2022, Internet and Web Fraud - Cyber Security Informer

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

Image: Shutterstock.com Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. But by the time we got to claims made in the middle of May 2022, completing the rest of the year’s timeline seemed unnecessary.

Mobile

Mobile Phishing Authentication Advertising

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

The government alleges that on May 7, 2022, Singh used stolen credentials to log into a U.S. On May 12, 2022, KrebsOnSecurity broke the news that hackers had gained access to a DEA portal that taps into 16 different federal law enforcement databases. .” federal government portal without authorization. ” Image: USDOJ.

Hacking

Hacking Government Media Accountability

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

The government says that in March 2022, three men showed up at E.Z.’s The FBI later obtained a copy of a search warrant executed by LASD deputies in January 2022 for GPS location information on a phone belonging to E.Z., In December 2022, Troy Woody Jr. cryptocurrency holdings online. We know what E.Z. and refers to T.W.

Cryptocurrency

Cryptocurrency Government Internet Internet

No SOCKS, No Shoes, No Malware Proxy Services!

Krebs on Security

AUGUST 2, 2022

With the recent demise of several popular “proxy” services that let cybercriminals route their malicious traffic through hacked PCs, there is now something of a supply chain crisis gripping the underbelly of the Internet. A review of the Internet addresses historically used by Super-socks[.]biz Image: Spur.us.

Malware

Malware Cybercrime Internet Internet

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

JULY 29, 2022

The 911 service as it existed until July 28, 2022. re is was one of the original “residential proxy” networks, which allow someone to rent a residential IP address to use as a relay for his/her Internet communications, providing anonymity and the advantage of being perceived as a residential user surfing the web.

Cybercrime

Cybercrime Software VPN Backups

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

million customers, including website administrator passwords, sFTP credentials, and private SSL keys; -December 2022: Hackers gained access to and installed malware on GoDaddy’s cPanel hosting servers that “intermittently redirected random customer websites to malicious sites.” A U2F device made by Yubikey.

Hacking

Hacking Social Engineering Phishing Scams

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Krebs on Security

DECEMBER 5, 2022

In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba , one of the Internet’s largest and oldest botnets. 2022 by Google researcher Luca Nagy. Another slide from Google researcher Luca Nagy’s September 2022 talk on Glupteba.

Cybercrime

Cybercrime Malware Internet Internet

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

For the past seven years, an online service known as 911 has sold access to hundreds of thousands of Microsoft Windows computers daily, allowing customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States. THE INTERNET NEVER FORGETS.

VPN

VPN Computers and Electronics Antivirus Software

Using Google Search to Find Software Can Be Risky

Krebs on Security

JANUARY 25, 2024

19, 2024) of more than 200 domains at the Internet address 93.190.143[.]252 Hegel noted that the spike in malicious software-themed ads came not long after Microsoft started blocking by default Office macros in documents downloaded from the Internet. billion ads in 2022, and restricted more than 4.3 How do we know freecad-us[.]org

Software

Software Advertising Malware Accountability

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service.

Malware

Malware VPN Internet Internet

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Krebs on Security

JUNE 22, 2023

.” The written notice goes on to say UPS believes the data exposure “affected packages for a small group of shippers and some of their customers from February 1, 2022 to April 24, 2023.” 166] with nearly two dozen other smishing related domains, including upsdelivery[.]info info , legodelivery[.]info info , adidascanadaltd[.]com

Phishing

Phishing Retail Mobile Scams

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. 15, 2022, LastPass said an investigation into the August breach determined the attacker did not access any customer data or password vaults.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

In mid-June 2022, a flood of SMS phishing messages began targeting employees at commercial staffing firms that provide customer support and outsourcing to thousands of companies. The messages began at 2022-07-20 22:50 UTC.

Mobile

Mobile Phishing Authentication Accountability

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the “patient.” First spotted in mid-August 2022 , Venus is known for hacking into victims’ publicly-exposed Remote Desktop services to encrypt Windows devices.

Healthcare

Healthcare Backups Ransomware Insurance

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. that were created from different Internet addresses in Vienna, Austria. billion last year.

Scams

Scams DDOS Cryptocurrency Accountability

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

Other Privnote phishing domains that also phoned home to the same Internet address as pirwnote[.]com com is currently selling security cameras made by the Chinese manufacturer Hikvision , via an Internet address based in Hong Kong. Searching DomainTools for domains that include both of these terms reveals pirwnote[.]com.

