Krebs on Security

SEPTEMBER 30, 2024

A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, the government alleges. had some personal problems and checked himself into rehab.

Cryptocurrency 275

Cryptocurrency Government Internet Internet 275

Krebs on Security

AUGUST 2, 2022

The underground cybercrime forums are now awash in pleas from people who are desperately seeking a new supplier of abundant, cheap, and reliably clean proxies to restart their businesses. That is a far cry from the proxy inventory advertised by 911, which stood at more than 200,000 IP addresses for rent just a few days ago.

Malware 281

Malware Cybercrime Internet Internet 281

Krebs on Security

OCTOBER 8, 2020

But judging from the proliferation of help-wanted ads for offensive pentesters in the cybercrime underground, today’s attackers have exactly zero trouble gaining that initial intrusion: The real challenge seems to be hiring enough people to help everyone profit from the access already gained.

Cybercrime 329

Cybercrime VPN Malware Ransomware 329

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort began in 2009 as “ super-socks[.]com SocksEscort began in 2009 as “ super-socks[.]com com, super-socks[.]com,

Malware 208

Malware VPN Internet Internet 208

Krebs on Security

FEBRUARY 28, 2023

In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device. ” or “ Tmo up!

Mobile 333

Mobile Phishing Authentication Advertising 333

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. biz , a long-running crypting service that is trusted by some of the biggest names in cybercrime.

Malware 237

Malware Antivirus Cybercrime Hacking 237

Krebs on Security

APRIL 30, 2020

In a report published today, the company said since late March 2020 it has observed several crooks complaining about COVID-19 interfering with the daily activities of their various money mules (people hired to help launder the proceeds of cybercrime). ” Alex Holden , founder and CTO of Hold Security , agreed. .”

Cybercrime 316

Cybercrime Computers and Electronics Marketing Scams 316

Krebs on Security

SEPTEMBER 29, 2021

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. agency — advertised a web-based bot designed to trick targets into giving up OTP tokens.

Passwords 341

Passwords Mobile Authentication Banking 341

Krebs on Security

JUNE 6, 2023

In May, KrebsOnSecurity interviewed a Russian spammer named “ Quotpw “ who was mass-registering accounts on the social media network Mastodon in order to conduct a series of huge spam campaigns advertising scam cryptocurrency investment platforms. Image: Trend Micro. billion last year.

Accountability 223

Accountability Scams Cryptocurrency Advertising 223

Krebs on Security

APRIL 4, 2024

Privnote’s ease-of-use and popularity among cryptocurrency enthusiasts has made it a perennial target of phishers , who erect Privnote clones that function more or less as advertised but also quietly inject their own cryptocurrency payment addresses when a note is created that contains crypto wallets. Among those is rustraitor[.]info

Phishing 239

Phishing Cryptocurrency DDOS Internet 239

Krebs on Security

APRIL 28, 2020

The request for the last four of the customer’s credit card number was consistent with my own testing, which relied upon on a caller ID spoofing service advertised in the cybercrime underground and aimed at a Citi account controlled by this author. A screen shot from an underground store selling CVV records. Click to enlarge.

Scams 363

Scams Banking Accountability Financial Services 363

Krebs on Security

OCTOBER 15, 2019

All of the card data stolen from BriansClub was shared with multiple sources who work closely with financial institutions to identify and monitor or reissue cards that show up for sale in the cybercrime underground. The leaked data shows that in 2015, BriansClub added just 1.7 million card records for sale. million more. HACKING BACK?

Hacking 226

Hacking Cybercrime Marketing Banking 226

Krebs on Security

JUNE 28, 2022

Google took aim at Glupteba in part because its owners were using the botnet to divert and steal vast sums in online advertising revenue. Full disclosure: Constella is currently an advertiser on this website]. ru , an extremely popular Russian-language pay-per-install network that has been in operation for at least a decade.

