Krebs on Security

MARCH 14, 2023

men have been charged with hacking into a U.S. The complaint doesn’t specify which agency portal was hacked, but it does state that the portal included access to law enforcement databases that track narcotics seizures in the United States. federal government portal without authorization. ” Image: USDOJ.

Hacking 289

Hacking Government Media Accountability 289

Security Affairs

NOVEMBER 19, 2024

Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges.

Cybercrime 123

Cybercrime Ransomware Healthcare Education 123

Krebs on Security

MAY 18, 2020

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems.

Malware 322

Malware Cybercrime Ransomware Marketing 322

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. in 2019 , according to data from S&P Global Market Intelligence.

Hacking 279

Hacking Identity Theft Government Phishing 279

Krebs on Security

NOVEMBER 26, 2019

23, one of the cybercrime underground’s largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards. The other three restaurants are all part of the same parent company and disclosed breaches in August 2019.

Marketing 347

Marketing Cybercrime Retail Advertising 347

Krebs on Security

APRIL 29, 2022

KrebsOnSecurity decided to test this expanded policy with what would appear to be a no-brainer request: I asked Google to remove search result for BriansClub , one of the largest (if not THE largest) cybercrime stores for selling stolen payment card data. BriansClub has long abused my name and likeness to pimp its wares on the hacking forums.

Identity Theft 363

Identity Theft Cybercrime Retail Hacking 363

Security Affairs

JUNE 24, 2024

The cybercrime group ExCobalt targeted Russian organizations in multiple sectors with a previously unknown backdoor known as GoRed. Positive Technologies researchers reported that a cybercrime gang called ExCobalt targeted Russian organizations in multiple sectors with a previously unknown Golang-based backdoor known as GoRed.

Cybercrime 127

Cybercrime Telecommunications DNS Technology 127

Krebs on Security

MAY 4, 2021

Which means when a cybercrime forum gets hacked and its user databases posted online, it is often possible to work backwards from some of the more unique passwords for each account and see where else that password was used. As I described in a 2019 story about an interview Fly gave to a Russian publication upon his release from a U.S.

Passwords 347

Passwords Cybercrime Accountability Password Management 347

Krebs on Security

MARCH 10, 2020

District Court for the Southern District of California allege Firsov was the administrator of deer.io, an online platform that hosted more than 24,000 shops for selling stolen and/or hacked usernames and passwords for a variety of top online destinations. ru , a cybercrime forum in its own right that called itself “ The Antichat Mafia.”

Accountability 310

Accountability Advertising Hacking Cybercrime 310

Krebs on Security

OCTOBER 15, 2020

Q6Cyber CEO Eli Dominitz said the breach appears to extend from May 2019 through September 2020. Gemini puts the exposure window between July 2019 and August 2020. the vast majority of the payment card data for sale in the cybercrime underground is stolen from merchants who are still swiping chip-based cards.

Data breaches 362

Data breaches Cybercrime Retail Banking 362

Krebs on Security

JANUARY 19, 2021

In the years leading up to his arrest, Ferizi was the administrator of a cybercrime forum called Pentagon Crew. He admitted to hacking a U.S.-based based e-commerce company, stealing personal and financial data on 1,300 government employees, and providing the data to an Islamic State hacking group.

Identity Theft 343

Identity Theft Government Social Engineering Accountability 343

Security Affairs

JANUARY 8, 2024

19 individuals worldwide were charged in a transnational cybercrime investigation of the now defunct xDedic marketplace. In 2016 the service was offering up to 70,000 hacked servers for as little as $6, and with 416 registered sellers in 173 countries, the platform was operating a highly successful global business model.

Cybercrime 139

Cybercrime Identity Theft Government Hacking 139

Krebs on Security

APRIL 30, 2024

A 26-year-old Finnish man was sentenced to more than six years in prison today after being convicted of hacking into an online psychotherapy clinic, leaking tens of thousands of patient therapy records, and attempting to extort the clinic and patients. After being charged with the attack in October 2022, Kivimäki fled the country.

DDOS 279

DDOS Cybercrime Hacking Passwords 279

Krebs on Security

DECEMBER 8, 2021

According to cyber intelligence firm Intel 471 , that dark_cl0ud6@hotmail.com address has been used in conjunction with the handle “ DCReavers2 ” to register user accounts on a half-dozen English-language cybercrime forums since 2008, including Hackforums , Blackhatworld, and Ghostmarket.

Cybercrime 314

Cybercrime Ransomware Accountability Advertising 314

Krebs on Security

JUNE 16, 2021

First debuting in early 2019, CLOP is one of several ransomware groups that hack into organizations, launch ransomware that encrypts files and servers, and then demand an extortion payment in return for a digital key needed to unlock access. ?

Ransomware 338

Ransomware Cybercrime Malware Encryption 338

Krebs on Security

JUNE 30, 2020

The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. The economic laws of supply and demand hold just as true in the business world as they do in the cybercrime space.

Retail 344

Retail Banking Hacking Cybercrime 344

Krebs on Security

JANUARY 24, 2023

Denis Kloster, as posted to his Vkontakte page in 2019. First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device.

Cybercrime 259

Cybercrime Advertising IoT Malware 259

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. A copy of the passport for Denis Kloster, as posted to his Vkontakte page in 2019.

Advertising 308

Advertising Cybercrime System Administration Hacking 308

Schneier on Security

OCTOBER 1, 2021

The Wall Street Journal is reporting on a baby’s death at an Alabama hospital in 2019, which they argue was a direct result of the ransomware attack the hospital was undergoing. Attending obstetrician Katelyn Parnell texted the nurse manager that she would have delivered the baby by caesarean section had she seen the monitor readout.

