2022 and Web Fraud - Cyber Security Informer

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

Image: Shutterstock.com Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. But by the time we got to claims made in the middle of May 2022, completing the rest of the year’s timeline seemed unnecessary.

Mobile

Mobile Phishing Authentication Advertising

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

The government alleges that on May 7, 2022, Singh used stolen credentials to log into a U.S. On May 12, 2022, KrebsOnSecurity broke the news that hackers had gained access to a DEA portal that taps into 16 different federal law enforcement databases. .” federal government portal without authorization. ” Image: USDOJ.

Hacking

Hacking Government Media Accountability

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

. — and charged him with stealing at least $800,000 from five victims between August 2022 and March 2023. Urban allegedly went by the nicknames “ Sosa ” and “ King Bob, ” and is believed to be part of the same crew that hacked Twilio and a slew of other companies in 2022.

Hacking

Hacking Cybercrime Phishing Passwords

Experian Glitch Exposing Credit Files Lasted 47 Days

Krebs on Security

JANUARY 25, 2023

23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. 9, 2022 and Dec.

Cybercrime

Cybercrime Web Fraud Data breaches

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

AUTODOXERS According to Stotle, the target lists used by their phishing callers originate mostly from a few crypto-related data breaches, including the 2022 and 2024 breaches involving user account data stolen from cryptocurrency hardware wallet vendor Trezor.

Phishing

Phishing Cryptocurrency Accountability Social Engineering

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

How Cryptocurrency Turns to Cash in Russian Banks

Krebs on Security

DECEMBER 11, 2024

The Russian government’s embrace of cryptocurrency was a remarkable pivot: Bloomberg notes that as recently as January 2022, just weeks before Russia’s full-scale invasion of Ukraine, the central bank proposed a blanket ban on the use and creation of cryptocurrencies.

Cryptocurrency

Cryptocurrency Banking Cybercrime Advertising

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

The government says that in March 2022, three men showed up at E.Z.’s The FBI later obtained a copy of a search warrant executed by LASD deputies in January 2022 for GPS location information on a phone belonging to E.Z., In December 2022, Troy Woody Jr. cryptocurrency holdings online. We know what E.Z. and refers to T.W.

Cryptocurrency

Cryptocurrency Government Internet Internet

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

million customers, including website administrator passwords, sFTP credentials, and private SSL keys; -December 2022: Hackers gained access to and installed malware on GoDaddy’s cPanel hosting servers that “intermittently redirected random customer websites to malicious sites.” A U2F device made by Yubikey.

Hacking

Hacking Social Engineering Phishing Scams

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Krebs on Security

SEPTEMBER 22, 2023

But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass. Still, Palant and others impacted by the 2022 breach at LastPass say their account security settings were never forcibly upgraded. ”

Passwords

Passwords Encryption Password Management Cryptocurrency

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. 15, 2022, LastPass said an investigation into the August breach determined the attacker did not access any customer data or password vaults.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

Identity Thieves Bypassed Experian Security to View Credit Reports

Krebs on Security

JANUARY 9, 2023

But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. 27, 2022, Experian’s PR team acknowledged receipt of my Dec. It’s also worth mentioning that reports of hijacked Experian.com accounts persisted into late 2022. ” Sen.

Identity Theft

Identity Theft Accountability Authentication Web Fraud

No SOCKS, No Shoes, No Malware Proxy Services!

Krebs on Security

AUGUST 2, 2022

Further reading: July 29, 2022: 911 Proxy Service Implodes After Disclosing Breach. July 28, 2022: Breach Exposes Users of Microleaves Proxy Service. July 18, 2022: A Deep Dive Into the Residential Proxy Service ‘911’ June 28, 2022: The Link Between AWM Proxy & the Glupteba Botnet.

Malware

Malware Cybercrime Internet Internet

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Krebs on Security

JUNE 22, 2023

.” The written notice goes on to say UPS believes the data exposure “affected packages for a small group of shippers and some of their customers from February 1, 2022 to April 24, 2023.” A smishing website targeting Canadians who recently purchased from Adidas online. The site would only load in a mobile browser.

