Krebs on Security

AUGUST 16, 2022

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. ” The administrator of Breached is “ Pompompurin ,” the same individual who alerted this author in November 2021 to a glaring security hole in a U.S. In a post to Breached on Aug.

Data breaches 319

Data breaches Banking Cybercrime Marketing 319

Krebs on Security

SEPTEMBER 13, 2024

The security firm CrowdStrike dubbed the group “ Scattered Spider ,” a recognition that the MGM hackers came from different hacker cliques scattered across an ocean of Telegram and Discord servers dedicated to financially-oriented cybercrime. ” Beige members were implicated in two stories published here in 2020.

Cybercrime 319

Cybercrime Accountability Mobile Hacking 319

Krebs on Security

DECEMBER 5, 2022

In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba , one of the Internet’s largest and oldest botnets. ” A report from the Polish computer emergency response team (CERT Orange Polksa) found Glupteba was the biggest malware threat in 2021.

Cybercrime 293

Cybercrime Malware Internet Internet 293

Krebs on Security

NOVEMBER 6, 2023

Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure.

Passwords 296

Passwords Cybercrime Accountability Hacking 296

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. 2021 piece, when one of Saim Raza’s known email addresses — bluebtcus@gmail.com — pleaded to have the story taken down.

Phishing 278

Phishing Cybercrime Malware Advertising 278

Krebs on Security

AUGUST 2, 2022

The underground cybercrime forums are now awash in pleas from people who are desperately seeking a new supplier of abundant, cheap, and reliably clean proxies to restart their businesses. 1, 2021: 15-Year-Old Malware Proxy Network VIP72 Goes Dark. Last week, a seven-year-old proxy service called 911[.]re The disruption at 911[.]re

Malware 315

Malware Cybercrime Internet Internet 315

Krebs on Security

MARCH 31, 2022

That was in March 2021, but there are similar fake EDR services on offer today. 30, Bug posted a sales thread to the cybercrime forum Breached[.]co In July 2021, Sen. And it tracked the activities of a teenage hacker from the United Kingdom who was reportedly arrested multiple times for sending fake EDRs.

Government 312

Government Accountability Education Media 312

Krebs on Security

SEPTEMBER 26, 2024

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash , a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The answer involved Bitcoin, but also Taleon’s new service.

Cryptocurrency 292

Cryptocurrency Cybercrime Retail Government 292

Krebs on Security

APRIL 18, 2023

” MRMURZA Faceless is a project from MrMurza , a particularly talkative member of more than a dozen Russian-language cybercrime forums over the past decade. MrMurza’s Faceless advertised on the Russian-language cybercrime forum ProCrd. ” Russian corporate records indicate this entity was liquidated in 2021.

Malware 292

Malware Passwords Accountability Advertising 292

Krebs on Security

JUNE 28, 2022

On December 7, 2021, Google announced it was suing two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. But on Dec.

Passwords 302

Passwords Malware Internet Internet 302

Krebs on Security

JULY 18, 2022

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source. FORUM ACTIVITY?

VPN 349

VPN Computers and Electronics Antivirus Software 349

Krebs on Security

FEBRUARY 28, 2023

In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device.

Mobile 340

Mobile Phishing Authentication Advertising 340

Krebs on Security

JULY 25, 2023

In a report released July 12, researchers at Lumen’s Black Lotus Labs called the AVrecon botnet “one of the largest botnets targeting small-office/home-office (SOHO) routers seen in recent history,” and a crime machine that has largely evaded public attention since first being spotted in mid-2021. com, super-socks[.]com,

Malware 236

Malware VPN Internet Internet 236

Krebs on Security

APRIL 27, 2022

Donahue is co-founder of Kodex , a company formed in February 2021 that builds security portals designed to help tech companies “manage information requests from government agencies who contact them, and to securely transfer data & collaborate against abuses on their platform.” A sample Kodex dashboard. Image: Kodex.us.

