Remove 2018 Remove Internet Remove Web Fraud
article thumbnail

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Krebs on Security

In July 2018, email users around the world began complaining of receiving spam which began with a password the recipient used at some point in the past and threatened to release embarrassing videos of the recipient unless a bitcoin ransom was paid. 13, 2018 bomb threat hoax.

DNS 247
article thumbnail

Hoax Email Blast Abused Poor Coding in FBI Website

Krebs on Security

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. ” A review of the email’s message headers indicated it had indeed been sent by the FBI, and from the agency’s own Internet address.

Internet 363
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

Brad Marden , superintendent of cybercrime operations for the Australian Federal Police (AFP), said their investigation into who was behind U-Admin began in late 2018, after Australian citizens began getting deluged with phishing attacks via mobile text messages that leveraged the software.

Phishing 307
article thumbnail

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

In December 2018, a then 21-year-0ld Troy Woody Jr. In June 2016, Islam was sentenced to a year in prison for an impressive array of crimes, including stalking people online and posting their personal data on the Internet. Iza’s complaint says he also harassed a man identified only as T.W., and refers to T.W.

article thumbnail

Local Networks Go Global When Domain Names Collide

Krebs on Security

At issue is a well-known security and privacy threat called “ namespace collision ,” a situation where domain names intended to be used exclusively on an internal company network end up overlapping with domains that can resolve normally on the open Internet. Alas, in 2018, the.llc TLD was born and began selling domains. SSL/TLS certs).

DNS 310
article thumbnail

Interview With a Crypto Scam Investment Spammer

Krebs on Security

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. that were created from different Internet addresses in Vienna, Austria.

Scams 284
article thumbnail

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

LastPass says that since 2018 it has required a twelve-character minimum for master passwords, which the company said “greatly minimizes the ability for successful brute force password guessing.” In February 2018, LastPass changed the default to 100,100 iterations. And very recently, it upped that again to 600,000.