Phishing

Phishing Retail Mobile Scams

Lamborghini Carjackers Lured by $243M Cyberheist

Krebs on Security

OCTOBER 9, 2024

” A November 2022 story at patch.com quoted Veer Chetal (class of 2024) crediting the Harvard program with his decision to pursue a career in law. The Corvette that Diaz was sitting in when he was shot in 2022. In 2022, Borrero was arrested in Miami for aggravated assault with a deadly weapon. Image: NBC 6, South Florida.

Cryptocurrency

Cryptocurrency Social Engineering Accountability Mobile

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

AUGUST 30, 2022

In mid-June 2022, a flood of SMS phishing messages began targeting employees at commercial staffing firms that provide customer support and outsourcing to thousands of companies. The messages began at 2022-07-20 22:50 UTC.

Mobile

Mobile Phishing Authentication Accountability

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Krebs on Security

DECEMBER 5, 2022

2022 by Google researcher Luca Nagy. In June 2022, KrebsOnSecurity showed how the malware proxy services RSOCKS and AWMProxy were entirely dependent on the Glupteba botnet for fresh proxies, and that the founder of AWMProxy was Dmitry Starovikov — one of the Russian men named in Google’s lawsuit.

Cybercrime

Cybercrime Malware Internet Internet

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

Krebs on Security

OCTOBER 20, 2022

On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations.

Accountability

Accountability Cryptocurrency Scams CISO

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

JULY 29, 2022

The 911 service as it existed until July 28, 2022. re is was one of the original “residential proxy” networks, which allow someone to rent a residential IP address to use as a relay for his/her Internet communications, providing anonymity and the advantage of being perceived as a residential user surfing the web. .

Cybercrime

Cybercrime Software VPN Backups

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire

Krebs on Security

SEPTEMBER 4, 2022

on Jan 2, 2022, McGovern-Allen and an unidentified co-conspirator fired multiple handgun rounds into a residence in West Chester, Pa. Justin Active’s version of events seems to be supported by a reference in the criminal complaint to an April 2, 2022 chat in which Tongue explained the reason for the shooting.

Government

Government Accountability Web Fraud Cryptocurrency

UK Sets Up Fake Booter Sites To Muddy DDoS Market

Krebs on Security

MARCH 28, 2023

In mid-December 2022, the U.S. The NCA campaign comes closely on the heels of an international law enforcement takedown involving four-dozen websites that made powerful DDoS attacks a point-and-click operation. men with computer crimes related to their alleged ownership of popular DDoS-for-hire services.

DDOS

DDOS Marketing Computers and Electronics Risk

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

The Disneyland Team’s Web interface, which allows them to interact with malware victims in real time to phish their login credentials using phony bank websites. For example, one domain the gang has used since March 2022 is ushank[.]com The Disneyland Team uses common misspellings for top bank brands in its domains.

Malware

Malware Banking Phishing DDOS

Using Google Search to Find Software Can Be Risky

Krebs on Security

JANUARY 25, 2024

billion ads in 2022, and restricted more than 4.3 The company’s latest ad safety report says Google in 2022 blocked or removed 1.36 We’ll continue to monitor and apply our protections.” Google says it removed 5.2 billion ads and suspended over 6.7 million advertiser accounts.

Software

Software Advertising Malware Accountability

The Stark Truth Behind the Resurgence of Russia’s Fin7

Krebs on Security

JULY 10, 2024

A 2022 deep dive on Fin7 from the Swiss threat intelligence firm Prodaft (PDF). ” Further reading: Stark Industries Solutions: An Iron Hammer in the Cloud.

Phishing

Phishing Cybercrime Malware Software

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

10, 2022, the relatively new cybercrime forum Breached featured a bombshell new sales thread: The user database for InfraGard, including names and contact information for tens of thousands of InfraGard members.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

FEBRUARY 24, 2023

BHProxies has authored 129 posts on Black Hat World since 2012, and their last post on the forum was in December 2022. Abdalla Khafagy’s LinkedIn profile says he was “global director of community” at Crypto.com for about a year ending in January 2022. The website BHProxies[.]com million from private investors.

