Krebs on Security

APRIL 8, 2019

Almost exactly one year ago, KrebsOnSecurity reported that a mere two hours of searching revealed more than 100 Facebook groups with some 300,000 members openly advertising services to support all types of cybercrime, including spam, credit card fraud and identity theft. Facebook responded by deleting those groups.

Cybercrime 223

Cybercrime Passwords Identity Theft Accountability 223

Security Affairs

SEPTEMBER 18, 2021

Security researchers from the Cisco Talos team uncovered a spear-phishing campaign targeting the aviation industry for two years avoiding detection. Security researchers from Cisco Talos uncovered a spear-phishing campaign targeting, dubbed Operation Layover, that targeted the aviation industry for two years without being detected.

Malware 126

Malware Phishing DNS Cybercrime 126

CyberSecurity Insiders

JANUARY 3, 2023

Already some have used the OpenAI platform to have ChatGPT write phishing emails and insert malicious links. The emails don’t have the usual spelling, grammar, and syntax errors that today’s phishing messages composed by non-native-English speakers tend to contain – errors that serve as a tip-off to recipients.

Technology 135

Technology Cybercrime Artificial Intelligence Government 135

Security Affairs

JANUARY 30, 2019

According to the ENISA Threat Landscape Report 2018, 2018 has brought significant changes in the techniques, tactics, and procedures associated with cybercrime organizations and nation-state actors. ” reads the ENISA Threat Landscape Report 2018. Exploit Kits have lost their importance in the cyberthreat landscape.

Cyber threats 108

Cyber threats IoT Social Engineering Advertising 108

Security Affairs

JULY 6, 2021

The alleged perpetrator, who turned out to be a citizen of Morocco, was arrested in May by the Moroccan police based on the data about his cybercrimes that was provided by Group-IB. Almost each of the scripts contained in the phishing kit had its creator’s nickname, Dr HeX, and contact email address.

Cybercrime 104

Cybercrime Phishing Banking Telecommunications 104

Krebs on Security

DECEMBER 16, 2019

Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “ Evil Corp ” and stole roughly $100 million from businesses and consumers. LOW FRIENDS IN HIGH PLACES.

Cybercrime 240

Cybercrime Banking Small Business Accountability 240

Security Affairs

APRIL 15, 2020

The report focuses on phishing kits – the driving force of the phishing industry, which is hard to detect but extremely valuable in terms of fight against phishing. The growing demand for phishing kits is also reflected in its price that skyrocketed last year by 149 percent and exceeded $300 per item.

Phishing 136

Phishing Marketing Advertising Cyber threats 136

Malwarebytes

JUNE 8, 2021

Sometimes, it’s used even if an attack being discussed is a basic phish, or maybe some very generic malware. A Latvian woman has been charged for their alleged role in a transnational cybercrime organisation. As touched on above, the group hired experts in a variety of cybercrime fields. What happened this week, you ask?

Cybercrime 110

Cybercrime Malware Banking Phishing 110

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. In 2017-2018 hackers’ interest in cryptocurrency exchanges ramped up. In 2018 the direct financial losses from these attacks amounted to almost $20 million. Attacks on Crypto.

Cybercrime 108

Cybercrime Hacking Banking Phishing 108

Security Affairs

SEPTEMBER 1, 2018

Security experts from Netscout’s ASERT uncovered a new campaign carried out by the Cobalt cybercrime group. The attacks were detected on August 13, 2018, experts revealed that the hackers targeted also the NS Bank in Russia and Carpatica/Patria in Romania. The phishing message includes two malicious links.

Cybercrime 77

Cybercrime Banking Phishing Advertising 77

SecureWorld News

MAY 2, 2022

Another day, another dollar, another phishing scam that'll make you holler. Department of Justice (DOJ) recently announced the conviction of a California man who stole more than $23 million from the Department of Defense (DOD) through a complex phishing scam. On October 10, 2018, the DOD transferred $23.5

Phishing 85

Phishing Computers and Electronics Banking Scams 85

Security Affairs

AUGUST 5, 2019

A crook involved in a spear phishing scheme and that was in Kenya is facing up to 20 years in the US federal prison for stealing thousands of dollars from US universities. Amil Hassan Raage, 48, pleaded guilty last week in a southern California court to fraudulently receiving almost $750,000 as part of a spear phishing scheme.

