2021, Cybercrime and DDOS - Cyber Security Informer

German Police Raid DDoS-Friendly Host ‘FlyHosting’

Krebs on Security

MARCH 31, 2023

Authorities in Germany this week seized Internet servers that powered FlyHosting , a dark web offering that catered to cybercriminals operating DDoS-for-hire services, KrebsOnSecurity has learned. “Police says: They support ddos attacks, C&C/C2 and stresser a bit too much. .” Image: Ke-la.com.

DDOS

DDOS Internet Internet Cybercrime

Feds Take Down 13 More DDoS-for-Hire Services

Krebs on Security

MAY 9, 2023

Federal Bureau of Investigation (FBI) this week seized 13 domain names connected to “ booter ” services that let paying customers launch crippling distributed denial-of-service (DDoS) attacks. Ten of the domains are reincarnations of DDoS-for-hire services the FBI seized in December 2022, when it charged six U.S.

DDOS

DDOS Cybercrime Internet Internet

Cloudflare mitigated new record-breaking DDoS attack of 3.8 Tbps

Security Affairs

OCTOBER 3, 2024

Cloudflare recently mitigated a new record-breaking DDoS attack, peaking at 3.8 Cloudflare reported that starting from early September, it has mitigated over 100 hyper-volumetric L3/4 DDoS attacks, with many exceeding 2 billion Pps and 3 Tbps. The largest DDoS attack peaked at 3.8 The largest DDoS attack peaked at 3.8

DDOS

DDOS Internet Internet Authentication

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware. The HelloKitty gang has been active since January 2021.

Cybercrime

Cybercrime Ransomware DDOS Encryption

BrandPost: The Cybercrime Crisis: Advanced & Automated DDoS Technology is Essential NOW

CSO Magazine

NOVEMBER 5, 2021

As NETSCOUT’s 1H 2021 Threat Intelligence Report shows, the long tail of cybercrime innovation swept through the lockdown days of the COVID-19 pandemic to infiltrate the bulk of 2021. The vulnerabilities introduced by the global shift to online work and play are admittedly an outlier event.

Cybercrime

Cybercrime Technology DDOS

Three Top Russian Cybercrime Forums Hacked

Krebs on Security

MARCH 4, 2021

According to Intel 471, on March 1, 2021, the administrator of the Exploit cybercrime forum claimed that a proxy server the forum used for protection from distributed denial-of-service (DDoS) attacks might have been compromised by an unknown party. The administrator stated that on Feb.

Cybercrime

Cybercrime Hacking Passwords Accountability

HelloKitty ransomware gang also targets victims with DDoS attacks

Security Affairs

NOVEMBER 1, 2021

According to the alert, the ransomware gang is launching distributed denial-of-service (DDoS) attacks as part of its extortion activities. In some cases, if the victim does not respond quickly or does not pay the ransom, the threat actors will launch a Distributed Denial of Service (DDoS) attack on the victim company’s public facing website.”

DDOS

DDOS Ransomware Cybercrime Encryption

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. Upon installing the threat, the bot drops a file in /tmp/.pwned

DDOS

DDOS Architecture Malware Cybercrime

Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers

Security Affairs

OCTOBER 11, 2023

A Mirai-based DDoS botnet tracked as IZ1H9 has added thirteen new exploits to target routers from different vendors, including D-Link, Zyxel, and TP-Link. Below is the list of exploit payloads added to the bot: D-Link: CVE-2015-1187 , CVE-2016-20017 , CVE-2020-25506 , and CVE-2021-45382. ” concludes the analysis.

DDOS

DDOS Wireless Architecture IoT

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years.

Cybercrime

Cybercrime Banking Malware Ransomware

New evolving Abcbot DDoS botnet targets Linux systems

Security Affairs

NOVEMBER 13, 2021

Qihoo 360’s Netlab detailed a new evolving DDoS botnet called Abcbot with wormable capabilities that targets Linux systems. Researchers from Qihoo 360’s Netlab security team have spotted a new botnet, tracked as Abcbot, that targets Linux systems to launch distributed denial-of-service (DDoS) attacks. Pierluigi Paganini.