Accountability

Accountability Advertising Marketing Malware

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

Turner said that in early June 2022 he received an email from Experian saying the email address on his account had been changed. Emory Roan , policy counsel for the Privacy Rights Clearinghouse , said Experian not offering multi-factor authentication for consumer accounts is inexcusable in 2022.

Accountability

Accountability Passwords Authentication Password Management

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

Throughout 2022, LAPSUS$ would hack and social engineer their way into some of the world’s biggest technology companies , including EA Games, Microsoft , NVIDIA , Okta , Samsung , and T-Mobile. .’s West Midlands Police as part of a joint investigation with the FBI into the MGM hack.

Cybercrime

Cybercrime Accountability Mobile Hacking

Sued by Meta, Freenom Halts Domain Registrations

Krebs on Security

MARCH 7, 2023

Meta initially filed this lawsuit in December 2022, but it asked the court to seal the case, which would have restricted public access to court documents in the dispute. Although Freenom is based in The Netherlands, some of its other sister companies named as defendants in the lawsuit are incorporated in the United States.

Phishing

Phishing Media Internet Internet

Phishers Spoof USPS, 12 Other Natl’ Postal Services

Krebs on Security

OCTOBER 9, 2023

com was registered in 2022 via Singapore-based Alibaba.com , but the registrant city and state listed for that domain says “Georgia, AL,” which is not a real location. DomainTools.com indicates this website name was registered by phishers based in Indonesia. DomainTools says the above-mentioned USPS phishing domain stamppos[.]com

Phishing

Phishing Scams Passwords Web Fraud

When Efforts to Contain a Data Breach Backfire

Krebs on Security

AUGUST 16, 2022

On August 3, 2022, someone using the alias “ Holistic-K1ller ” posted on Breached a thread selling data allegedly stolen from Grupo Financiero Banorte , Mexico’s second-biggest financial institution by total loans.

Data breaches

Data breaches Banking Cybercrime Marketing

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

First spotted in mid-August 2022 , Venus is known for hacking into victims’ publicly-exposed Remote Desktop services to encrypt Windows devices. Last month, the U.S. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S. healthcare organizations.

Healthcare

Healthcare Backups Ransomware Insurance

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

Treasury’s Financial Crimes Enforcement Network (FinCEN) levied sanctions today against PM2BTC under a powerful new “Section 9714” authority included in the Combating Russian Money Laundering Act , changes enacted in 2022 to make it easier to target financial entities involved in laundering money for Russia.

Cryptocurrency

Cryptocurrency Cybercrime Retail Government

US Harbors Prolific Malicious Link Shortening Service

Krebs on Security

OCTOBER 31, 2023

Interisle’s newest study examined six million phishing reports between May 1, 2022 and April 30, 2023, and identified approximately 30,000.US As far back as 2018, Interisle found.US domains were the worst in the world for spam, botnet (attack infrastructure for DDOS etc.) and illicit or harmful content. US phishing domains.

Phishing

Phishing Telecommunications Malware Scams

Why is.US Being Used to Phish So Many of Us?

Krebs on Security

SEPTEMBER 1, 2023

Interisle’s newest study examined six million phishing reports between May 1, 2022 and April 30, 2023, and found 30,000.US That’s according to The Interisle Consulting Group , which gathers phishing data from multiple industry sources and publishes an annual report on the latest trends. US phishing domains.US

Phishing

Phishing Telecommunications Government DNS

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

info , a website erected after Russia invaded Ukraine in early 2022 that doxed Russians perceived to have helped the Ukrainian cause. Virtually all of those domains were registered through one of two registrars — Hong Kong-based Nicenic and Singapore-based WebCC — and almost all appear to be phishing or pill-spam related.

Phishing

Phishing Cryptocurrency DDOS Internet

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

According to the FBI , financial losses from cryptocurrency investment scams dwarfed losses for all other types of cybercrime in 2022 , rising from $907 million in 2021 to $2.57 billion last year.