Mobile 223

Mobile Government Media Technology 223

Krebs on Security

MAY 22, 2023

This email address is also connected to accounts on several Russian cybercrime forums, including “ __edman__ ,” who had a history of selling “logs” — large amounts of data stolen from many bot-infected computers — as well as giving away access to hacked Internet of Things (IoT) devices.

Scams 300

Scams DDOS Cryptocurrency Accountability 300

Krebs on Security

DECEMBER 8, 2022

.” While CLOP as a money making collective is a fairly young organization, security experts say CLOP members hail from a group of Threat Actors (TA) known as “TA505,” which MITRE’s ATT&CK database says is a financially motivated cybercrime group that has been active since at least 2014.

Healthcare 323

Healthcare Backups Ransomware Insurance 323

Krebs on Security

MARCH 29, 2022

” On April 5, 2021, Everlynn posted a new sales thread to the cybercrime forum cracked[.]to But KT said each time Everlynn gets released from police custody, they go right back to committing the same cybercrimes. The phony message sent in November 2021 via the FBI’s email system.

Accountability 292

Accountability Government Hacking Social Engineering 292

Krebs on Security

SEPTEMBER 30, 2024

A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, the government alleges. They’re active-duty.” at Iza’s behest.

Cryptocurrency 310

Cryptocurrency Government Internet Internet 310

Krebs on Security

JUNE 6, 2023

The crypto scam affiliate program “Project Impulse,” advertising in 2021. According to the FBI , financial losses from cryptocurrency investment scams dwarfed losses for all other types of cybercrime in 2022 , rising from $907 million in 2021 to $2.57 Image: Trend Micro. billion last year.

Accountability 253

Accountability Scams Cryptocurrency Advertising 253

Krebs on Security

APRIL 12, 2022

Department of Justice (DOJ) said today it seized the website and user database for RaidForums , an extremely popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the world’s largest data breaches since 2015.

Government 259

Government Identity Theft Mobile Data breaches 259

Krebs on Security

AUGUST 17, 2023

Nevertheless, Cyberthreat reported that Devilscream was arrested by Indonesian police in late 2021 as part of a collaboration between INTERPOL and the U.S. 16Shop documentation instructing operators on how to deploy the kit. Image: ZeroFox. Federal Bureau of Investigation (FBI).

Phishing 229

Phishing Passwords Internet Internet 229

Krebs on Security

SEPTEMBER 2, 2021

Here’s the story of a cybercrime group that compromises up to 100,000 email inboxes per day, and apparently does little else with this access except siphon gift card and customer loyalty program data that can be resold online.

Accountability 343

Accountability Authentication Passwords Hacking 343

Krebs on Security

JULY 21, 2022

Nolan said her nightmare began in late 2021 with a Twitter direct message from someone who was following many of the same cryptocurrency influencers she followed. Nolan’s case may be especially bad because she was already interested in crypto investing when the scammer reached out.

Scams 331

Scams Cryptocurrency Marketing Internet 331

Security Boulevard

DECEMBER 5, 2022

In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba, one of the Internet's largest and oldest botnets.

Cybercrime 52

Cybercrime Internet Internet Web Fraud 52

Krebs on Security

MARCH 22, 2023

In November 2022, researchers at Google’s Project Zero warned about active attacks on Samsung mobile phones which chained together three security vulnerabilities that Samsung patched in March 2021, and which would have allowed an app to add or read any files on the device.

Malware 320

Malware eCommerce Mobile Media 320

Krebs on Security

JANUARY 30, 2025

Edwards said Funnull is a textbook example of an increasing trend Silent Push calls “infrastructure laundering,” wherein crooks selling cybercrime services will relay some or all of their malicious traffic through U.S. cloud providers. ” A Suncity gambling site promoted via Funnull. .”

Accountability 236

Accountability Scams Passwords Retail 236

Krebs on Security

FEBRUARY 9, 2022

The crackdown — the second closure of major card fraud shops by Russian authorities in as many weeks — comes closely behind Russia’s arrest of 14 alleged affiliates of the REvil ransomware gang , and has many in the cybercrime underground asking who might be next. K’s message for Trump’s Dumps users.

Cybercrime 297

Cybercrime Marketing Identity Theft Retail 297