Krebs on Security

MAY 14, 2021

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. The DarkSide message includes passages apparently penned by a leader of the REvil ransomware-as-a-service platform.

Ransomware 364

Ransomware Cryptocurrency Cybercrime Healthcare 364

Schneier on Security

JANUARY 31, 2023

Chainalysis reports that worldwide ransomware payments were down in 2022. Ransomware attackers extorted at least $456.8 When we published last year’s version of this report, for example, we had only identified $602 million in ransomware payments in 2021. million from victims in 2022, down from $765.6

Ransomware 332

Ransomware Cryptocurrency Cybercrime 332

Krebs on Security

NOVEMBER 21, 2024

That Joeleoli moniker registered on the cybercrime forum OGusers in 2018 with the email address joelebruh@gmail.com , which also was used to register accounts at several websites for a Joel Evans from North Carolina. According to prosecutors, the group mainly sought to steal cryptocurrency from victim companies and their employees.

Identity Theft 252

Identity Theft Phishing Cryptocurrency Accountability 252

Krebs on Security

JUNE 15, 2021

Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. Alla Witte’s personal website — allawitte[.]nl

Cybercrime 354

Cybercrime Ransomware Passwords Banking 354

Krebs on Security

NOVEMBER 14, 2024

Shefel claims the true mastermind behind the Target and other retail breaches was Dmitri Golubov , an infamous Ukrainian hacker known as the co-founder of Carderplanet, among the earliest Russian-language cybercrime forums focused on payment card fraud. “I’m also godfather of his second son.” “Hi, how are you?”

Retail 255

Retail Advertising Cryptocurrency Marketing 255

SecureWorld News

APRIL 22, 2025

A sophisticated cybercrime campaign, dubbed Elusive Comet , has been uncovered, in which North Korean threat actors are exploiting Zoom's remote control feature to infiltrate the systems of cryptocurrency professionals. Victims are sent unsolicited invitations to join Zoom calls, often via links in phishing emails or messages.

Cryptocurrency 62

Cryptocurrency Social Engineering Cybercrime Engineering 62

Security Affairs

NOVEMBER 24, 2024

seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016. million in revenue.

Cybercrime 130

Cybercrime Cryptocurrency Banking Accountability 130

Security Affairs

APRIL 26, 2024

As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new investment opportunities and decentralized transactions.

Cryptocurrency 129

Cryptocurrency Cybercrime Education Scams 129

Webroot

MAY 4, 2021

Typically, when cryptocurrency values change, one would expect to see changes in crypto-related cybercrime. But that doesn’t necessarily mean you’ll see big spikes in ransomware or cryptojacking. As we see cryptocurrency values rise and fall, how should we interpret shifts in the threats we can expect to see?

Cryptocurrency 143

Cryptocurrency Cybercrime Marketing Ransomware 143

Krebs on Security

JANUARY 28, 2022

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. Image: Varonis. Image: Varonis. ” Meanwhile, the U.S.

Ransomware 328

Ransomware Accountability Cybercrime Malware 328

Krebs on Security

JUNE 2, 2020

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. A partial screenshot from the REvil ransomware group’s Dark Web blog. and Europe in early March.” So it’s a double vig.”

Ransomware 343

Ransomware Backups Encryption Internet 343

SecureWorld News

NOVEMBER 22, 2024

The United States Department of Justice (DOJ) has unsealed charges against five individuals accused of orchestrating sophisticated phishing campaigns tied to the notorious Scattered Spider cybercrime group. If something about the text or email you received or website you're viewing seems off, it probably is." "The

Phishing 108

Phishing Identity Theft Cryptocurrency Cybercrime 108

Krebs on Security

MARCH 5, 2024

healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. On March 1, a cryptocurrency address that security researchers had already mapped to BlackCat received a single transaction worth approximately $22 million. There are indications that U.S.

Healthcare 353

Healthcare Ransomware Scams Government 353

Krebs on Security

FEBRUARY 20, 2024

authorities have seized the darknet websites run by LockBit , a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. LockBit members have executed attacks against thousands of victims in the United States and around the world, according to the U.S.

Ransomware 325

Ransomware Cybercrime Encryption Insurance 325

Krebs on Security

MARCH 7, 2022

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. This final post on the Conti conversations explores different schemes that Conti pursued to invest in and steal cryptocurrencies.

Ransomware 268

Ransomware Cryptocurrency DDOS Scams 268

eSecurity Planet

DECEMBER 21, 2021

There are few guarantees in the IT industry, but one certainty is that as the world steps into 2022, ransomware will continue to be a primary cyberthreat. The dangers from ransomware have risen sharply since WannaCry and NotPetya hit the scene in 2017, and this year has been no different. Cryptocurrency Fuels Ransomware.

Cryptocurrency 140

Cryptocurrency Ransomware Cybercrime Social Engineering 140

Krebs on Security

JULY 8, 2019

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. Image: Malwarebytes.

Ransomware 277

Ransomware Accountability Cybercrime Passwords 277

Security Affairs

DECEMBER 21, 2024

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in NetWalker ransomware attacks. in cryptocurrency obtained from ransom payments.

Ransomware 107

Ransomware Healthcare Government Cryptocurrency 107

We Live Security

JUNE 11, 2021

Should we expect cybercriminals to ditch the pseudonymous cryptocurrency for other forms of payment that may be better at throwing law enforcement off the scent? The post Tracking ransomware cryptocurrency payments: What now for Bitcoin? appeared first on WeLiveSecurity.