DDOS

DDOS Malware Passwords Cryptocurrency

Reading INTERPOL the African Cyberthreat Assessment Report 2021

Security Affairs

OCTOBER 30, 2021

INTERPOL published the African Cyberthreat Assessment Report 2021, a report that analyzes evolution of cybercrime in Africa. A new report published by INTERPOL, titled the African Cyberthreat Assessment Report 2021 , sheds the light on cybercrime in Africa. of the overall number.

Cybercrime

Cybercrime Scams DDOS Banking

Akamai dealt with an 800Gbps ransom DDoS against a gambling company

Security Affairs

APRIL 1, 2021

Akamai has recently involved in the mitigation of two of the largest known ransom DDoS attacks, one of them peaked at 800Gbps. CDN and cybersecurity firm Akamai warns of a worrying escalation in ransom DDoS attacks since the beginning of the year. ” Likely DDoS extortion attacks. reads the analysis published by Akamai.

DDOS

DDOS Security Intelligence Hacking Cybersecurity

Cloudflare mitigated the largest ever volumetric DDoS attack to date

Security Affairs

AUGUST 20, 2021

Web infrastructure and website security company Cloudflare announced to have mitigated the largest ever volumetric DDoS attack to date. Cloudflare, the web infrastructure and website security company, announced that it has mitigated the largest ever volumetric distributed denial of service (DDoS) attack to date. So peaking at 17.2

DDOS

DDOS Telecommunications Internet Internet

Here’s how anyone with $20 can hire an IoT botnet to blast out a week-long DDoS attack

The Last Watchdog

AUGUST 27, 2018

Distributed denial of service (DDoS) attacks continue to erupt all across the Internet showing not the faintest hint of leveling off, much less declining, any time soon. Related video: How DDoS attacks leverage the Internet’s DNA. DDoS attacks are evolving to become more diverse. GitHub’s logo. But that’s not all.

DDOS

DDOS IoT Digital transformation Internet

REvil Ransomware gang uses DDoS attacks and voice calls to make pressure on the victims

Security Affairs

MARCH 7, 2021

The REvil ransomware operators are using DDoS attacks and voice calls to journalists and victim’s business partners to force victims to pay the ransom. Malware #Ransomware #REvil REvil Ransomware launched a service for contact to news media, companies for the best pressure at no cost, and DDoS (L3, L7) as a paid service.

DDOS

DDOS Ransomware Media Malware

Thinking of Hiring or Running a Booter Service? Think Again.

Krebs on Security

JANUARY 17, 2023

Most people who operate DDoS-for-hire businesses attempt to hide their true identities and location. Proprietors of these so-called “booter” or “stresser” services — designed to knock websites and users offline — have long operated in a legally murky area of cybercrime law. Image: archive.org.

DDOS

DDOS Cybercrime Engineering Government

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

Krebs on Security

SEPTEMBER 10, 2021

On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. But on Thursday DDoS protection firm Qrator Labs identified the culprit — “Meris” — a new IoT monster that first emerged at the end of June 2021. In its Aug.

IoT

IoT DDOS Internet Internet

German police seized the darknet marketplace Nemesis Market

Security Affairs

MARCH 23, 2024

An operation conducted by the Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) led to the seizure of the infrastructure of the darknet marketplace Nemesis Market in Germany and Lithuania. Crimemarket was a prominent platform for trading illegal drugs, narcotics, and cybercrime services.

Marketing

Marketing Cybercrime DDOS Internet

Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products

Security Affairs

DECEMBER 8, 2021

The Mirai -based Moobot botnet is rapidly spreading by exploiting a critical command injection flaw, tracked as CVE-2021-36260 , in the webserver of several Hikvision products. The Moobot was first documented by Palo Alto Unit 42 researchers in February 2021, the recent attacks demonstrated that its authors are enhancing their malware.

