2024 and Web Fraud - Cyber Security Informer

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Krebs on Security

OCTOBER 17, 2024

The government isn’t saying where the Omed brothers are being held, only that they were arrested in March 2024 and have been in custody since. The two men also allegedly extorted some of their victims for money in exchange for calling off DDoS attacks. A statement by the U.S.

DDOS

DDOS Government Internet Internet

How Cryptocurrency Turns to Cash in Russian Banks

Krebs on Security

DECEMBER 11, 2024

firms , including an entity created in February 2024 called Globopay UAB Ltd , and another called WS Management and Advisory Corporation Ltd. In August 2024, Icon Tech changed its name again to Mezhundarondnaya IBU SRO , which describes itself as an “experienced company in IT consulting” that is based in Armenia.

Cryptocurrency

Cryptocurrency Banking Cybercrime Advertising

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

This domain was featured in a writeup from February 2024 by the security firm Lookout , which found it was one of dozens being used by a prolific and audacious voice phishing group it dubbed “ Crypto Chameleon.” Before we get to the Apple scam in detail, we need to revisit Tony’s case. ” Image: Shutterstock, ssi77.

Phishing

Phishing Cryptocurrency Accountability Social Engineering

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

In June 2024, booking.com told the BBC that phishing attacks targeting travelers had increased 900 percent, and that thieves taking advantage of new artificial intelligence (AI) tools were the primary driver of this trend.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. In mid-January 2024, several Leaked[.]cx technology companies during the summer of 2022. Still others he tried to sell.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. 14, 2024, KrebsOnSecurity heard from the same bluebtcus@gmail.com address, apropos of nothing. Why you destroy our lifes? Please remove it.”

Phishing

Phishing Cybercrime Malware Advertising

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

In January 2024, U.S. Sources familiar with the investigation told KrebsOnSecurity the accused is a 22-year-old from Dundee, Scotland named Tyler Buchanan , also allegedly known as “ tylerb ” on Telegram chat channels centered around SIM-swapping.

Hacking

Hacking Cybercrime Phishing Passwords

Using Google Search to Find Software Can Be Risky

Krebs on Security

JANUARY 25, 2024

19, 2024) of more than 200 domains at the Internet address 93.190.143[.]252 Although this website claims to be the official FreeCAD website, that honor belongs to the result directly below — the legitimate freecad.org. How do we know freecad-us[.]org org is malicious? com , filezillasoft[.]com com , keepermanager[.]com

Software

Software Advertising Malware Accountability

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

“Recent updates to macOS’s XProtect signature database indicate that Apple are aware of the problem, but early 2024 has already seen a number of stealer families evade known signatures,” security firm SentinelOne wrote in January.

Malware

Malware Cryptocurrency Software Phishing

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

co (as pictured in Monahan’s screenshot above) shows that between March 15 and March 19, 2024, those address raked in and transferred out nearly $18,000 in cryptocurrencies. Reviewing the four malicious cryptocurrency payment addresses that the attackers swapped into notes passed through privnote[.]co

Phishing

Phishing Cryptocurrency DDOS Internet

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

In February 2024, a Fortune 50 ransomware victim paid a record $75 million ransom to a Russian cybercrime group that calls themselves the Dark Angels. Taleon reminds UAPS customers they will enjoy 0% commission and no “know your customer” (KYC) requirements “on our exchange Cryptex.”

Cryptocurrency

Cryptocurrency Cybercrime Retail Government

How Phished Data Turns into Apple & Google Wallets

Krebs on Security

FEBRUARY 18, 2025

” The rise of so-called “ghost tap” mobile software was first documented in November 2024 by security experts at ThreatFabric. In August 2024, security researcher Grant Smith gave a presentation at the DEFCON security conference about tracking down the Smishing Triad after scammers spoofing the U.S.

Phishing

Phishing Mobile Scams Retail

The Stark Truth Behind the Resurgence of Russia’s Fin7

Krebs on Security

JULY 10, 2024

But experts say Fin7 has roared back to life in 2024 — setting up thousands of websites mimicking a range of media and technology companies — with the help of Stark Industries Solutions , a sprawling hosting provider that is a persistent source of cyberattacks against enemies of Russia. authorities.

