2023, Hacking and Web Fraud - Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking

Hacking Accountability Government Social Engineering

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Krebs on Security

OCTOBER 17, 2024

Image: FBI Active since at least January 2023, AnonSudan has been described in media reports as a “hacktivist” group motivated by ideological causes. companies, causing a multi-day outage for Microsoft’s cloud services in June 2023. 2023), and OpenAI (Nov. 7, 2023, a wave of rockets was launched into Israel.

DDOS

DDOS Government Internet Internet

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

In November 2023, the security firm SecureWorks detailed how scammers targeted booking.com hospitality partners with data-stealing malware. SecureWorks said these attacks had been going on since at least March 2023. million phishing attempts in 2023.” A scan of social media networks showed this is not an uncommon scam.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking

Hacking Cybercrime Phishing Passwords

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

The Fake Browser Update Scam Gets a Makeover

Krebs on Security

OCTOBER 18, 2023

One of the oldest malware tricks in the book — hacked websites claiming visitors need to update their Web browser before they can view any content — has roared back to life in the past few months.

Scams

Scams Malware Cryptocurrency Hacking

Using Google Search to Find Software Can Be Risky

Krebs on Security

JANUARY 25, 2024

” In February 2023, Hegel co-authored a report on this same network, which Sentinel One has dubbed MalVirt (a play on “malvertising”). This October 2023 report on the FreeCAD user forum came from a user who reported downloading a copy of the software from freecadsoft[.]com They paid Google for sponsored posts.”

Software

Software Advertising Malware Accountability

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

A search in Google for a string of text from that script turns up a December 2023 blog post from cryptocurrency security firm SlowMist about phishing attacks on Telegram from North Korean state-sponsored hackers. “When the project team clicks the link, they encounter a region access restriction,” SlowMist wrote.

Malware

Malware Cryptocurrency Software Phishing

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

In January 2023, the Faceless service website said it was willing to pay for information about previously undocumented security vulnerabilities in IoT devices. Verified and other Russian language crime forums where MrMurza had a presence have been hacked over the years, with contact details and private messages leaked online.

Malware

Malware Passwords Accountability Advertising

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

” Monahan has been documenting the crypto thefts via Twitter/X since March 2023, frequently expressing frustration in the search for a common cause among the victims. And then he got hacked. “I would personally advocate that nobody ever uses LastPass again: Not because they were hacked. Then on Aug. But on Nov.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

ru , which periodically published hacking tools and exploits for software vulnerabilities. By 2004, v1pee had adopted the moniker “ Vega ” on the exclusive Russian language hacking forum Mazafaka , where this user became one of the more reliable vendors of stolen payment cards.

Cryptocurrency

Cryptocurrency Cybercrime Retail Government

Google Suspends Chinese E-Commerce App Pinduoduo Over Malware

Krebs on Security

MARCH 22, 2023

28, 2023, researchers at the Chinese security firm DarkNavy published a blog post purporting to show evidence that a major Chinese ecommerce company’s app was using this same three-exploit chain to read user data stored by other apps on the affected device, and to make its app nearly impossible to remove. .

Malware

Malware eCommerce Mobile Media

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

A cyberattack that shut down two of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia.

Cybercrime

Cybercrime Accountability Mobile Hacking

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Krebs on Security

NOVEMBER 2, 2023

One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. The login page for the criminal reshipping service SWAT USA Drop. The SWAT drop service has been around in various names and under different ownership for almost a decade.

Cybercrime

Cybercrime Marketing Scams Retail

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

All three SIM-swapping entities that were tracked for this story remain active in 2023, and they all conduct business in open channels on the instant messaging platform Telegram. “They underestimate these actors and say this person isn’t technically sophisticated,” she said.

Mobile

Mobile Phishing Authentication Advertising

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said that on May 4, 2023, someone unleashed a spam torrent targeting users on these Mastodon communities via “private mentions,” a kind of direct messaging on the platform. The messages said recipients had earned an investment credit at a cryptocurrency trading platform called moonxtrade[.]com. pw was their domain.

Scams

Scams DDOS Cryptocurrency Accountability

Lamborghini Carjackers Lured by $243M Cyberheist

Krebs on Security

OCTOBER 9, 2024

It remains unclear which Chetal family member acquired the 2023 Lamborghini Urus, which has a starting price of around $233,000. The attackers also spoofed a call from account support representatives at the cryptocurrency exchange Gemini , claiming the target’s account had been hacked.

Cryptocurrency

Cryptocurrency Social Engineering Accountability Mobile

How to Lose a Fortune with Just One Bad Click

Krebs on Security

DECEMBER 18, 2024

A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click “yes” to a Google prompt on his mobile device. .

Cryptocurrency

Cryptocurrency Accountability Authentication Phishing

Infrastructure Laundering: Blending in with the Cloud

Krebs on Security

JANUARY 30, 2025

In 2023, Suncity’s CEO was sentenced to 18 years in prison on charges of fraud, illegal gambling, and “ triad offenses,” i.e. working with Chinese transnational organized crime syndicates.

Accountability

Accountability Scams Passwords Retail

Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Webinars

Trending Sources

Booking.com Phishers May Leave You With Reservations

Webinars

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

The Fake Browser Update Scam Gets a Makeover

Using Google Search to Find Software Can Be Risky

Calendar Meeting Links Used to Spread Mac Malware

Giving a Face to the Malware Proxy Service ‘Faceless’

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Google Suspends Chinese E-Commerce App Pinduoduo Over Malware

The Dark Nexus Between Harm Groups and ‘The Com’

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Interview With a Crypto Scam Investment Spammer

Lamborghini Carjackers Lured by $243M Cyberheist

How to Lose a Fortune with Just One Bad Click

Infrastructure Laundering: Blending in with the Cloud

Stay Connected