2020, Cybercrime and Information Security

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The makers of Acunetix, Texas-based application security vendor Invicti Security , confirmed Silent Push’s findings, saying someone had figured out how to crack the free trial version of the software so that it runs without a valid license key. In early 2020, Exorn promoted a website called “ orndorks[.]com

Hacking

Hacking Cybercrime Advertising Data breaches

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges.

Cybercrime

Cybercrime Ransomware Healthcare Education

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs

FEBRUARY 2, 2025

and Dutch authorities seized 39 domains and servers linked to the HeartSender cybercrime group based in Pakistan. A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools.

Cybercrime

Cybercrime Advertising Phishing Hacking

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware. The HelloKitty gang has been active since January 2021.

Cybercrime

Cybercrime Ransomware DDOS Encryption

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

Microsoft has uncovered Zerologon attacks that were allegedly conducted by the infamous TA505 Russia-linked cybercrime group. Microsoft spotted a series of Zerologon attacks allegedly launched by the Russian cybercrime group tracked as TA505 , CHIMBORAZO and Evil Corp. states Microsoft. We strongly recommend patching.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

Threat Report Portugal: Q2 2020

Security Affairs

AUGUST 14, 2020

The Threat Report Portugal: Q2 2020 compiles data collected on the malicious campaigns that occurred from April to Jun, Q2, of 2020. The Threat Report Portugal: Q2 2020 compiles data collected on the malicious campaigns that occurred from April to Jun, Q2, of 2020. Phishing and Malware Q2 2020.

Threat Reports

Threat Reports Phishing Banking Malware

Incident response analyst report 2020

SecureList

SEPTEMBER 13, 2021

The Incident response analyst report provides insights into incident investigation services conducted by Kaspersky in 2020. In 2020, the pandemic forced companies to restructure their information security practices, accommodating a work-from-home (WFH) approach. Geography of incident responses by region, 2020.

Social Engineering

Social Engineering Ransomware Healthcare Government

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. Experts reported that brute-force cracking tools and account checkers are available on cybercrime marketplaces and forums for an average of $4. Pierluigi Paganini.

Cybercrime

Cybercrime Antivirus Marketing Accountability

Pwn2Own 2020 Day1 -researchers earned $180K for hacking Windows, Ubuntu, and macOS

Security Affairs

MARCH 19, 2020

During the first day of the Pwn2Own 2020 hacking competition, participants earned a total of $180,000 for exploits targeting Windows 10, Ubuntu Desktop and macOS. On the second day of Pwn2Own 2020, participants will attempt to hack Oracle VirtualBox, VMware Workstation and Adobe Reader. SecurityAffairs – Pwn2Own, cybercrime).

Hacking

Hacking Advertising Cybercrime Software

DarkIRC botnet is targeting the critical Oracle WebLogic CVE-2020-14882

Security Affairs

DECEMBER 1, 2020

The critical remote code execution (RCE) vulnerability CVE-2020-14882 in Oracle WebLogic is actively exploited by operators behind the DarkIRC botnet. Experts reported that the DarkIRC botnet is actively targeting thousands of exposed Oracle WebLogic servers in the attempt of exploiting the CVE-2020-14882. Pierluigi Paganini.

Malware

Malware DDOS Hacking Cybercrime

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. In late 2020, credentials for US-based universities were found for sale on the dark web. In 2017, crooks launched a phishing campaign against universities to compromise.edu accounts.

Cybercrime

Cybercrime Education Accountability Phishing

Conti Ransomware Group Diaries, Part I: Evasion

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. 22, 2020, the U.S. On Sunday, Feb. 428 hospitals.”

Ransomware

Ransomware Healthcare Cybercrime Government

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime

Cybercrime Malware VPN Ransomware

TeamTNT cybercrime gang expands its arsenal to target thousands of orgs worldwide

Security Affairs

SEPTEMBER 9, 2021

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. In January 2021, the cybercrime gang launched a new campaign targeting Kubernetes environments with the Hildegard malware. . ” Follow me on Twitter: @securityaffairs and Facebook.

Cybercrime

Cybercrime Cryptocurrency Penetration Testing Malware

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs

SEPTEMBER 18, 2020

Singapore, 09/18/2020 — Group-IB , a global threat hunting and intelligence company headquartered in Singapore, evidenced the transformation of the threat portfolio over the first half of 2020. Secure web- phishing. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Phishing

Phishing Ransomware Spyware Banking

Brazil’s Polícia Federal arrested the notorious hacker USDoD

Security Affairs

OCTOBER 16, 2024

The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec). CrowdStrike’s investigation reveals that USDoD’s leader, Luan BG, has been a hacktivist active since at least 2017. However, the Brazilian national turned into more complex cybercriminal activities by 2022.