Firmware

Firmware DDOS Malware IoT

Database, source code allegedly related to bulletproof hosting, once Parler’s service provider, up for sale on hacker forum

Security Affairs

JUNE 2, 2021

Group-IB discovered a database allegedly belonging to a bulletproof hosting provider DDoS-Guard posted for sale on a cybercrime forum. The database supposedly contains information about DDoS-Guard’s customers, including their names, IP-addresses, and payment information. The seller registered this account on exploit[.]in

DDOS

DDOS Cybercrime Authentication Accountability

Crooks target Ukraine’s IT Army with a tainted DDoS tool

Security Affairs

MARCH 10, 2022

Cisco Talos researchers have uncovered a malware campaign targeting Ukraine’s IT Army , threat actors are using infostealer malware mimicking a DDoS tool called the “Liberator.” Liberator is advertised as a DDoS tool to launch attacks against “Russian propaganda websites.” 35) on port 6666. Pierluigi Paganini.

DDOS

DDOS Digital transformation Malware Advertising

After ChatGPT, Anonymous Sudan took down the Cloudflare website

Security Affairs

NOVEMBER 10, 2023

After ChatGPT, Anonymous Sudan took down the Cloudflare website with a distributed denial-of-service (DDoS) attack. The hacktivist group Anonymous Sudan claimed responsibility for the massive distributed denial-of-service (DDoS) attack that took down the website of Cloudflare. “ To be clear, there was no Cloudflare breach.

DDOS

DDOS Cryptocurrency Accountability Media

Trickbot spreads malware through new distribution channels

Security Affairs

OCTOBER 16, 2021

TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The gang support other cybercrime groups such as known Hive0105, Hive0106 (aka TA551 or Shathak), and Hive0107, supporting them in expanding their malware campaigns. ” reads the post published by IBM X-Force.

Malware

Malware Cybercrime DDOS Social Engineering

Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition

Security Affairs

JUNE 25, 2023

Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix recently disclosed flaws in Apple devices VMware fixed five memory corruption issues in vCenter Server Fortinet fixes critical FortiNAC RCE, install updates asap More than a million GitHub repositories potentially vulnerable to RepoJacking New Mirai (..)

DDOS

DDOS Cybercrime Spyware Malware

Conti Ransomware Group Diaries, Part IV: Cryptocrime

Krebs on Security

MARCH 7, 2022

” Stern apparently believed in his crypto dreams so much that he sponsored a $100,000 article writing contest on the Russian language cybercrime forum Exploit, asking interested applicants to put forth various ideas for crypto platforms. We release ddos. From the main problem points, this is the implementation of Ipv6 DDoS.”

Ransomware

Ransomware Cryptocurrency DDOS Scams

Europol IOCTA 2021 Report: The Key Takeaways

Security Boulevard

DECEMBER 23, 2021

Europol, the European Union’s law enforcement agency, recently published the 2021 Internet Organized Crime Threat Assessment (IOCTA) report. The post Europol IOCTA 2021 Report: The Key Takeaways appeared first on The State of Security. The post Europol IOCTA 2021 Report: The Key Takeaways appeared first on Security Boulevard.

Cyber threats

Cyber threats Cybercrime Internet Internet

Ransomware world in 2021: who, how and why

SecureList

MAY 12, 2021

Botnet owners (botmasters) sell access to the victim machines in bulk as a resource that can be monetized in many ways, such as organizing DDoS attacks, distributing spam or, in the case of ransomware, by piggybacking on this initial infection to get a foothold in a potential target. REvil operators have demanded the highest ransoms in 2021.

Ransomware

Ransomware Encryption Malware Cybercrime

Security Roundup December 2021

BH Consulting

DECEMBER 14, 2021

Digital takeup drives accelerated cybercrime activity: IOCTA. Growing use of digital technologies, accelerated by the Covid-19 pandemic, has led to a sharp increase in cybercrime. The post Security Roundup December 2021 appeared first on BH Consulting. The report listed ransomware affiliate programmes as a major risk.

Cybercrime

Cybercrime Mobile DDOS CISO

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack. Chaput said whoever was behind the DDoS was definitely not using point-and-click DDoS tools, like a booter or stresser service. A DIRECT QUOT The domain quot[.]pw billion last year.