Cryptocurrency 145

Cryptocurrency Ransomware Cybercrime 145

Krebs on Security

FEBRUARY 17, 2021

Secret Service and Department of Homeland Security told reporters on Wednesday the trio’s activities involved extortion, phishing, direct attacks on financial institutions and ATM networks, as well as malicious applications that masqueraded as software tools to help people manage their cryptocurrency holdings.

Cryptocurrency 329

Cryptocurrency Financial Services Banking Government 329

Security Affairs

DECEMBER 2, 2024

INTERPOL also issued a Purple Notice to warn countries about emerging fraudulent activities involving cryptocurrencies. The authorities have warned of “USDT Token Approval Scam” that allows scammers access to the victims’ cryptocurrency wallets and make unauthorized transactions. The operation led to 27 arrests and 19 indictments.

Cryptocurrency 126

Cryptocurrency Phishing Scams Cybercrime 126

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 116

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 116

Krebs on Security

MAY 13, 2024

and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Last week, the United States joined the U.K. Image: Shutterstock. The code is written in C.”

Ransomware 297

Ransomware Cybercrime Accountability Malware 297

Security Affairs

JANUARY 11, 2025

Department of Justice charged three Russian citizens with operating crypto-mixing services that helped crooks launder cryptocurrency. that helped crooks launder cryptocurrency. were allegedly used for laundering funds from ransomware and cybercrimes. laundered funds for multiple ransomware groups. and Sinbad.io

Cybercrime 72

Cybercrime Cryptocurrency Hacking Ransomware 72

Krebs on Security

MARCH 11, 2024

Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. “And yes, this is an extortion!!!! .”

Marketing 336

Marketing Scams Cryptocurrency Cybercrime 336

Krebs on Security

NOVEMBER 8, 2021

Department of Justice today announced the arrest of Ukrainian man accused of deploying ransomware on behalf of the REvil ransomware gang, a Russian-speaking cybercriminal collective that has extorted hundreds of millions from victim organizations. million in cryptocurrency sent to another REvil affiliate, and that the U.S.

Ransomware 346

Ransomware Cybercrime System Administration Passwords 346

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 109

Cryptocurrency Hacking Phishing Cyber Attacks 109

Security Affairs

JANUARY 2, 2022

North Korea-linked threat actors are behind some of the largest cyberattacks against cryptocurrency exchanges. North Korea-linked APT groups are suspected to be behind some of the largest cyberattacks against cryptocurrency exchanges. billion (2 trillion won) worth of cryptocurrency from multiple exchanges during the past five years.

Cryptocurrency 142

Cryptocurrency Cybercrime Media Government 142

Security Affairs

MARCH 24, 2025

. “In this scenario, criminals use free online document converter tools to load malware onto victims computers, leading to incidents such as ransomware.” They can also steal personal data, banking details, cryptocurrency info, emails, and passwords by scraping the files the users upload. ” continues the alert.

Malware 116

Malware Scams Identity Theft Antivirus 116

Security Affairs

NOVEMBER 17, 2024

that reboots locked devices Ymir ransomware, a new stealthy ransomware grow in the wild Amazon discloses employee data breach after May 2023 MOVEit attacks A new fileless variant of Remcos RAT observed in the wild A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine U.S.

Cryptocurrency 111

Cryptocurrency Malware Hacking Ransomware 111

SecureWorld News

MARCH 15, 2023

Alright, how many of you saw a cryptocurrency ad on TV in 2022? Now the important question: how many of you got scammed in some sort of way by cryptocurrency or another type of investment? The report shows that phishing schemes were the most common type of cybercrime reported by victims in 2022, with 300,497 complaints.

Cybercrime 136

Cybercrime Scams Cryptocurrency Identity Theft 136

Krebs on Security

SEPTEMBER 26, 2024

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash , a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. A screenshot of a website reviewing PM2BTC.

Cryptocurrency 292

Cryptocurrency Cybercrime Retail Government 292

Security Boulevard

FEBRUARY 24, 2021

In mid-February 2021, the Department of Justice shared the content of what had been a sealed indictment charging three North Korean (DPRK) hacking “operatives” with a plethora of cybercrimes, including “cyber heists and extortion schemes, targeting both traditional and cryptocurrencies.” Assistant Attorney General John C.

Cybercrime 136

Cybercrime Hacking Cryptocurrency Ransomware 136

Security Affairs

JUNE 18, 2024

Over the last few years, ransomware attacks have become one of the most prevalent and expensive forms of cybercrime. Today, this tactic has evolved, where ransomware operators in nearly every case first exfiltrate sensitive data and then threaten to publicly expose it if a ransom demand is not paid.

Ransomware 141

Ransomware Cryptocurrency Insurance Cybercrime 141

Krebs on Security

DECEMBER 8, 2021

A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. Federal Bureau of Investigation (FBI) contacted them regarding ransomware attacks that were based in Canada.

Cybercrime 330

Cybercrime Ransomware Accountability Advertising 330

Security Affairs

MARCH 15, 2025

A clipper malware is a type of malicious software designed to intercept and manipulate clipboard data, typically for cryptocurrency theft. When a victim copies a cryptocurrency wallet address, the malware replaces it with an attacker-controlled address, redirecting funds to the hacker instead of the intended recipient.

Software 114

Software Cryptocurrency Malware Encryption 114

Security Affairs

MARCH 15, 2024

US DoJ sentenced a Moldovan national (31) to 42 months in federal prison for operating the E-Root cybercrime marketplace. Diaconu was operating the E-Root cybercrime marketplace. ” The marketplace allowed buyers to pay using cryptocurrency exchange and online payment system Perfect Money.

Cybercrime 132

Cybercrime Cryptocurrency Advertising Passwords 132