2018, Cybercrime and Web Fraud - Cyber Security Informer

This Service Helps Malware Authors Fix Flaws in their Code

Krebs on Security

MAY 18, 2020

is cybercrime forum. “We can examine your (or not exactly your) PHP code for vulnerabilities and backdoors,” reads his offering on several prominent Russian cybercrime forums. The cybercrime actor “upO” on Exploit[.]in RedBear’s profile on the Russian-language xss[.]is

Malware

Malware Cybercrime Ransomware Marketing

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Brad Marden , superintendent of cybercrime operations for the Australian Federal Police (AFP), said their investigation into who was behind U-Admin began in late 2018, after Australian citizens began getting deluged with phishing attacks via mobile text messages that leveraged the software.

Phishing

Phishing Scams Banking Mobile

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash , a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The answer involved Bitcoin, but also Taleon’s new service.

Cryptocurrency

Cryptocurrency Cybercrime Retail Government

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, the government alleges. In December 2018, a then 21-year-0ld Troy Woody Jr.

Cryptocurrency

Cryptocurrency Government Internet Internet

That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards

Krebs on Security

NOVEMBER 13, 2018

Likewise, kavanaghsirishpub-dot-com corresponded to a pub and restaurant in Tennessee until mid-2018; now it’s pretending to sell cheap Nike shoes. “We have observed more than 800 sites hosting these brand impersonation/skimming stores since June 2018,” the report notes. It’s now advertising running shoes.

Accountability

Accountability eCommerce Cybercrime Advertising

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. biz , a long-running crypting service that is trusted by some of the biggest names in cybercrime.

Malware

Malware Antivirus Cybercrime Hacking

Hoax Email Blast Abused Poor Coding in FBI Website

Krebs on Security

NOVEMBER 13, 2021

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. Troia says the individual has been associated in the past with incidents aimed at damaging the security researcher’s reputation.”

Internet

Internet Internet Hacking Accountability

RaidForums Gets Raided, Alleged Admin Arrested

Krebs on Security

APRIL 12, 2022

Department of Justice (DOJ) said today it seized the website and user database for RaidForums , an extremely popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the world’s largest data breaches since 2015. Coelho landed on the radar of U.S.

Government

Government Identity Theft Mobile Data breaches

Local Networks Go Global When Domain Names Collide

Krebs on Security

AUGUST 23, 2024

Alas, in 2018, the.llc TLD was born and began selling domains. But Caturegli said ransomware gangs and other cybercrime groups could siphon huge volumes of Microsoft Windows credentials from quite a few companies with just a small up-front investment.

DNS

DNS Internet Internet Authentication

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

This email address is also connected to accounts on several Russian cybercrime forums, including “ __edman__ ,” who had a history of selling “logs” — large amounts of data stolen from many bot-infected computers — as well as giving away access to hacked Internet of Things (IoT) devices.

Scams

Scams DDOS Cryptocurrency Accountability

US Harbors Prolific Malicious Link Shortening Service

Krebs on Security

OCTOBER 31, 2023

As far back as 2018, Interisle found.US A broad array of industry groups have filed comments opposing the proposed changes , saying they threaten to remove the last vestiges of accountability for a top-level domain that is already overrun with cybercrime activity. and illicit or harmful content. US phishing domains.

Phishing

Phishing Telecommunications Malware Scams

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

In 2018, KrebsOnSecurity detailed how Stevenson earned bug bounty rewards and public recognition from top telecom companies for finding and reporting security holes in their websites, all the while secretly peddling those same vulnerabilities to cybercriminals. A screenshot of the website for the cybercriminal group “ViLE.”

Hacking

Hacking Government Media Accountability

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

NOVEMBER 6, 2018

In late September 2018, the REACT Task Force spearheaded an investigation that led to the arrest of two Missouri men — both in their early 20s — who are accused of conducting SIM swaps to steal $14 million from a cryptocurrency company based in San Jose, Calif. million customers.

Mobile

Mobile Cryptocurrency Accountability Passwords

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Krebs on Security

FEBRUARY 4, 2021

Like most cybercrime forums, OGUsers is overrun with shady characters who are there mainly to rip off other members. THE MIDDLEMEN. Facebook said it targeted a number of accounts tied to key sellers on OGUsers, as well as those who advertise the ability to broker stolen account sales.

Accountability

Accountability Hacking Media Mobile

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Krebs on Security

OCTOBER 25, 2018

According to the most recent statistics from the FBI ‘s Internet Crime Complaint Center , the most costly form of cybercrime stems from a complex type of fraud known as the “ B usiness E mail C ompromise” or BEC scam. The FBI says BEC scams netted thieves more than $12 billion between 2013 and 2018.

Scams

Scams Accountability Media Banking

Phishing Sites Targeting Scammers and Thieves

Krebs on Security

AUGUST 9, 2021

Also, this greenhorn criminal clearly had bought into BriansClub’s advertising, which uses my name and likeness in a series of ads that run on all the top cybercrime forums. com was hosted at a company in Moscow with just a handful of other domains phishing popular cybercrime stores, including Jstashbazar[.]com, com, vclub[.]cards,

Phishing

Phishing Cybercrime Accountability Advertising

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source. FORUM ACTIVITY? su between 2016 and 2019.

VPN

VPN Computers and Electronics Antivirus Software

“BriansClub” Hack Rescues 26M Stolen Cards

Krebs on Security

OCTOBER 15, 2019

All of the card data stolen from BriansClub was shared with multiple sources who work closely with financial institutions to identify and monitor or reissue cards that show up for sale in the cybercrime underground. million cards added; 2018 brought in 9.2 The leaked data shows that in 2015, BriansClub added just 1.7 million more.

Hacking

Hacking Cybercrime Marketing Banking

Russian Govt. Continues Carding Shop Crackdown

Krebs on Security

FEBRUARY 9, 2022

The crackdown — the second closure of major card fraud shops by Russian authorities in as many weeks — comes closely behind Russia’s arrest of 14 alleged affiliates of the REvil ransomware gang , and has many in the cybercrime underground asking who might be next. In 2018, the U.S.

Cybercrime

Cybercrime Marketing Identity Theft Retail

Cyber Security Informer

This Service Helps Malware Authors Fix Flaws in their Code

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Trending Sources

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards

Why Malware Crypting Services Deserve More Scrutiny

Hoax Email Blast Abused Poor Coding in FBI Website

RaidForums Gets Raided, Alleged Admin Arrested

Local Networks Go Global When Domain Names Collide

Interview With a Crypto Scam Investment Spammer

US Harbors Prolific Malicious Link Shortening Service

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Busting SIM Swappers and SIM Swap Myths

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Phishing Sites Targeting Scammers and Thieves

A Deep Dive Into the Residential Proxy Service ‘911’

“BriansClub” Hack Rescues 26M Stolen Cards

Russian Govt. Continues Carding Shop Crackdown

Stay Connected