Data breaches

Data breaches Media Cybercrime Accountability

Since 2020, at least 130 different ransomware families have been active

Security Affairs

OCTOBER 14, 2021

Since 2020, at least 130 different ransomware families have been active. The analysis of the temporal distribution of ransomware-related submissions revealed a sequence of peaks in the first two quarters of 2020. The post Since 2020, at least 130 different ransomware families have been active appeared first on Security Affairs.

Ransomware

Ransomware Malware Accountability Hacking

Alleged Extortioner of Psychotherapy Patients Faces Trial

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime

Cybercrime Hacking Data breaches Banking

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

pw has been registered and abandoned by several parties since 2014, but the most recent registration data available through DomainTools.com shows it was registered in March 2020 to someone in Krasnodar, Russia with the email address edgard011012@gmail.com. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams

Scams DDOS Cryptocurrency Accountability

Crooks stole 800,000€ from ATMs in Italy with Black Box attack

Security Affairs

NOVEMBER 29, 2020

The Carabinieri of Monza dismantled by the gang, the Italian law enforcement agency confirmed that the cybercrime organization stole about 800,000€ in just 7 months using #ATM Black Box attack. Here the list of victim Banks with date and impacted City: [link] pic.twitter.com/NkRr5IfUGn — Bank Security (@Bank_Security) November 27, 2020.

Banking

Banking Cybercrime Mobile Manufacturing

Internationa police operation led to the arrest of the SilverTerrier gang leader

Security Affairs

MAY 25, 2022

The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime group as a result of an international operation. The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime gang (aka TMT ) after a year-long investigation codenamed “Operation Delilah.”

Cybercrime

Cybercrime Healthcare Cybersecurity Phishing

3 hacking forums have been hacked and database have been leaked online

Security Affairs

MAY 25, 2020

All these databases have been indexed at [link] [link] #cyber #cybersecurity #hacked #hackingforums pic.twitter.com/bYqmlERy2y — Cyble (@AuCyble) May 24, 2020. These cybercrime forums are places of aggregations for hackers and cybercriminals, that could use them to participate in general discussion and sharing related resources.

Hacking

Hacking Data breaches Advertising Cybercrime

Dutch police warn customers of a popular DDoS booter service

Security Affairs

OCTOBER 13, 2021

The investigation was launched in 2020 after a gaming provider was hit by a DDoS attack launched via this booter service. On July 30, 2020, the police searched the homes of two suspects and seized computers and telephones. SecurityAffairs – hacking, cybercrime). The investigation is still ongoing. and Overheid.nl

DDOS

DDOS Cybercrime IoT Hacking

Raccoon Infostealer operator sentenced to 60 months in prison

Security Affairs

DECEMBER 20, 2024

In October 2020, the US Justice Department charged Sokolovsky with computer fraud for allegedly infecting millions of computers with the Raccoon Infostealer. The man was held in the Netherlands, and he was charged for his alleged role in the international cybercrime operation known as Raccoon Infostealer.

Cryptocurrency

Cryptocurrency Identity Theft Cybercrime Malware

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

The SEC said that under First American’s remediation policies, if the person responsible for fixing the problem is unable to do so based on the timeframes listed above, that employee must have their management contact the company’s information security department to discuss their remediation plan and proposed time estimate.

Insurance

Insurance Risk Financial Services CISO

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 30, 2020

The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. ” Microsoft strongly encourages administrators of enterprise Windows Servers to install the August 2020 Patch Tuesday as soon as possible to protect their systems from Zerologon attack that exploits the CVE-2020-1472. .”

Authentication

Authentication Advertising Architecture Cybercrime

A ransomware attack disrupted services at Pittsburgh Regional Transit

Security Affairs

DECEMBER 26, 2024

In April 2021, China-linked APT breached New York Citys Metropolitan Transportation Authority (MTA) network exploiting a Pulse Secure zero-day. In December 2020, Egregor ransomware operators hit Metro Vancouvers transportation agency TransLink causing the disruption of its services and payment systems.

