Remove 2018 Remove DNS Remove Web Fraud
article thumbnail

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Krebs on Security

In July 2018, email users around the world began complaining of receiving spam which began with a password the recipient used at some point in the past and threatened to release embarrassing videos of the recipient unless a bitcoin ransom was paid. 13, 2018 bomb threat hoax. ” SAY WHAT? domaincontrol.com, and ns18.domaincontrol.com.

DNS 247
article thumbnail

Local Networks Go Global When Domain Names Collide

Krebs on Security

A core part of the way these things find each other involves a Windows feature called “ DNS name devolution ,” a kind of network shorthand that makes it easier to find other computers or servers without having to specify a full, legitimate domain name for those resources. Alas, in 2018, the.llc TLD was born and began selling domains.

DNS 310
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

The hackers were able to change the Domain Name System (DNS) records for the transaction brokering site escrow.com so that it pointed to an address in Malaysia that was host to just a few other domains, including the then brand-new phishing domain servicenow-godaddy[.]com.

Hacking 309
article thumbnail

US Harbors Prolific Malicious Link Shortening Service

Krebs on Security

As far back as 2018, Interisle found.US “We’re always looking at the end malware or phishing page, but what we’re finding here is that there’s this middle layer of DNS threat actors persisting for years without notice.” and illicit or harmful content. US phishing domains. .

Phishing 309
article thumbnail

Phishers are Angling for Your Cloud Providers

Krebs on Security

based United Rentals [ NYSE:URI ] is the world’s largest equipment rental company, with some 18,000 employees and earnings of approximately $4 billion in 2018. While phony invoices are a common malware lure, this particular campaign sent users to a page on United Rentals’ own Web site (unitedrentals.com). . Stamford, Ct.-based

Phishing 219
article thumbnail

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

Passive domain name system (DNS) records show that in its early days BriansClub shared a server in Lithuania along with just a handful of other domains, including secure.pinpays[.]com CRYPTEX In early 2018, Taleon and the proprietors of UAPS launched a cryptocurrency exchange called Cryptex[.]net

article thumbnail

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

guru’s registration records also are hidden, yet passive domain name system (DNS) records for both cryptor[.]biz guru show that in 2018 the domains were forwarding incoming email to the address obelisk57@gmail.com. The registration records for the website Cryptor[.]biz ” Crypt[.]guru’s biz and crypt[.]guru

Malware 251