Passwords 267

Passwords Malware Internet Internet 267

Krebs on Security

NOVEMBER 13, 2018

But the site is noticeably devoid of any SSL certificate (the entire site is [link] not [link] and the products for sale are all advertised for roughly half their normal cost. It’s now advertising running shoes. So what’s going here? .” 4, KrebsOnSecurity published Who’s in Your Online Shopping Cart?

Accountability 220

Accountability eCommerce Cybercrime Advertising 220

Krebs on Security

FEBRUARY 4, 2021

Facebook said it targeted a number of accounts tied to key sellers on OGUsers, as well as those who advertise the ability to broker stolen account sales. Like most cybercrime forums, OGUsers is overrun with shady characters who are there mainly to rip off other members. THE MIDDLEMEN.

Accountability 323

Accountability Hacking Media Mobile 323

Krebs on Security

MARCH 29, 2022

” On April 5, 2021, Everlynn posted a new sales thread to the cybercrime forum cracked[.]to Everlynn advertising a warrant/subpoena service based on fake EDRs. ” which advertised the ability to send email from a federal agency within the government of Argentina. ” The price: $100 to $250 per request.

Accountability 289

Accountability Government Hacking Social Engineering 289

Krebs on Security

SEPTEMBER 18, 2024

Recently, these scammers have branched out into offering fake streaming services for nearly any kind of event advertised on Facebook. These so-called “stealer logs” are mostly generated by opportunistic infections from information-stealing trojans that are sold on cybercrime markets.

Scams 62

Scams DNS Internet Internet 62

Krebs on Security

APRIL 27, 2022

Fake EDRs have become such a reliable method in the cybercrime underground for obtaining information about account holders that several cybercriminals have started offering services that will submit these fraudulent EDRs on behalf of paying clients to a number of top social media and technology firms.

Mobile 190

Mobile Government Media Technology 190

Krebs on Security

AUGUST 9, 2021

Also, this greenhorn criminal clearly had bought into BriansClub’s advertising, which uses my name and likeness in a series of ads that run on all the top cybercrime forums. com was hosted at a company in Moscow with just a handful of other domains phishing popular cybercrime stores, including Jstashbazar[.]com,

Phishing 362

Phishing Cybercrime Accountability Advertising 362

Krebs on Security

JULY 18, 2022

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source. in the British Virgin Islands. FORUM ACTIVITY?

VPN 320

VPN Computers and Electronics Antivirus Software 320

Krebs on Security

JULY 16, 2019

For at least the past decade, a computer crook variously known as “ Yalishanda ,” “ Downlow ” and “ Stas_vl ” has run one of the most popular “bulletproof” Web hosting services catering to a vast array of phishing sites, cybercrime forums and malware download servers.

Cybercrime 198

Cybercrime Phishing Banking Malware 198

Krebs on Security

OCTOBER 3, 2024

.” Ian Ahl , senior vice president of threat research at Permiso, said attackers in possession of a working cloud account traditionally have used that access for run-of-the-mill financial cybercrime, such as cryptocurrency mining or spam. “And these are typically things the large language models won’t be able to talk about.”

Accountability 256

Accountability Artificial Intelligence Web Fraud Cryptocurrency 256

Krebs on Security

FEBRUARY 9, 2022

The crackdown — the second closure of major card fraud shops by Russian authorities in as many weeks — comes closely behind Russia’s arrest of 14 alleged affiliates of the REvil ransomware gang , and has many in the cybercrime underground asking who might be next. K’s message for Trump’s Dumps users.

Cybercrime 262

Cybercrime Marketing Identity Theft Retail 262

Krebs on Security

FEBRUARY 25, 2021

These days, some of the most frequent posts on those channels advertise the sale of various “methods” or tips about how to bypass ID.me in cybercrime forums, Telegram channels throughout 2020. protections. Mentions of id.me Source: Flashpoint-intel.com.

Scams 333

Scams Insurance DDOS Authentication 333