Phishing 111

Phishing Banking Advertising Accountability 111

Security Affairs

NOVEMBER 3, 2022

It focused on deploying POS malware and launching targeted spear-phishing attacks against organizations worldwide. aka BIRDDOG)’ It is a backdoor that was used by the FIN7 group since at least 2018, it also connects to a C2 IP address 45[.]67[.]229[.]148 ” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Cybercrime 110

Cybercrime Ransomware Antivirus Malware 110

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years.

Cybercrime 142

Cybercrime Banking Malware Ransomware 142

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. domains as among the most prevalent in phishing attacks over the past year. As far back as 2018, Interisle found.US

Phishing 294

Phishing Telecommunications Malware Scams 294

Security Affairs

APRIL 8, 2019

Bahrain, 08.04.2019 – Group-IB, an international company that specializes in preventing cyberattacks , and NGN International, a global system integrator, analyzed cybersecurity landscape in Gulf countries in 2018. According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8

Artificial Intelligence 98

Artificial Intelligence Government Banking Advertising 98

Krebs on Security

JULY 20, 2021

Levashov has been in federal custody since his extradition to the United States and guilty plea in 2018, and was facing up to 12 more years in prison. Severa created and then leased out to others some of the nastiest cybercrime engines in history — including the Storm worm , and the Waledac and Kelihos spam botnets. A native of St.

Antivirus 320

Antivirus Cybercrime Identity Theft Scams 320

Security Affairs

MARCH 14, 2024

“The phishing campaign employed open redirect URLs from Google Ad technologies to distribute fake Microsoft software installers (.MSI) The attack chain analyzed by the ZDI starts with a phishing message using PDF attachment with a specially crafted link. MSI) installers. ” reads the analysis published by Trend Micro.

Phishing 134

Phishing Malware Software Internet 134

SiteLock

AUGUST 27, 2021

This is the reality for many website owners, and now more than ever, they need to be on alert for cyberattacks in 2018. In Q3 2017, SiteLock discovered alarming cybercrime trends that will likely affect websites for months to come. Phishing Kits. How are cybercriminals taking advantage of website visitors? Defacements.

Malware 52

Malware Engineering Phishing Accountability 52

Security Affairs

JULY 14, 2024

DarkGate RAT is written in Borland Delphi and is available in the cybercrime ecosystem as a malware-as-a-service (MaaS) model. DarkGate has been active since at least 2018, it supports various features, including process injection, the download and execution file, information stealing, shell command execution, and keylogging abilities.

Malware 135

Malware Cybercrime Software Phishing 135

Krebs on Security

SEPTEMBER 30, 2024

A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, the government alleges. In December 2018, a then 21-year-0ld Troy Woody Jr.

Cryptocurrency 275

Cryptocurrency Government Internet Internet 275

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). Iarmak was involved in FIN7 criminal activities from approximately November 2016 through November 2018.

Cybercrime 133

Cybercrime Hacking Software Phishing 133

Security Affairs

OCTOBER 23, 2018

The latest version of the Azorult was delivered through the RIG exploit kit as well as other sources, previous variants were mainly distributed via weaponized Office documents as attachment of phishing messages. Later it was involved in many malspam attacks, but only in July 2018, the authors released a substantially updated variant. .

Marketing 105

Marketing Cybercrime Cryptocurrency Advertising 105

Krebs on Security

AUGUST 19, 2020

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. The employee phishing page bofaticket[.]com. Image: urlscan.io.

Phishing 360

Phishing VPN Social Engineering Media 360

Krebs on Security

SEPTEMBER 6, 2021

In May 2015, KrebsOnSecurity briefly profiled “ The Manipulaters ,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. One of several current Fudtools sites run by The Manipulaters.

Software 262

Software Phishing Cybercrime Accountability 262

Security Affairs

SEPTEMBER 4, 2021

FIN7 cybercrime gang used weaponized Windows 11 Alpha-themed Word documents to drop malicious payloads, including a JavaScript backdoor. Anomali Threat Research experts have monitored recent spear-phishing attacks conducted by financially motivated threat actor FIN7. The attack chain began with a Microsoft Word document (.doc)

Cybercrime 144

Cybercrime Retail Phishing Hacking 144

CyberSecurity Insiders

APRIL 5, 2023

North Korea has established a hacking group named APT43 to fund its cybercrime activities, aimed at advancing Pyongyang’s geopolitical interests. Additionally, a new spying team named Archipelago, a subset of APT43, has emerged and is using phishing tactics to tar-get potential victims.

