Krebs on Security

FEBRUARY 26, 2023

million customers, including website administrator passwords, sFTP credentials, and private SSL keys; -December 2022: Hackers gained access to and installed malware on GoDaddy’s cPanel hosting servers that “intermittently redirected random customer websites to malicious sites.” A U2F device made by Yubikey.

Hacking 327

Hacking Social Engineering Phishing Scams 327

Krebs on Security

AUGUST 2, 2022

Historical DNS records from Farsight Security show angrycoders.net formerly included the subdomain “smollalex.angrycoders[.]net” Further reading: July 29, 2022: 911 Proxy Service Implodes After Disclosing Breach. July 28, 2022: Breach Exposes Users of Microleaves Proxy Service. Who is the “ Alexander S.”

Malware 318

Malware Cybercrime Internet Internet 318

Krebs on Security

OCTOBER 31, 2023

Interisle’s newest study examined six million phishing reports between May 1, 2022 and April 30, 2023, and identified approximately 30,000.US “We’re always looking at the end malware or phishing page, but what we’re finding here is that there’s this middle layer of DNS threat actors persisting for years without notice.”

Phishing 329

Phishing Telecommunications Malware Scams 329

Krebs on Security

FEBRUARY 24, 2023

BHProxies has authored 129 posts on Black Hat World since 2012, and their last post on the forum was in December 2022. Abdalla Khafagy’s LinkedIn profile says he was “global director of community” at Crypto.com for about a year ending in January 2022. 5, 2014 , but historic DNS records show BHproxies[.]com

Accountability 292

Accountability Advertising Marketing Malware 292

Krebs on Security

SEPTEMBER 1, 2023

Interisle’s newest study examined six million phishing reports between May 1, 2022 and April 30, 2023, and found 30,000.US ” “We stand against DNS abuse in any form and maintain multiple systems and protocols to protect all the TLDs we operate,” the statement continued. US phishing domains.US

Phishing 294

Phishing Telecommunications Government DNS 294

Krebs on Security

APRIL 4, 2024

A review of the passive DNS records tied to this address shows that apart from subdomains dedicated to tornote[.]io, info , a website erected after Russia invaded Ukraine in early 2022 that doxed Russians perceived to have helped the Ukrainian cause. io, the main other domain at this address was hkleaks[.]ml.

Phishing 275

Phishing Cryptocurrency DDOS Internet 275

Krebs on Security

SEPTEMBER 26, 2024

Passive domain name system (DNS) records show that in its early days BriansClub shared a server in Lithuania along with just a handful of other domains, including secure.pinpays[.]com Taleon set up his service to facilitate transfers between Moscow, St. Petersburg and financial institutions in the West.

Cryptocurrency 295

Cryptocurrency Cybercrime Retail Government 295