Scams

Scams DDOS Cryptocurrency Accountability

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Upon installing the threat, the bot drops a file in /tmp/.pwned

Malware

Malware DDOS IoT Cybercrime

Let’s give a look at the Dark Web Price Index 2022

Security Affairs

JUNE 15, 2022

Privacy Affairs published the Dark Web Index, an analysis of prices for illegal services/products available in the black marketplaces and related to the period between February 2021 and June 2022. The information for a cloned Mastercard (pin included) is passed from $25 (2021) to $20. verified account goes for $170 ($710 in 2021).

Identity Theft

Identity Theft Accountability DDOS Cybercrime

Ukrainian police arrested Ransomware gang behind attacks on 50 companies

Security Affairs

JANUARY 14, 2022

The group was also carrying out DDoS attacks to paralyze the networks of the victims and force them to pay the ransom. The gang was targeting organizations via spam campaigns to spread ransomware, however, the police did not disclose the malware family used by the group in its attacks.

Ransomware

Ransomware DDOS Telecommunications Malware

Cyberthreats to financial organizations in 2022

SecureList

NOVEMBER 23, 2021

Then we will go through the key events of 2021 relating to attacks on financial organizations. Analysis of forecasts for 2021. The COVID-19 pandemic is likely to cause a massive wave of poverty, and that invariably translates into more people resorting to crime, including cybercrime. Cracking down hard on the cybercrime world.

Cryptocurrency

Cryptocurrency Banking Cybercrime Ransomware

Moobot botnet spreads by targeting Cacti and RealTek flaws

Security Affairs

APRIL 3, 2023

FortiGuard Labs researchers observed an ongoing hacking campaign targeting Cacti ( CVE-2022-46169 ) and Realtek ( CVE-2021-35394 ) vulnerabilities to spread ShellBot and Moobot malware. The ShellBot , also known as PerlBot, is a Perl-based DDoS bot that uses IRC protocol for C2 communications. also support backdoor capabilities.

DDOS

DDOS Malware Hacking Education

Telegram is becoming the paradise of cyber criminals

Security Affairs

SEPTEMBER 27, 2021

Researchers from vpnMentor recently published a report that sheds the light on the use of Telegram in the cybercrime ecosystem. vpnMentor researchers joined several cybercrime-focused Telegram groups and discovered a vast network of more 1,000s individuals sharing data leaks and dumps and discussing how to exploit them in illegal activities.

Cybercrime

Cybercrime Hacking Mobile DDOS

The 10th edition of the ENISA Threat Landscape (ETL) report is out!

Security Affairs

NOVEMBER 4, 2022

This is the 10 th edition of the annual report and analyzes events that took place between July 2021 and July 2022. Malware: 66 disclosures of zero-day vulnerabilities observed in 2021. Supply chain targeting : Third-party incidents account for 17% of the intrusions in 2021 compared to less than 1% in 2020. Cybercrime actors.

Cyber threats

Cyber threats Phishing Social Engineering Ransomware

Necro botnet now targets Visual Tools DVRs

Security Affairs

OCTOBER 12, 2021

The POC exploit code for this vulnerability is publicly available since July 2021. The botnet appeared on the threat landscape in November 2020, the attacks aimed at compromising the target systems to create an IRC botnet, which can later be used to conduct several malicious activities, including DDoS attacks and crypto-mining campaigns.

DDOS

DDOS Surveillance Hacking Internet

Beastmode Mirai botnet now includes exploits for Totolink routers

Security Affairs

APRIL 2, 2022

Operators behind the Mirai-based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) added exploits for Totolink routers. The Mirai -based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) now includes exploits for Totolink routers. CVE-2017-17215 targets Huawei HG532 routers.

DDOS

DDOS Firmware Surveillance IoT

FBI’s investigation accidentally revealed the HelloKitty ransomware gang operates out of Ukraine

Security Affairs

DECEMBER 15, 2021

.” The HelloKitty gang has been active since January 2021 and it is still active. According to the alert, the ransomware gang is launching distributed denial-of-service (DDoS) attacks as part of its extortion activities. The ransomware gang targets their victims’ websites with DDoS attacks if they refuse to pay the ransom.

