Krebs on Security

SEPTEMBER 1, 2021

Over the past 15 years, a cybercrime anonymity service known as VIP72 has enabled countless fraudsters to mask their true location online by routing their traffic through millions of malware-infected systems. based Internet address for more than a decade — a remarkable achievement for such a high-profile cybercrime service.

Malware 329

Malware Cybercrime Internet Internet 329

Malwarebytes

JANUARY 15, 2025

Fuel for other malware and scam campaigns Indicators of Compromise Overview Online criminals are targeting individuals and businesses that advertise via Google Ads by phishing them for their credentials ironically via fraudulent Google ads. This earned Google a whopping $175 billion in search-based ad revenues in 2023.

Advertising 135

Advertising Accountability Phishing Scams 135

Security Affairs

FEBRUARY 2, 2025

and Dutch authorities seized 39 domains and servers linked to the HeartSender cybercrime group based in Pakistan. A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools.

Cybercrime 109

Cybercrime Advertising Phishing Hacking 109

The Hacker News

OCTOBER 1, 2023

Cybersecurity experts have discovered yet another malware-as-a-service (MaaS) threat called BunnyLoader that's being advertised for sale on the cybercrime underground.

Cybercrime 143

Cybercrime Malware Advertising Cybersecurity 143

Security Affairs

MARCH 6, 2021

A suspicious wave of attacks resulted in the hack of four cybercrime forums Verified, Crdclub, Exploit, and Maza since January. Since January, a series of mysterious cyberattacks that resulted in the hack of popular Russian-language cybercrime forums. The hack of the Maza cybercrime forum was also reported by researchers at Flashpoint.

Cybercrime 145

Cybercrime Hacking DDOS Passwords 145

Krebs on Security

DECEMBER 19, 2024

Silent Push said Araneida is being advertised by an eponymous user on multiple cybercrime forums. Araneida Scanner’s Telegram channel bragging about how customers are using the service for cybercrime. ” Orn advertising Araneida Scanner in Feb. ” Orn advertising Araneida Scanner in Feb.

Hacking 220

Hacking Cybercrime Advertising Data breaches 220

Krebs on Security

JUNE 22, 2022

.” The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums. Even today, the RUSdot Mailer is advertised for sale at the top of the RUSdot community forum.

Advertising 309

Advertising Cybercrime System Administration Hacking 309

Security Affairs

MARCH 15, 2024

US DoJ sentenced a Moldovan national (31) to 42 months in federal prison for operating the E-Root cybercrime marketplace. Diaconu was operating the E-Root cybercrime marketplace. Authorities reported that over 350,000 credentials were advertised for sale on the marketplace. The authorities also seized the exchange platform.

Cybercrime 132

Cybercrime Cryptocurrency Advertising Passwords 132

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. “The FBI is informing academic partners of identified US college and university credentials advertised for sale on online criminal marketplaces and publically accessible forums.

Cybercrime 145

Cybercrime Education Accountability Phishing 145

Krebs on Security

MARCH 10, 2020

was originally advertised on the public Russian-language hacking forum Antichat by a venerated user in that community who goes by the alias “ Isis.” ” A Google Translate version of that advertisement is here (PDF). ru , a cybercrime forum in its own right that called itself “ The Antichat Mafia.”

Accountability 332

Accountability Advertising Hacking Cybercrime 332

Krebs on Security

JANUARY 24, 2023

First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device. At that time, RSOCKS was advertising more than 80,000 proxies. Image: archive.org.

Cybercrime 264

Cybercrime Advertising IoT Malware 264

Krebs on Security

FEBRUARY 1, 2021

” The proprietors of the phishing service were variously known on cybercrime forums under handles such as SMSBandits, “ Gmuni ,” “ Bamit9 ,” and “ Uncle Munis.” agency advertises a service designed to help intercept one-time passwords needed to log in to various websites.

Phishing 354

Phishing Telecommunications Advertising Mobile 354

Krebs on Security

MAY 14, 2021

“Servers were seized (country not named), money of advertisers and founders was transferred to an unknown account,” reads a message from a cybercrime forum reposted to the Russian OSINT Telegram channel. Affiliates also will be required to get approval before infecting victims.