Hacking 105

Hacking Social Engineering Cryptocurrency Manufacturing 105

Security Affairs

FEBRUARY 12, 2020

The FBI’s Internal Crime Complaint Center (IC3) released the FBI 2019 Internet Crime Report , a document that outlines cybercrime trends over the past year. The figure that most of all capture our attention is that victims of cybercrime activities lost $3.5 SecurityAffairs – IC3, cybercrime). Billion in 2019. million. .

Internet 143

Internet Internet Scams Cybercrime 143

The Last Watchdog

JUNE 9, 2022

And, let’s be honest , the deceptive writing phishing assaults and other cyber threats today employ are skilled enough to fool even the most trained, internet-savvy experts. According to the Federal Trade Commission (FTC), seniors lost $500 each on computer tech assistance scams in 2018. Ever present threats. Debt relief scams.

Identity Theft 274

Identity Theft Scams Insurance Internet 274

Security Affairs

JANUARY 2, 2020

” Crooks set up websites that look like related to the official movie, the websites are designed to deliver the malware or for phishing purposes. 2018 2019 Change Attacks detected 257,580 285,103 +10% Number of unique files 16,395 11,499 -30% Users targeted 50,196 37,772 -25%. Pierluigi Paganini.

Phishing 108

Phishing Malware Advertising Media 108

Security Affairs

JUNE 24, 2020

The CryptoCore group, aks Crypto-gang, “Dangerous Password”, and “Leery Turtle” has been active since 2018. “While the group’s key infiltration vector to the exchange is usually through spear-phishing against the corporate network, the executives’ personal email accounts are the first to be targeted.”

Cryptocurrency 116

Cryptocurrency Phishing Accountability Passwords 116

Security Boulevard

JUNE 20, 2024

Financial organizations and their customers and clients feel the fallout of major ransomware and phishing campaigns more than ever, and there’s often more at stake. Finance needs a new approach to deal with the ongoing rise in cybercrime. There’s no shortage of researchable financial cybercrime on the internet.

Cyber Attacks 69

Cyber Attacks DNS Phishing Cyber threats 69

Security Affairs

MAY 3, 2024

The threat actors used the botnet harvest credentials, collect NTLMv2 digests, proxy network traffic, and host spear-phishing landing pages and custom tools. The Moobot botnet has been active since at least 2016, it also includes other routers and virtual private servers (VPS). ” reported Trend Micro. ” concludes the report.

Phishing 127

Phishing Cryptocurrency Internet Internet 127

Krebs on Security

MAY 24, 2019

billion in 2018. According to the FBI, BEC scams are the most costly form of cybercrime today. Armed with a single link to a First American document, BEC scammers would have an endless supply of very convincing phishing templates to use. In August 2018, financial industry giant Fiserv Inc.

Insurance 279

Insurance Banking Identity Theft Scams 279

Adam Levin

JULY 24, 2020

Barely a day goes by without news of an elite hacking team creating a more stealth exploit– malware , elaborate spear-phishing attacks, trojans, and a killer array of ransomware that can take factories and other organizations offline, or even hobble entire cities. Cyberattacks are constantly getting more sophisticated.

Hacking 237

Hacking Phishing Risk Accountability 237

SecureList

FEBRUARY 23, 2022

The research in this report is a continuation of our previous annual financial threat reports ( 2018 , 2019 and 2020 ), providing an overview of the latest trends and key events across the threat landscape. Phishing: In 2021, 8.2% of users were hit by phishing. of all phishing schemes in 2021, compared to the 11.1%

Banking 113

Banking Phishing Cryptocurrency Malware 113

Security Affairs

JANUARY 30, 2023

Sports fashion retail JD Sports discloses a data breach that explosed data of about 10M customers who placed orders between 2018 and 2020. UK sports fashion chain JD Sports disclosed a data breach that exposed customer data from orders placed between November 2018 and October 2020. The affected JD Sports group brands are JD, Size?,

Data breaches 98

Data breaches Retail Passwords Scams 98