Krebs on Security

DECEMBER 11, 2024

A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. wtf, and PQHosting ; -sites selling aged email, financial, or social media accounts, such as verif[.]work com and rdp[.]monster;

Cryptocurrency 280

Cryptocurrency Banking Cybercrime Advertising 280

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 331

Hacking Cybercrime Phishing Passwords 331

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. released in October 2022. “The build date coded in the last number block also points to the same date range: None of the firewall firmwares examined had been compiled after September 14, 2022.”

VPN 131

VPN Passwords Firewall Firmware 131

The Last Watchdog

DECEMBER 16, 2021

And there will be loosely affiliated networks of solo operators that pick and choose who they work with through a robust cybercrime underground, just like rotating new drummers through a band. In 2022 we expect to see more aggressive and complex ransomware efforts. Central importance of identity.

CISO 262

CISO Ransomware Risk Authentication 262

Security Affairs

OCTOBER 14, 2024

Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. These are two of the largest and longest-running dark web platforms for the trade of illegal goods, drugs, and cybercrime services.

Marketing 127

Marketing Cybercrime DDOS Cryptocurrency 127

Krebs on Security

MAY 29, 2024

.” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. The prices page for 911 S5, circa July 2022. $28

VPN 344

VPN Government Cybercrime Internet 344

Krebs on Security

MARCH 17, 2023

Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of running BreachForums , a popular English-language cybercrime forum where some of the world biggest hacked databases routinely show up for sale. In April 2022, U.S. FBI agents carting items out of Fitzpatrick’s home on March 15.

Data breaches 351

Data breaches Cybercrime Insurance Internet 351

Krebs on Security

NOVEMBER 21, 2024

In August 2022, multiple security firms gained access to the server that was receiving data from that Telegram bot, which on several occasions leaked the Telegram ID and handle of its developer, who used the nickname “ Joeleoli.” Click to enlarge.

Identity Theft 250

Identity Theft Phishing Cryptocurrency Accountability 250

Security Affairs

MARCH 7, 2024

The FBI Internet Crime Complaint Center (IC3) 2023 report states that reported cybercrime losses reached $12.5 The 2023 Internet Crime Report published the FBI’s Internet Crime Complaint Center (IC3) reveals that reported cybercrime losses reached $12.5 The figure marks a 22% surge in reported losses compared to 2022.

Cybercrime 140

Cybercrime Internet Internet Scams 140

Krebs on Security

MAY 16, 2023

A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and vocal member of several top ransomware groups was the subject of two indictments unsealed by the Justice Department today. prosecutors say Mikhail Pavolovich Matveev , a.k.a. “Mother Russia will help you,” Wazawaka concluded. 17, 1992). .

Ransomware 309

Ransomware Cybercrime VPN Healthcare 309

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Social Engineering 355

Social Engineering Mobile Passwords Cybercrime 355

Security Affairs

JULY 18, 2024

The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. On May 19th, 2022, a user named “goodsoft” advertised an AV killer tool for $4,000 on the exploit[.]in Later, on June 14th, 2022, a user named “lefroggy” posted a similar ad on the xss[.]is

Advertising 141

Advertising Cybercrime Hacking Ransomware 141

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. According to those sources, U.S.

Malware 336

Malware Identity Theft Cybercrime Accountability 336

Security Affairs

JUNE 24, 2024

The cybercrime group ExCobalt targeted Russian organizations in multiple sectors with a previously unknown backdoor known as GoRed. Positive Technologies researchers reported that a cybercrime gang called ExCobalt targeted Russian organizations in multiple sectors with a previously unknown Golang-based backdoor known as GoRed.

Cybercrime 119

Cybercrime Telecommunications DNS Technology 119

Security Affairs

DECEMBER 28, 2024

The Italian Cnaipic (National Cybercrime Center for the Protection of Critical Infrastructure) of the Postal Police is investigating the cyberattacks and is helping victims into mitigating the offensive. The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide.

DDOS 126

DDOS Artificial Intelligence Government Cybercrime 126

Krebs on Security

SEPTEMBER 13, 2023

In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle “ USDoD ” had infiltrated the FBI ‘s vetted information sharing network InfraGard , and was selling the contact information for all 80,000 members. But on Sept. defense contractors. USDoD’s avatar used to be the seal of the U.S.

Cybercrime 336

Cybercrime Passwords Authentication Malware 336

Security Affairs

OCTOBER 16, 2024

The same admin later launched a chat-based drug sales platform, Tsätti, in 2022, which was taken offline along with Sipulitie. These are two of the largest and longest-running dark web platforms for the trade of illegal goods, drugs, and cybercrime services.

Marketing 122

Marketing Cybercrime Scams Hacking 122

Krebs on Security

JANUARY 7, 2025

” Perm is the current administrator of Star Fraud , one of the more consequential cybercrime communities on Telegram and one that has emerged as a foundry of innovation in voice phishing attacks. As we’ll see in a moment, that phishing kit is operated and rented out by a cybercriminal known as “ Perm ” a.k.a.

Phishing 334

Phishing Cryptocurrency Accountability Social Engineering 334

Security Affairs

JANUARY 11, 2025

The indictment and arrests announced today, which follow the earlier takedown of the defendants criminal infrastructure, yet again demonstrate the value of our international partnerships in countering the global threat from cybercrime. were allegedly used for laundering funds from ransomware and cybercrimes. Blender.io and Sinbad.io

Cybercrime 74

Cybercrime Cryptocurrency Hacking Ransomware 74

Krebs on Security

MAY 28, 2024

KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later. The 911 S5 botnet-powered proxy service, circa July 2022. 911 built its proxy network mainly by offering “free” virtual private networking (VPN) services.

