Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Dmitry Yuryevich Khoroshev.

Ransomware 295

Ransomware Cybercrime Accountability Malware 295

Security Affairs

JUNE 25, 2019

Belgium police have identified a member of the Anonymous Belgium collective while investigating an arson case at a local bank. The Anonymous member is a 35-year-old man from Roeselare, Belgium, was arrested after throwing a Molotov cocktail at the Crelan Bank office in Rumbeke, back in 2014.

DDOS 111

DDOS Banking Computers and Electronics Cybercrime 111

Security Affairs

AUGUST 21, 2022

Threat actors compromise WordPress sites to display fake Cloudflare DDoS protection pages to distribute malware. DDoS Protection pages are associated with browser checks performed by WAF/CDN services which verify if the site visitor is a human or a bot. The file poses as a tool required to bypass the DDoS verification.

DDOS 98

DDOS Malware Antivirus Firewall 98

SecureList

NOVEMBER 23, 2021

The COVID-19 pandemic is likely to cause a massive wave of poverty, and that invariably translates into more people resorting to crime, including cybercrime. Cracking down hard on the cybercrime world. If not ransomware, then DDoS or possibly both. Of course, this is the result of economic problems caused by the pandemic.

Cryptocurrency 141

Cryptocurrency Banking Cybercrime Ransomware 141

Security Affairs

OCTOBER 16, 2021

TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The gang support other cybercrime groups such as known Hive0105, Hive0106 (aka TA551 or Shathak), and Hive0107, supporting them in expanding their malware campaigns. ” reads the post published by IBM X-Force.

Malware 133

Malware Cybercrime DDOS Social Engineering 133

Security Affairs

JANUARY 3, 2023

Experts warn of a new malware campaign using sensitive information stolen from a bank as a lure to spread the remote access trojan BitRAT. Qualys experts spotted a new malware campaign spreading a remote access trojan called BitRAT using sensitive information stolen from a bank as a lure in phishing messages. Keylogging. Monero mining.

Banking 98

Banking Malware Phishing DDOS 98

Security Affairs

SEPTEMBER 27, 2021

Researchers from vpnMentor recently published a report that sheds the light on the use of Telegram in the cybercrime ecosystem. vpnMentor researchers joined several cybercrime-focused Telegram groups and discovered a vast network of more 1,000s individuals sharing data leaks and dumps and discussing how to exploit them in illegal activities.

Cybercrime 139

Cybercrime Hacking Mobile DDOS 139

Security Boulevard

MAY 21, 2021

The Avaddon ransomware group took credit for the attack, telling Bleeping Computer that it also launched a DDoS attack against the insurer’s websites in Thailand, Malaysia, Hong Kong, and the Philippines as added pressure to pay the ransom amount.

Insurance 138

Insurance Ransomware DDOS Banking 138

Krebs on Security

OCTOBER 31, 2023

domains were the worst in the world for spam, botnet (attack infrastructure for DDOS etc.) domains were registered to attack some of the United States’ most prominent companies, including Bank of America, Amazon, Apple, AT&T, Citi, Comcast, Microsoft, Meta, and Target. As far back as 2018, Interisle found.US US phishing domains.

Phishing 326

Phishing Telecommunications Malware Scams 326

Security Affairs

JUNE 22, 2022

Today the group has announced multiple targets for coordinated DDoS attacks – the resources to be attacked are distributed between so-called “units” who are based on members and volunteers who joined previous and current campaigns.

Cyber Attacks 145

Cyber Attacks DDOS Media Government 145

Security Affairs

MAY 16, 2021

Avaddon ransomware gang made the headlines again, the cybercrime gang has breached the France-based financial consultancy firm Acer Finance. The hackers pointed out that there is no way to decrypt data without their decryptor, they also threatened the company to target it with a DDoS attack in case they will refuse to pay the ransom.