Ransomware

Ransomware Data breaches DDOS Healthcare

Security Affairs newsletter Round 313

Security Affairs

MAY 9, 2021

Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager UNC2529, a new sophisticated cybercrime gang that targets U.S.

Data breaches

Data breaches DDOS VPN Hacking

Moobot botnet is back and targets vulnerable D-Link routers

Security Affairs

SEPTEMBER 7, 2022

The Mirai -based Moobot botnet was first documented by Palo Alto Unit 42 researchers in February 2021, in November 2021, it started exploiting a critical command injection flaw ( CVE-2021-36260 ) in the webserver of several Hikvision products. ” At the time of the analysis, the C2 server was offline. Pierluigi Paganini.

DDOS

DDOS Encryption Passwords Hacking

Security Affairs newsletter Round 479 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JULY 7, 2024

GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io

Data breaches

Data breaches Hacking Banking Spyware

GUEST ESSAY: Here’s what every business should know — and do — about CaaS: crime-as-a-service

The Last Watchdog

NOVEMBER 1, 2021

Related: Enlisting ‘human sensors’ Unfortunately, with crime-as-a-service, the same is true for people interested in trying their hand at cybercrime. What makes CaaS especially problematic is that it brings cybercrime to the masses. Aquilai was acquired by Egress in 2021. Mounting a strong defense.

Phishing

Phishing Cybercrime Technology Hacking

German Police Raid DDoS-Friendly Host ‘FlyHosting’

Feds Take Down 13 More DDoS-for-Hire Services

Trending Sources

Cloudflare mitigated new record-breaking DDoS attack of 3.8 Tbps

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

BrandPost: The Cybercrime Crisis: Advanced & Automated DDoS Technology is Essential NOW

Three Top Russian Cybercrime Forums Hacked

HelloKitty ransomware gang also targets victims with DDoS attacks

Enemybot, a new DDoS botnet appears in the threat landscape

Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

New evolving Abcbot DDoS botnet targets Linux systems

Reading INTERPOL the African Cyberthreat Assessment Report 2021

Akamai dealt with an 800Gbps ransom DDoS against a gambling company

Cloudflare mitigated the largest ever volumetric DDoS attack to date

Here’s how anyone with $20 can hire an IoT botnet to blast out a week-long DDoS attack

REvil Ransomware gang uses DDoS attacks and voice calls to make pressure on the victims

Thinking of Hiring or Running a Booter Service? Think Again.

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

German police seized the darknet marketplace Nemesis Market

Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products

Database, source code allegedly related to bulletproof hosting, once Parler’s service provider, up for sale on hacker forum

Crooks target Ukraine’s IT Army with a tainted DDoS tool

After ChatGPT, Anonymous Sudan took down the Cloudflare website

Trickbot spreads malware through new distribution channels

Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition

Conti Ransomware Group Diaries, Part IV: Cryptocrime

Europol IOCTA 2021 Report: The Key Takeaways

Ransomware world in 2021: who, how and why

Security Roundup December 2021

Interview With a Crypto Scam Investment Spammer

EnemyBot malware adds new exploits to target CMS servers and Android devices

Let’s give a look at the Dark Web Price Index 2022

Ukrainian police arrested Ransomware gang behind attacks on 50 companies

Cyberthreats to financial organizations in 2022

Moobot botnet spreads by targeting Cacti and RealTek flaws

Telegram is becoming the paradise of cyber criminals

The 10th edition of the ENISA Threat Landscape (ETL) report is out!

Necro botnet now targets Visual Tools DVRs

Beastmode Mirai botnet now includes exploits for Totolink routers

FBI’s investigation accidentally revealed the HelloKitty ransomware gang operates out of Ukraine

Security Affairs newsletter Round 313

Moobot botnet is back and targets vulnerable D-Link routers

Security Affairs newsletter Round 479 by Pierluigi Paganini – INTERNATIONAL EDITION

GUEST ESSAY: Here’s what every business should know — and do — about CaaS: crime-as-a-service

Stay Connected