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Joker’s Stash Carding Market to Call it Quits

Stay Connected