Ransomware

Ransomware Cyber Attacks Hacking Cybersecurity

Local Networks Go Global When Domain Names Collide

Krebs on Security

AUGUST 23, 2024

Mike Barlow , information security manager for the City of Memphis, confirmed the Memphis Police’s systems were sharing their Microsoft Windows credentials with the domain, and that the city was working with Caturegli to have the domain transferred to them. .” Caturegli said setting up an email server record for memrtcc.ad

DNS

DNS Internet Internet Authentication

Info stealers and how to protect against them

Security Affairs

DECEMBER 18, 2023

“Cashout bank logs” typically refer to a type of cybercrime where individuals gain unauthorized access to banking information, often through phishing attacks or hacking, and then use that information to withdraw money or make unauthorized transactions. Do you want to know how do we protect against info stealers?

Banking

Banking Cybercrime Malware Accountability

Toymaker giant Mattel disclosed a ransomware attack

Security Affairs

NOVEMBER 4, 2020

Toy industry giant Mattel announced that it has suffered a ransomware attack that took place on July 28th, 2020, and impacted some of its business operations. The good news that the company excluded the theft of internal information. The toymaker is one of the largest toymakers in the world with 24,000 employees and $5.7

Ransomware

Ransomware Advertising Retail Malware

Feds indicted two alleged administrators of WWH Club dark web marketplace

Security Affairs

SEPTEMBER 8, 2024

WWH Club had over 353,000 users by 2023 and offered courses on fraud and cybercrime, generating profits through membership and tuition fees. Khodyrev and Kublitskii were also the administrators of many similar websites, including darkweb marketplaces, forums, and training centers to enable cybercrime.

Cybercrime

Cybercrime Accountability Banking Advertising

Group-IB: ransomware empire prospers in pandemic-hit world. Attacks grow by 150%

Security Affairs

MARCH 4, 2021

Group-IB published a report titled “Ransomware Uncovered 2020-2021 ”. analyzes ransomware landscape in 2020 and TTPs of major threat actors. Group-IB , a global threat hunting and adversary-centric cyber intelligence company, has presented its new report “Ransomware Uncovered 2020-2021 ”. The gold rush of 2020.

Ransomware

Ransomware Cybercrime Malware Marketing

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Security Affairs

NOVEMBER 29, 2024

On or about June 25, 2020, Matveev and his LockBit coconspirators targeted a law enforcement agency in Passaic County, New Jersey. The DoJ unsealed two indictments charging the man with using three different ransomware families in attacks aimed at numerous victims throughout the United States.

Ransomware

Ransomware Healthcare Hacking Malware

A Ukrainian man is the third FIN7 member sentenced in the United States

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). in May 2020. in May 2020. law enforcement, then he was extradited to the U.S.

Cybercrime

Cybercrime Hacking Software Phishing

North Korea-linked threat actors stole $1.7 billion from cryptocurrency exchanges

Security Affairs

JANUARY 2, 2022

In a classified report cited by Chosun, the US National Intelligence Service (DNI) found that North Korea was financing its ‘priority policies’, such as nuclear and missile development, through cybercrime. “Citing the U.S. million in cryptocurrency through this program. 380 billion.

Cryptocurrency

Cryptocurrency Cybercrime Media Government

Telegram is becoming the paradise of cyber criminals

Security Affairs

SEPTEMBER 27, 2021

Researchers from vpnMentor recently published a report that sheds the light on the use of Telegram in the cybercrime ecosystem. vpnMentor researchers joined several cybercrime-focused Telegram groups and discovered a vast network of more 1,000s individuals sharing data leaks and dumps and discussing how to exploit them in illegal activities.

Cybercrime

Cybercrime Hacking Mobile DDOS

Hackers targeted the US Census Bureau network, DHS report warns

Security Affairs

OCTOBER 11, 2020

According to the DHS, threat actors will likely interfere with the upcoming 2020 US Presidential election, as well as to compromise the 2020 US Census. The HTA report warns of an intensification of malicious activities conducted by both nation-states and cybercrime groups. ” reads the DHS HTA. ” reads the DHS HTA.

Government

Government Advertising Hacking Data collection

French police seized dark web marketplace Le Monde Parallèle

Security Affairs

MAY 26, 2021

Last week, French authorities have seized the dark web marketplace Le Monde Parallèle, it is another success of national police in the fight against cybercrime. French authorities seized the dark web marketplace Le Monde Parallèle, the operation is another success of national police in the fight against cybercrime activity in the dark web.