Ransomware 364

Ransomware Cryptocurrency Cybercrime Healthcare 364

SecureWorld News

JANUARY 30, 2025

In a coordinated international effort, law enforcement agencies from the United States, Europe, and Australia have dismantled Cracked and Nulled, two of the world's largest cybercrime marketplaces. The forum had more than 4 million users and listed more than 28 million posts advertising illicit services. He is now facing U.S.

Cybercrime 106

Cybercrime Identity Theft Hacking Cryptocurrency 106

Krebs on Security

MAY 29, 2024

.” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. Cloud Router was previously called 911 S5.

VPN 336

VPN Government Cybercrime Internet 336

The Hacker News

MAY 18, 2023

A cybercrime enterprise known as Lemon Group is leveraging millions of pre-infected Android smartphones worldwide to carry out their malicious operations, posing significant supply chain risks.

Cybercrime 108

Cybercrime Advertising Mobile Media 108

Krebs on Security

OCTOBER 8, 2020

But judging from the proliferation of help-wanted ads for offensive pentesters in the cybercrime underground, today’s attackers have exactly zero trouble gaining that initial intrusion: The real challenge seems to be hiring enough people to help everyone profit from the access already gained.

Cybercrime 345

Cybercrime VPN Malware Ransomware 345

Tech Republic Security

AUGUST 20, 2020

Digital advertising has vulnerabilities, and this type of cybercrime will cost businesses $100 million a day by 2023, but goes almost completely unnoticed, according to adtech company TrafficGuard.

CISO 176

CISO Cybercrime Advertising 176

Krebs on Security

DECEMBER 8, 2021

A search in DomainTools on that email address reveals multiple domains registered to a Matthew Philbert and to the Ottawa phone number 6138999251 [DomainTools is a frequent advertiser on this site]. Perhaps the earliest and most important cybercrime forum DCReavers2 frequented was Darkode , where he was among the first two-dozen members.

Cybercrime 321

Cybercrime Ransomware Accountability Advertising 321

Krebs on Security

NOVEMBER 19, 2024

8, a cybercriminal using the nickname “ abyss0 ” posted on the English-language cybercrime community BreachForums that they’d stolen files belonging to some of Finastra’s largest banking clients. Importantly, for any customers who are deemed to be affected, we will be reaching out and working with them directly.”

Data breaches 280

Data breaches Banking Cybercrime Advertising 280

SecureWorld News

MARCH 29, 2024

The concept of the term "malvertising" (a portmanteau of "malicious advertising") suggests an overlap with ads, albeit dodgy ones, and therefore fuels the fallacy that its impact hardly goes beyond frustration. A stepping stone to impactful cybercrime This tactic has tangible real-world implications.

Cybercrime 107

Cybercrime Advertising Engineering Antivirus 107

Malwarebytes

JANUARY 30, 2025

Just days after we uncovered a campaign targeting Google Ads accounts, a similar attack has surfaced, this time aimed at Microsoft advertisers. These malicious ads, appearing on Google Search, are designed to steal the login information of users trying to access Microsoft’s advertising platform.

Advertising 83

Advertising Phishing Accountability Marketing 83

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. According to those sources, U.S.

Malware 332

Malware Identity Theft Cybercrime Accountability 332

Krebs on Security

APRIL 18, 2023

For less than a dollar per day, Faceless customers can route their malicious traffic through tens of thousands of compromised systems advertised on the service. Notices posted for Faceless users, advertising an email flooding service and soliciting zero-day vulnerabilities in Internet of Things devices. Image: Darkbeast/Ke-la.com.

Malware 281

Malware Passwords Accountability Advertising 281

Krebs on Security

JULY 20, 2021

.” Over the course of his 15-year cybercriminal career, Severa would emerge as a pivotal figure in the cybercrime underground , serving as the primary moderator of a spam community that spanned multiple top Russian cybercrime forums. Severa rented out segments of his Waledac botnet to anyone seeking a vehicle for sending spam.