Phishing

Phishing Cryptocurrency DDOS Internet

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. com — which was created to phish U.S.

Malware

Malware Banking Phishing DDOS

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

Throughout 2022, LAPSUS$ would hack and social engineer their way into some of the world’s biggest technology companies , including EA Games, Microsoft , NVIDIA , Okta , Samsung , and T-Mobile. .’s West Midlands Police as part of a joint investigation with the FBI into the MGM hack.

Cybercrime

Cybercrime Accountability Mobile Hacking

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

FEBRUARY 24, 2023

BitSight researchers found significant overlap in the Internet addresses used by those domains and a domain called BHproxies[.]com. BHProxies has authored 129 posts on Black Hat World since 2012, and their last post on the forum was in December 2022. The website BHProxies[.]com million from private investors.

Accountability

Accountability Advertising Marketing Malware

Sued by Meta, Freenom Halts Domain Registrations

Krebs on Security

MARCH 7, 2023

Meta initially filed this lawsuit in December 2022, but it asked the court to seal the case, which would have restricted public access to court documents in the dispute. Although Freenom is based in The Netherlands, some of its other sister companies named as defendants in the lawsuit are incorporated in the United States.

Phishing

Phishing Media Internet Internet

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

10, 2022, the relatively new cybercrime forum Breached featured a bombshell new sales thread: The user database for InfraGard, including names and contact information for tens of thousands of InfraGard members. This is a developing story. Updates will be noted here with timestamps.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire

Krebs on Security

SEPTEMBER 4, 2022

on Jan 2, 2022, McGovern-Allen and an unidentified co-conspirator fired multiple handgun rounds into a residence in West Chester, Pa. Justin Active’s version of events seems to be supported by a reference in the criminal complaint to an April 2, 2022 chat in which Tongue explained the reason for the shooting.

Government

Government Accountability Web Fraud Cryptocurrency

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

In addition, 16Shop employed various tricks to help its users’ phishing pages stay off the radar of security firms, including a local “blacklist” of Internet addresses tied to security companies, and a feature that allowed users to block entire Internet address ranges from accessing phishing pages.

Phishing

Phishing Passwords Hacking Internet

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

Turner said that in early June 2022 he received an email from Experian saying the email address on his account had been changed. The experiment was done from a different computer and Internet address than the one that created the original account years ago.

Accountability

Accountability Passwords Authentication Password Management

Massive Losses Define Epidemic of ‘Pig Butchering’

Krebs on Security

JULY 21, 2022

. “The fraud is named for the way scammers feed their victims with promises of romance and riches before cutting them off and taking all their money,” the Federal Bureau of Investigation (FBI) warned in April 2022.

Scams

Scams Cryptocurrency Marketing Internet

Infrastructure Laundering: Blending in with the Cloud

Krebs on Security

JANUARY 30, 2025

Silent Push’s Zach Edwards said that upon revisiting Funnull’s infrastructure again this month, they found dozens of the same Amazon and Microsoft cloud Internet addresses still forwarding Funnull traffic through a dizzying chain of auto-generated domain names before redirecting malicious or phishous websites. cloud providers.

Accountability

Accountability Scams Passwords Retail

Cyber Security Informer

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Trending Sources

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

No SOCKS, No Shoes, No Malware Proxy Services!

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

911 Proxy Service Implodes After Disclosing Breach

When Low-Tech Hacks Cause High-Impact Breaches

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

A Deep Dive Into the Residential Proxy Service ‘911’

Using Google Search to Find Software Can Be Risky

Who and What is Behind the Malware Proxy Service SocksEscort?

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

How 1-Time Passcodes Became a Corporate Liability

New Ransom Payment Schemes Target Executives, Telemedicine

Interview With a Crypto Scam Investment Spammer

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Disneyland Malware Team: It’s a Puny World After All

The Dark Nexus Between Harm Groups and ‘The Com’

Who’s Behind the Botnet-Based Service BHProxies?

Sued by Meta, Freenom Halts Domain Registrations

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire

Karma Catches Up to Global Phishing Service 16Shop

Experian, You Have Some Explaining to Do

Massive Losses Define Epidemic of ‘Pig Butchering’

Infrastructure Laundering: Blending in with the Cloud

Stay Connected