Hacking 144

Hacking Ransomware DDOS Manufacturing 144

Security Affairs

NOVEMBER 11, 2023

Police seized BulletProftLink phishing-as-a-service (PhaaS) platform Serbian pleads guilty to running ‘Monopoly’ dark web drug market McLaren Health Care revealed that a data breach impacted 2.2 Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams How a ‘Refund Fraud’ Gang Stole $700,000 From Amazon Info from 5.6

DDOS 128

DDOS Data breaches Ransomware Marketing 128

Security Affairs

FEBRUARY 16, 2020

Massive DDoS attack brought down 25% Iranian Internet connectivity. A cyber-attack on major banks could trigger a liquidity crisis, ECB President Christine Lagarde warns. Safer internet day – Cybercrime facts Infographic. South Korean Woori Bank is accused of unauthorized use of customer data.

Cyber Attacks 128

Cyber Attacks Banking Advertising Internet 128

Security Affairs

MARCH 1, 2020

Raccoon Malware, a success case in the cybercrime ecosystem. Silence Hacking Crew threatens Australian banks of DDoS attacks. New strain of Cerberus Android banking trojan can steal Google Authenticator codes. FBI recommends using passphrases instead of complex passwords. Lampion malware v2 February 2020.

Banking 133

Banking Advertising Malware Ransomware 133

Security Affairs

OCTOBER 30, 2021

INTERPOL published the African Cyberthreat Assessment Report 2021, a report that analyzes evolution of cybercrime in Africa. A new report published by INTERPOL, titled the African Cyberthreat Assessment Report 2021 , sheds the light on cybercrime in Africa.

Cybercrime 89

Cybercrime Scams DDOS Banking 89

Security Affairs

OCTOBER 2, 2022

The phishing campaigns were conducted between October 3, 2020, and May 29, 2021, the gang sent to the victims messaging posing as coming from German banks. “These e-mails were visually and linguistically believable based on real bank e-mails. ” reads the statement issued by BKA and shared by BleepingComputer.

Phishing 106

Phishing Banking DDOS Accountability 106

Security Affairs

FEBRUARY 24, 2022

This follows the DDoS attacks against several Ukrainian websites earlier today 1/n — ESET research (@ESETresearch) February 23, 2022. According to the security firm, the infections followed the DDoS attacks against several Ukrainian websites, including Ministry of Foreign Affairs, Cabinet of Ministers, and Rada.

Malware 127

Malware DDOS Banking Government 127

Webroot

MARCH 9, 2021

One of the reasons why there’s so much cybercrime is because there are so many ways for cybercriminals to exploit vulnerabilities and circumvent even the best defenses. Take a deep dive into the three main hacker types and get tips on how to defend against them by downloading the e-book, Hacker Personas: a deeper Look Into Cybercrime.

Hacking 132

Hacking DNS Surveillance Cybercrime 132

Krebs on Security

DECEMBER 20, 2018

The seizure notice appearing on the homepage this week of more than a dozen popular “booter” or “stresser” DDoS-for-hire Web sites. Booter sites are dangerous because they help lower the barriers to cybercrime, allowing even complete novices to launch sophisticated and crippling attacks with the click of a button.

DNS 224

DNS Computers and Electronics Government Internet 224

Security Affairs

AUGUST 27, 2020

In its report, Group-IB Threat Intelligence experts provide evidence linking three campaigns with the use of various JavaScript-sniffer families – an instrument used by cybercriminals to steal text bank card data – previously attributed by cybersecurity researchers to various Magecart groups, to the same hacker group. Cybercrime prodigy.

Banking 124

Banking Cybercrime Marketing Advertising 124

Security Affairs

FEBRUARY 27, 2022

February 19 – White House and UK Gov attribute DDoS attacks on Ukraine to Russia’s GRU. The White House has linked the recent DDoS attacks against Ukraine ‘s banks and defense agencies to Russia’s GRU. February 15 – Ukraine: Military defense agencies and banks hit by cyberattacks.

DDOS 102

DDOS Banking Phishing Ransomware 102

Security Affairs

MAY 29, 2022

Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here.

