Krebs on Security

NOVEMBER 2, 2023

One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Services like SWAT are known as “Drops for stuff” on cybercrime forums. The login page for the criminal reshipping service SWAT USA Drop. “SwatVerified.”

Cybercrime 297

Cybercrime Marketing Scams Retail 297

Krebs on Security

AUGUST 3, 2023

Eremin said ThreatFabric has seen this malware obfuscation method used a few times in the past, but in April 2023 it started finding many more variants of known mobile malware families leveraging it for stealth. Eremin said Google flagged their initial May 9, 2023 report as “high” severity.

Mobile 205

Mobile Malware Banking Cybercrime 205

Krebs on Security

APRIL 18, 2023

In January 2023, the Faceless service website said it was willing to pay for information about previously undocumented security vulnerabilities in IoT devices. ” MRMURZA Faceless is a project from MrMurza , a particularly talkative member of more than a dozen Russian-language cybercrime forums over the past decade. In 2013, U.S.

Malware 257

Malware Passwords Accountability Advertising 257

Krebs on Security

FEBRUARY 28, 2023

In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device.

Mobile 333

Mobile Phishing Authentication Advertising 333

Krebs on Security

APRIL 4, 2024

Throughout 2023, Tornote was hosted with the Russian provider DDoS-Guard , at the Internet address 186.2.163[.]216. In keeping with the overall theme, these phishing domains appear focused on stealing usernames and passwords to some of the cybercrime underground’s busiest shops, including Brian’s Club. com , meternask[.]com

Phishing 239

Phishing Cryptocurrency DDOS Internet 239

Krebs on Security

MAY 22, 2023

Chaput said that on May 4, 2023, someone unleashed a spam torrent targeting users on these Mastodon communities via “private mentions,” a kind of direct messaging on the platform. The messages said recipients had earned an investment credit at a cryptocurrency trading platform called moonxtrade[.]com. billion last year.

Scams 267

Scams DDOS Cryptocurrency Accountability 267

Krebs on Security

SEPTEMBER 13, 2024

A cyberattack that shut down two of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. Image: Shutterstock.

Cybercrime 285

Cybercrime Accountability Mobile Hacking 285

Krebs on Security

SEPTEMBER 18, 2024

xyz , a domain registered in November 2023. According to DomainTools.com , the organization that registered this domain is called “ apkdownloadweb ,” is based in Rajshahi, Bangladesh, and uses the DNS servers of a Web hosting company in Bangladesh called webhostbd[.]net.

Scams 62

Scams DNS Internet Internet 62

Krebs on Security

OCTOBER 17, 2024

AnonSudan ), a cybercrime business known for launching powerful distributed denial-of-service (DDoS) attacks against a range of targets, including dozens of hospitals, news websites and cloud providers. companies, causing a multi-day outage for Microsoft’s cloud services in June 2023. 2023), and OpenAI (Nov.

DDOS 216

DDOS Government Internet Internet 216

Krebs on Security

MARCH 22, 2023

28, 2023, researchers at the Chinese security firm DarkNavy published a blog post purporting to show evidence that a major Chinese ecommerce company’s app was using this same three-exploit chain to read user data stored by other apps on the affected device, and to make its app nearly impossible to remove. .

Malware 288

Malware eCommerce Mobile Media 288