Phishing

Phishing Cybercrime Malware Software

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

Others sell the explicit CSAM content produced by extortion on the dark web.” ” KrebsOnSecurity has learned Holy’s real name is Owen David Flowers , and that he is the previously unnamed 17-year-old who was arrested in July 2024 by the U.K.’s

Cybercrime

Cybercrime Accountability Mobile Hacking

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

Au was featured on the July 2024 cover of “Womenpreneur Middle East.” Meanwhile, the U.K. tabloids reported this summer that Au was dating Davide Sanclimenti , the 2022 co-winner on the dating reality show Love Island. ” Recall that we promised to revisit Mr. Zelocchi’s claimed acting credits.

Cryptocurrency

Cryptocurrency Government Internet Internet

Lamborghini Carjackers Lured by $243M Cyberheist

Krebs on Security

OCTOBER 9, 2024

25, 2024 in Danbury, Ct., ” A November 2022 story at patch.com quoted Veer Chetal (class of 2024) crediting the Harvard program with his decision to pursue a career in law. Image: ABC7NY. youtube.com/watch?v=xoiaGzwrunY v=xoiaGzwrunY Late in the afternoon of Aug.

Cryptocurrency

Cryptocurrency Social Engineering Accountability Mobile

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Proshutinskiy’s LinkedIn profile says he is a Class of 2024 student at TGM , which is a Christian mission school in Austria. The very first result that comes up when one searches that unusual name in Google is a LinkedIn profile for a Sergey Proshutinskiy from Vienna, Austria.

Scams

Scams DDOS Cryptocurrency Accountability

A Single Cloud Compromise Can Feed an Army of AI Sex Bots

Krebs on Security

OCTOBER 3, 2024

In June 2024, security experts at Sysdig documented a new attack that leveraged stolen cloud credentials to target ten cloud-hosted LLMs. “If undiscovered, this type of attack could result in over $46,000 of LLM consumption costs per day for the victim.”

Accountability

Accountability Artificial Intelligence Web Fraud Cryptocurrency

How to Lose a Fortune with Just One Bad Click

Krebs on Security

DECEMBER 18, 2024

On the evening of May 15, 2024, Tony was putting his three- and one-year-old boys to bed when he received a message from Google about an account security issue, followed by a phone call from a “Daniel Alexander” at Google who said his account was compromised by hackers. Nevertheless, Soundcloud removed the audio file.

Cryptocurrency

Cryptocurrency Accountability Authentication Phishing

Infrastructure Laundering: Blending in with the Cloud

Krebs on Security

JANUARY 30, 2025

In October 2024, the security firm Silent Push published a lengthy analysis of how Amazon AWS and Microsoft Azure were providing services to Funnull, a two-year-old Chinese content delivery network that hosts a wide variety of fake trading apps, pig butchering scams , gambling websites, and retail phishing pages.

Accountability

Accountability Scams Passwords Retail

Cyber Security Informer

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

How Cryptocurrency Turns to Cash in Russian Banks

Webinars

Trending Sources

A Day in the Life of a Prolific Voice Phishing Crew

Webinars

Booking.com Phishers May Leave You With Reservations

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Using Google Search to Find Software Can Be Risky

Calendar Meeting Links Used to Spread Mac Malware

Fake Lawsuit Threat Exposes Privnote Phishing Sites

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

How Phished Data Turns into Apple & Google Wallets

The Stark Truth Behind the Resurgence of Russia’s Fin7

The Dark Nexus Between Harm Groups and ‘The Com’

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Lamborghini Carjackers Lured by $243M Cyberheist

Interview With a Crypto Scam Investment Spammer

A Single Cloud Compromise Can Feed an Army of AI Sex Bots

How to Lose a Fortune with Just One Bad Click

Infrastructure Laundering: Blending in with the Cloud

Stay Connected