Cybercrime

Cybercrime Cryptocurrency Banking Mobile

Crooks are reviving the Grandoreiro banking trojan

Security Affairs

MARCH 28, 2025

The Trojan has been active since 2016, it initially targeted Brazil but expanded to Mexico, Portugal, and Spain since 2020. Forcepoint X-Labs researchers warn of new phishing campaigns targeting Latin America and Europe in new phishing campaigns.

Banking

Banking Phishing Malware Passwords

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

According to the Alert (AA20-283A), advanced persistent threat (APT) actors are exploiting multiple legacy vulnerabilities in combination with a the recently discovered Zerologon vulnerability (CVE-2020-1472). The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. ” reads the report.

VPN

VPN Government Authentication Advertising

French IT services provider Inetum hit by BlackCat ransomware attack

Security Affairs

DECEMBER 26, 2021

The company operates in more than 26 countries, the Group has nearly 27,000 employees and in 2020 generated revenues of €1.966 billion. ALPHV has been advertising the BlackCat Ransomware-as-a-Service (RaaS) on the cybercrime forums XSS and Exploit since early December. ” reads the press release published by the company.

Ransomware

Ransomware Cybercrime Advertising Information Security

French and Ukrainian police arrested Egregor ransomware affiliates/partners in Ukraine

Security Affairs

FEBRUARY 15, 2021

The Egregor ransomware gang has been active since September 2020, it began operating shortly after the Maze ransomware operators shut down their operations. The Egregor ransomware first appeared on the threat landscape in September 2020, since then the gang claimed to have compromised over 150 organizations.

Ransomware

Ransomware Cybercrime Media Phishing

AbstractEmu, a new Android malware with rooting capabilities

Security Affairs

OCTOBER 28, 2021

“AbstractEmu does not exploit zero-click remote exploits, instead it exploits very contemporary vulnerabilities (CVE-2020-0041, CVE-2020-0069, CVE-2019-2215 and CVE-2020-0041 ) from 2019 and 2020 to target the largest number of devices as possible. . SecurityAffairs – hacking, cybercrime).

Malware

Malware Cybercrime Mobile Banking

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks

Security Affairs

DECEMBER 21, 2024

In August 2020, the FBI has issued a security alert about Netwalker ransomware attacks targeting U.S. million ransom to recover its files. and foreign government organizations.

Ransomware

Ransomware Healthcare Government Cryptocurrency

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Russian Phobos ransomware operator faces cybercrime charges

Trending Sources

Law enforcement seized the domains of HeartSender cybercrime marketplaces

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Threat Report Portugal: Q2 2020

Incident response analyst report 2020

15 billion credentials available in the cybercrime marketplaces

Pwn2Own 2020 Day1 -researchers earned $180K for hacking Windows, Ubuntu, and macOS

DarkIRC botnet is targeting the critical Oracle WebLogic CVE-2020-14882

FBI: Compromised US academic credentials available on various cybercrime forums

Conti Ransomware Group Diaries, Part I: Evasion

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

TeamTNT cybercrime gang expands its arsenal to target thousands of orgs worldwide

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Brazil’s Polícia Federal arrested the notorious hacker USDoD

Since 2020, at least 130 different ransomware families have been active

Alleged Extortioner of Psychotherapy Patients Faces Trial

Interview With a Crypto Scam Investment Spammer

Crooks stole 800,000€ from ATMs in Italy with Black Box attack

Internationa police operation led to the arrest of the SilverTerrier gang leader

3 hacking forums have been hacked and database have been leaked online

Dutch police warn customers of a popular DDoS booter service

Raccoon Infostealer operator sentenced to 60 months in prison

First American Financial Pays Farcical $500K Fine

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

A ransomware attack disrupted services at Pittsburgh Regional Transit

Local Networks Go Global When Domain Names Collide

Info stealers and how to protect against them

Toymaker giant Mattel disclosed a ransomware attack

Feds indicted two alleged administrators of WWH Club dark web marketplace

Group-IB: ransomware empire prospers in pandemic-hit world. Attacks grow by 150%

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

A Ukrainian man is the third FIN7 member sentenced in the United States

North Korea-linked threat actors stole $1.7 billion from cryptocurrency exchanges

Telegram is becoming the paradise of cyber criminals

Hackers targeted the US Census Bureau network, DHS report warns

French police seized dark web marketplace Le Monde Parallèle

Crooks are reviving the Grandoreiro banking trojan

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

French IT services provider Inetum hit by BlackCat ransomware attack

French and Ukrainian police arrested Egregor ransomware affiliates/partners in Ukraine

AbstractEmu, a new Android malware with rooting capabilities

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks

Stay Connected