VPN 274

VPN Banking Cybercrime Internet 274

Security Affairs

FEBRUARY 17, 2025

“During a 2022 search of a known LockBit affiliate, Canadian law enforcement uncovered a laptop operating a virtual machine that was connected to a Zservers subleased IP address and running a programming interface used to operate LockBit malware. .” reads the announcement published by the US Treasury.

Cybercrime 72

Cybercrime Ransomware Hacking Advertising 72

Security Affairs

APRIL 3, 2025

The investigation was led by the State Criminal Police of Bavaria (Bayerisches Landeskriminalamt) and the Bavarian Central Office for the Prosecution of Cybercrime (ZCB) with the support of Europol. The operation, which has been ongoing since 2022, identified 1,393 suspects, arrested 79, and seized over 3,000 devices. Kidflix had 1.8M

Cryptocurrency 100

Cryptocurrency Cybercrime Hacking Information Security 100

Krebs on Security

MARCH 31, 2023

FlyHosting first advertised on cybercrime forums in November 2022, saying it was a Germany-based hosting firm that was open for business to anyone looking for a reliable place to host malware, botnet controllers, or DDoS-for-hire infrastructure. In mid-December 2022, the U.S. Image: Ke-la.com.

DDOS 303

DDOS Internet Internet Cybercrime 303

Krebs on Security

FEBRUARY 5, 2023

A notorious hacker convicted of perpetrating tens of thousands of cybercrimes, Kivimäki had been in hiding since October 2022, when he failed to show up in court and Finland issued an international warrant for his arrest. Kivimäki was ultimately convicted of orchestrating more than 50,000 cybercrimes.

Cybercrime 272

Cybercrime DDOS Hacking Accountability 272

Joseph Steinberg

JUNE 9, 2022

When it comes to cybercrimes, state and local law enforcement officials are rarely a match for cybercriminals; Tenafly’s police chief himself admitted that handling the investigation of the ransomware attack is “way above our capabilities.”

Ransomware 363

Ransomware Artificial Intelligence Education Cybercrime 363

Krebs on Security

JANUARY 25, 2023

23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. 9, 2022 and Dec.

Cybercrime 335

Cybercrime Web Fraud Data breaches 335

Krebs on Security

AUGUST 2, 2022

The underground cybercrime forums are now awash in pleas from people who are desperately seeking a new supplier of abundant, cheap, and reliably clean proxies to restart their businesses. Further reading: July 29, 2022: 911 Proxy Service Implodes After Disclosing Breach. July 28, 2022: Breach Exposes Users of Microleaves Proxy Service.

Malware 312

Malware Cybercrime Internet Internet 312

Security Affairs

DECEMBER 4, 2024

Black Basta ransomware-as-a-service (RaaS) has been active since April 2022, it impacted several businesses and critical infrastructure entities across North America, Europe, and Australia. Black Basta is a ransomware-as-a-service (RaaS) variant, first identified in April 2022. reads the CSA.

Ransomware 126

Ransomware Telecommunications Healthcare Insurance 126

Security Affairs

OCTOBER 16, 2024

However, the Brazilian national turned into more complex cybercriminal activities by 2022. The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec). CrowdStrike’s investigation reveals that USDoD’s leader, Luan BG, has been a hacktivist active since at least 2017.

Data breaches 128

Data breaches Media Cybercrime Accountability 128

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Pompompurin has been a thorn in the side of the FBI for years.

Hacking 363

Hacking Energy and Utilities Cybercrime Accountability 363

Security Affairs

APRIL 7, 2025

Microsoft credited controversial actor EncryptHub, a lone actor with ties to cybercrime, for reporting two Windows flaws. After years of low-profile IT work and self-study, his activity paused in 2022, likely due to jail time. Although involved in cybercrime, EncryptHub also pursued legitimate security research.

Cybercrime 72

Cybercrime Malware Hacking VPN 72

Security Affairs

DECEMBER 1, 2024

In 2022, the Federal Bureau of Investigation (FBI) warned of an uptick in fake profiles designed to exploit victims financially. These services allow attackers with minimal technical expertise to execute advanced attacks, democratizing cybercrime. An example of this misuse is the creation of fraudulent social media profiles using GAI.

Artificial Intelligence 134

Artificial Intelligence Phishing Media Cyber threats 134

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches 119

Data breaches Cybercrime Financial Services Hacking 119

Krebs on Security

MAY 9, 2023

Ten of the domains are reincarnations of DDoS-for-hire services the FBI seized in December 2022, when it charged six U.S. In December 2022, the feds seized four-dozen booter domains and charged six U.S. However, at least one of the defendants from the 2022 booter bust-up — John M. This is the third in a series of U.S.

DDOS 272

DDOS Cybercrime Internet Internet 272

Malwarebytes

OCTOBER 28, 2024

According to Europol’s report titled “ Uncovering the ecosystem of intellectual property crime , ”approximately 86 million fake items were seized in the European Union (EU) in 2022 alone, with an estimated total value exceeding EUR 2 billion (US$ 2.1 Intellectual property is what drives innovation.

Cybercrime 120

Cybercrime Advertising Media Retail 120

Security Boulevard

MARCH 10, 2025

In 2023, victims reported nearly 900,000 cybercrime complaints to the FBI. billion a significant 22% increase from the losses in 2022. Altogether, losses eclipsed $12.5

Cybercrime 69

Cybercrime 69

Krebs on Security

JANUARY 24, 2023

First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device. A copy of the passport for Denis Emelyantsev, a.k.a. Denis Kloster, as posted to his Vkontakte page in 2019.

Cybercrime 274

Cybercrime Advertising IoT Malware 274