Antivirus 337

Antivirus Cybercrime Identity Theft Scams 337

Krebs on Security

APRIL 30, 2020

In a report published today, the company said since late March 2020 it has observed several crooks complaining about COVID-19 interfering with the daily activities of their various money mules (people hired to help launder the proceeds of cybercrime). ” Alex Holden , founder and CTO of Hold Security , agreed. .”

Cybercrime 341

Cybercrime Computers and Electronics Marketing Scams 341

Krebs on Security

MARCH 31, 2023

FlyHosting first advertised on cybercrime forums in November 2022, saying it was a Germany-based hosting firm that was open for business to anyone looking for a reliable place to host malware, botnet controllers, or DDoS-for-hire infrastructure. Image: Ke-la.com.

DDOS 294

DDOS Internet Internet Cybercrime 294

Krebs on Security

NOVEMBER 14, 2024

That investigation detailed how the 38-year-old Shefel adopted the nickname Rescator while working as vice president of payments at ChronoPay , a Russian financial company that paid spammers to advertise fake antivirus scams, male enhancement drugs and knockoff pharmaceuticals. “I’m also godfather of his second son.”

Retail 242

Retail Advertising Cryptocurrency Marketing 242

CSO Magazine

JULY 22, 2022

In an analysis of 174 exploits advertised on the dark web, HP Wolf researchers found an overwhelming number (91%) were selling for less than $10. It found that competition in the underground has driven down the price of malicious tools, making them affordable to anyone.

Cybercrime 130

Cybercrime eCommerce Advertising Malware 130

Krebs on Security

DECEMBER 29, 2020

In almost every category — from epic breaches and ransomware to cybercrime justice and increasingly aggressive phishing and social engineering scams — 2020 was a year that truly went to eleven. But it was hardly a dull one for computer security news junkies.

Scams 300

Scams Social Engineering Cybercrime Advertising 300

Krebs on Security

JULY 10, 2024

The Russia-based cybercrime group dubbed “ Fin7 ,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. In typosquatting attacks, Fin7 registers domains that are similar to those for popular free software tools.

Phishing 302

Phishing Cybercrime Malware Software 302

Krebs on Security

MAY 28, 2024

911’s VPN performed largely as advertised for the user — allowing them to surf the web anonymously — but it also quietly turned the user’s computer into a traffic relay for paying 911 S5 customers. 911 built its proxy network mainly by offering “free” virtual private networking (VPN) services. ”

VPN 263

VPN Banking Cybercrime Internet 263

Security Affairs

MARCH 27, 2023

The malware was advertised on cybercrime forums since early March, it is under active development and its operators planned to add new features to capture data from Apple’s Safari browser and the Notes app. It can infect Catalina and subsequent macOS versions running on Intel M1 and M2 CPUs.

Cybercrime 98

Cybercrime Malware Passwords Advertising 98

Krebs on Security

JANUARY 28, 2022

“ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. On the cybercrime forum RAMP , the user Binrs says they are a Rust developer who’s been coding for 6 years. I AM DUCKERMAN.

Ransomware 318

Ransomware Accountability Cybercrime Malware 318

Krebs on Security

JULY 13, 2020

The incident also highlights the often murky area between what’s legal and ethical in combating cybercrime. Data Viper has sought to differentiate itself by advertising “access to private and undisclosed breach data.” An online post by the attackers who broke into Data Viper. ” SMOKE AND MIRRORS.

Hacking 362

Hacking Marketing Cybercrime Accountability 362

Security Affairs

NOVEMBER 24, 2024

seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016.

Cybercrime 130

Cybercrime Cryptocurrency Banking Accountability 130

Krebs on Security

JUNE 1, 2023

One of Megatraffer’s ads on an English-language cybercrime forum. Megatraffer has continued to offer their code-signing services across more than a half-dozen other Russian-language cybercrime forums, mostly in the form of sporadically available EV and non-EV code-signing certificates from major vendors like Thawte and Comodo.

Malware 290

Malware Cybercrime Software Accountability 290