Ransomware 297

Ransomware Hacking Accountability Healthcare 297

Krebs on Security

MARCH 29, 2019

21, 2019, KrebsOnSecurity contacted Italian restaurant chain Buca di Beppo after discovering strong evidence that two million credit and debit card numbers belonging to the company’s customers were being sold in the cybercrime underground. In a statement posted to its Web site today, Orlando, Fla. Levonia, Mich.,

Data breaches 271

Data breaches Banking Retail Accountability 271

Krebs on Security

SEPTEMBER 26, 2024

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash , a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The answer involved Bitcoin, but also Taleon’s new service.

Cryptocurrency 260

Cryptocurrency Cybercrime Retail Government 260

Security Affairs

SEPTEMBER 30, 2024

The Department of Justice charged a British national for hacking into the systems of five U.S. The Department of Justice charged the British national Robert Westbrook (39) for hacking into the systems of five U.S. From January 2019 to May 2020, the man carried out a hack-to-trade scheme, earning over $3 million in profits.

Hacking 141

Hacking Accountability Passwords Cybercrime 141

The Last Watchdog

JUNE 21, 2020

In many cases, the crooks hack managed service providers (MSPs) first and then use this access to compromise the partnering organizations. In November 2019, the criminals behind a ransomware species called Maze started a new trend that is currently gaining momentum on the dark web. pharma giant ExecuPharm.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

FEBRUARY 9, 2024

Black Basta ransomware gang claims the hack of the car maker Hyundai Motor Europe and the theft of three terabytes of their data. In December 2019, German media reported that hackers suspected to be members of the Vietnam-linked APT Ocean Lotus ( APT32 ) group breached the networks of the car manufacturers BMW and Hyundai.

Hacking 144

Hacking Ransomware Data breaches Manufacturing 144

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. The year 2016 saw banks in Russia hacked one after another.

Cybercrime 145

Cybercrime Banking Malware Ransomware 145

Security Affairs

OCTOBER 27, 2024

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. Vasinskyi is a REvil ransomware affiliate since at least March 1st, 2019. Vasinskyi was extradited to the U.S. in March 2022.

Ransomware 144

Ransomware Hacking Malware Cybercrime 144

Krebs on Security

JULY 8, 2019

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. in , where the group recruited many of its distributors.

Ransomware 264

Ransomware Accountability Cybercrime Passwords 264

Security Affairs

OCTOBER 27, 2021

Grief ransomware operators announced to have hacked US National Rifle Association (NRA) and threaten to leak the stolen data. The NRA was added to the list of compromised organizations on the leak site of the group, that gang also published a set of documents as proof of the hack. In 2019, the U.S. Pierluigi Paganini.

Ransomware 143

Ransomware Banking Cybercrime Hacking 143

Krebs on Security

JUNE 1, 2023

One of Megatraffer’s ads on an English-language cybercrime forum. Megatraffer has continued to offer their code-signing services across more than a half-dozen other Russian-language cybercrime forums, mostly in the form of sporadically available EV and non-EV code-signing certificates from major vendors like Thawte and Comodo.

Malware 283

Malware Cybercrime Software Accountability 283

Security Affairs

DECEMBER 15, 2023

The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. The Snatch ransomware group claims to have hacked Kraft Heinz in August and on December 14, it added the company to the list of victims on its leak site.

Hacking 140

Hacking Ransomware Computers and Electronics Marketing 140

Security Affairs

OCTOBER 21, 2021

Evil Corp cybercrime gang is using a new ransomware called Macaw Locker to evade US sanctions that prevent victims from paying the ransom. The Evil Corp cybercrime group (aka the Dridex gang Indrik Spider , the Dridex gang, and TA505 ) has been active in cybercrime activities since 2007. In 2019, the U.S.

Ransomware 144

Ransomware Cybercrime Banking Encryption 144

Krebs on Security

OCTOBER 1, 2019

A Slovenian man convicted of authoring the destructive and once-prolific Mariposa botnet and running the infamous Darkode cybercrime forum has been arrested in Germany on request from prosecutors in the United States, who’ve recently re-indicted him on related charges. issued international arrest warrant for his extradition.

Cybercrime 42

Cybercrime Malware Antivirus Banking 42

Security Affairs

NOVEMBER 1, 2020

The Maze ransomware operators are shutting down their operations for more than one year the appeared on the threat landscape in May 2019. The Maze cybercrime gang is shutting down its operations, it was considered one of the most prominent and active ransomware crew since it began operating in May 2019. Pierluigi Paganini.

Ransomware 145

Ransomware Cybercrime Advertising Software 145

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). The man was arrested in Bangkok, Thailand in November 2019 at the request of U.S. in May 2020.

Cybercrime 138

Cybercrime Hacking Software Phishing 138

Krebs on Security

SEPTEMBER 24, 2022

.” A copy of the passport for Denis Kloster, as posted to his Vkontakte page in 2019. Denis Emelyantsev , as the apparent owner of RSOCKS, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer.

Cybercrime 228

Cybercrime Data breaches Malware Ransomware 228

Security Affairs

AUGUST 11, 2020

Avaddon ransomware operators, like other cybercrime groups, decided to launch a data leak site where publish data of victims who refuse to pay a ransom demand. The first group to adopt this strategy was the Maze ransomware gang in December 2019, since then other crews adopted the same stratefy, including REvil , Nefilim , and Netwalker.

Ransomware 144

Ransomware Advertising Cybercrime Hacking 144

Security Affairs

JULY 14, 2020

The MGM Resorts 2019 data breach is much larger than initially thought, a hacker is offering for sale details of 142 million MGM hotel guests on the dark web. Bad news for the guests of the MGM Resorts, the 2019 data breach suffered by the company is much larger than initially reported. SecurityAffairs – hacking, data breach).

Data breaches 145

Data breaches Advertising Hacking Cybercrime 145