Scams

Scams DDOS Cryptocurrency Accountability

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

2022 closure of LuxSocks , another malware-based proxy network. That’s according to Riley Kilmer , co-founder of Spur.us — a security company that monitors anonymity services. Kilmer said 911 also gained an influx of new customers after the Jan. “And it’s not hard to see why.

VPN

VPN Computers and Electronics Antivirus Software

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Preserving bandwidth for both customers and victims was a primary concern for SocksEscort in July 2022, when 911S5 — at the time the world’s largest known malware proxy network — got hacked and imploded just days after being exposed in a story here. “Probably, they wanted to keep that revenue stream going.”

Malware

Malware VPN Internet Internet

Service Rents Email Addresses for Account Signups

Krebs on Security

JUNE 6, 2023

According to the FBI , financial losses from cryptocurrency investment scams dwarfed losses for all other types of cybercrime in 2022 , rising from $907 million in 2021 to $2.57 The ScamDoc fake reputation websites, which were apparently used to help make fake crypto investment platforms look more trustworthy. Image: Trend Micro.

Accountability

Accountability Scams Cryptocurrency Advertising

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

A search in Constella on 16Shop’s domain name shows that in mid-2022, a key administrator of the phishing service infected their Microsoft Windows desktop computer with the Redline information stealer trojan — apparently by downloading a cracked (and secretly backdoored) copy of Adobe Photoshop.

Phishing

Phishing Passwords Internet Hacking

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Security Boulevard

MARCH 14, 2023

Men Charged in 2022 Hacking of DEA Portal appeared first on Security Boulevard. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims. The post Two U.S.

Hacking

Hacking Government Accountability Web Fraud

Massive Losses Define Epidemic of ‘Pig Butchering’

Krebs on Security

JULY 21, 2022

. “The fraud is named for the way scammers feed their victims with promises of romance and riches before cutting them off and taking all their money,” the Federal Bureau of Investigation (FBI) warned in April 2022.

Scams

Scams Cryptocurrency Marketing Internet

Scary Fraud Ensues When ID Theft & Usury Collide

Krebs on Security

JANUARY 25, 2022

14, 2022 breach notification letter from tribal lender Mountain Summit Financial. MSF said the personal information involved in this incident may have included name, date of birth, government-issued identification numbers (e.g., A portion of the Jan.

Financial Services

Financial Services Banking Accountability Identity Theft

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Trending Sources

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Experian Glitch Exposing Credit Files Lasted 47 Days

A Day in the Life of a Prolific Voice Phishing Crew

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

How Cryptocurrency Turns to Cash in Russian Banks

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

When Low-Tech Hacks Cause High-Impact Breaches

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Identity Thieves Bypassed Experian Security to View Credit Reports

No SOCKS, No Shoes, No Malware Proxy Services!

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Lamborghini Carjackers Lured by $243M Cyberheist

How 1-Time Passcodes Became a Corporate Liability

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

911 Proxy Service Implodes After Disclosing Breach

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire

UK Sets Up Fake Booter Sites To Muddy DDoS Market

Disneyland Malware Team: It’s a Puny World After All

Using Google Search to Find Software Can Be Risky

The Stark Truth Behind the Resurgence of Russia’s Fin7

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Who’s Behind the Botnet-Based Service BHProxies?

Experian, You Have Some Explaining to Do

The Dark Nexus Between Harm Groups and ‘The Com’

Sued by Meta, Freenom Halts Domain Registrations

Phishers Spoof USPS, 12 Other Natl’ Postal Services

When Efforts to Contain a Data Breach Backfire

New Ransom Payment Schemes Target Executives, Telemedicine

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

US Harbors Prolific Malicious Link Shortening Service

Why is.US Being Used to Phish So Many of Us?

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Interview With a Crypto Scam Investment Spammer

A Deep Dive Into the Residential Proxy Service ‘911’

Who and What is Behind the Malware Proxy Service SocksEscort?

Service Rents Email Addresses for Account Signups

Karma Catches Up to Global Phishing Service 16Shop

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Massive Losses Define Epidemic of ‘Pig Butchering’

Scary Fraud Ensues When ID Theft & Usury Collide

Stay Connected