InfoSec 136

InfoSec Spyware DDOS Firewall 136

Security Affairs

JUNE 28, 2022

Non-state actors include multinational corporations, collectives of hacktivists, non-governmental organizations (NGOs), cybercrime syndicates, private military organizations, media outlets, terrorist groups, labor unions, organized ethnic groups, lobby groups, criminal organizations, private businesses, and others.

Cyber Attacks 127

Cyber Attacks Cybercrime Telecommunications Government 127

Security Affairs

FEBRUARY 3, 2019

Cobalt cybercrime gang abused Google App Engine in recent attacks. Law enforcement worldwide hunting users of DDoS-for-Hire services. Imperva mitigated DDoS attack generated 500 Million Packets per Second, the largest ever. State Bank of India left archive with millions of Customer messages exposed. 20% discount.

DDOS 94

DDOS Data breaches Advertising Cybercrime 94

Security Affairs

MARCH 27, 2021

According to BleepingComputer, the first victim threatened with this new tactic was Flagstar Bank followed by the University of Colorado. The new technique aims at making the double-extortion tactic more efficient, crooks sent emails directly to victims’ customers found in documents stolen during the ransomware attack.

Ransomware 138

Ransomware DDOS Banking Hacking 138

Security Affairs

JULY 7, 2024

GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io

Data breaches 121

Data breaches Hacking Banking Spyware 121

Security Affairs

MAY 20, 2020

The man is known in the cybercrime underground for selling billions of stolen credentials. Sanix has been active on the cybercrime underground at least since 2018, he focuses in the sale of stolen data from organizations. The popular hacker Sanix has been arrested by the Ukrainian Secret Service (SSU).

Cybercrime 92

Cybercrime Passwords Advertising Hacking 92

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Spyware 142

Spyware Manufacturing Small Business Surveillance 142

SecureList

DECEMBER 14, 2022

For instance, according to the New York Times, in 2003, the United States made plans for a huge cyberattack to freeze billions of dollars in Saddam Hussein’s bank accounts and cripple his government before the invasion of Iraq. Taking sides: professional ransomware groups, hacktivists, and DDoS attacks.

DDOS 145

DDOS Ransomware Government Energy and Utilities 145

Security Affairs

NOVEMBER 29, 2019

Such threats, including traffic manipulation and DDoS attacks, will become much more frequent and effective due to the large number of insecure devices connected and wide bandwidth. Hacking banks around the world is the prerogative of Russian-speaking hackers: they still make up the majority of attacking groups.

Banking 124

Banking Telecommunications Marketing Internet 124

Security Affairs

NOVEMBER 20, 2021

Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here.

Banking 76

Banking Small Business Data breaches Firmware 76

CSO Magazine

MARCH 1, 2022

The group was ostensibly responsible for shutting down the API for Sberbank, one of Russia’s major banks and Kremlin-aligned Belarus’s official information policy site. Announced on February 26, the group already has nearly 200,000 users on its main Telegram channel that it uses to hand out assignments and coordinate operations.

DDOS 115

DDOS Media Hacking CSO 115

Security Affairs

DECEMBER 11, 2022

Samsung S22 hacked Sophos fixed a critical flaw in its Sophos Firewall version 19.5

Firewall 100

Firewall Banking Hacking DDOS 100

Security Affairs

SEPTEMBER 27, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT 106

IoT Banking Advertising Ransomware 106

Webroot

JANUARY 7, 2022

In particular, we witnessed an increase in distributed denial of service (DDoS) attacks and a surge in the usage of the internet of things (IoT). The cybercrime marketplace also continued to get more robust while the barrier to entry for malicious actors continued to drop. Suffice to say, a lot has been happening at once.

Cybercrime 116

Cybercrime Ransomware Phishing Cryptocurrency 116

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 98

Data breaches DDOS Ransomware Artificial Intelligence 98

Security Affairs

SEPTEMBER 12, 2021

Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

DDOS 57

DDOS Banking Cybercrime Hacking 57