Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.

Retail 254

Retail Advertising Cryptocurrency Marketing 254

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Emerging in 2007 as a banking trojan, QakBot (a.k.a. Today’s operation is not the first time the U.S. ” The DOJ said it also recovered more than 6.5

Hacking 308

Hacking Malware Ransomware Government 308

Security Affairs

DECEMBER 21, 2024

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in NetWalker ransomware attacks. in cryptocurrency obtained from ransom payments.

Ransomware 107

Ransomware Healthcare Government Cryptocurrency 107

Security Affairs

MARCH 24, 2025

. “In this scenario, criminals use free online document converter tools to load malware onto victims computers, leading to incidents such as ransomware.” They can also steal personal data, banking details, cryptocurrency info, emails, and passwords by scraping the files the users upload. ” continues the alert.

Malware 116

Malware Scams Identity Theft Antivirus 116

Krebs on Security

MARCH 5, 2024

healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. On March 1, a cryptocurrency address that security researchers had already mapped to BlackCat received a single transaction worth approximately $22 million. There are indications that U.S.

Healthcare 355

Healthcare Ransomware Scams Government 355

Krebs on Security

MARCH 7, 2022

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. This final post on the Conti conversations explores different schemes that Conti pursued to invest in and steal cryptocurrencies.

Ransomware 267

Ransomware Cryptocurrency DDOS Scams 267

Krebs on Security

JANUARY 28, 2022

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. Image: Varonis. Image: Varonis. ” Meanwhile, the U.S.

Ransomware 328

Ransomware Accountability Cybercrime Malware 328

Security Affairs

MARCH 15, 2025

A clipper malware is a type of malicious software designed to intercept and manipulate clipboard data, typically for cryptocurrency theft. When a victim copies a cryptocurrency wallet address, the malware replaces it with an attacker-controlled address, redirecting funds to the hacker instead of the intended recipient.

Software 117

Software Cryptocurrency Malware Encryption 117

Security Affairs

NOVEMBER 21, 2024

The cybercrime group Scattered Spider is suspected of hacking into hundreds of organizations over the past two years, including Twilio , LastPass , DoorDash , and Mailchimp. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts.

Cybercrime 109

Cybercrime Identity Theft Cryptocurrency Phishing 109

Security Affairs

NOVEMBER 24, 2024

seized $283,000 in cryptocurrency from an account linked to Sami as part of actions against the illicit activities of PopeyeTools. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) million in revenue.

Cybercrime 130

Cybercrime Cryptocurrency Banking Accountability 130

Security Boulevard

NOVEMBER 6, 2024

The post Schneider Electric Confirms Ransom Hack — Hellcat Demands French Bread as ‘Joke’ appeared first on Security Boulevard. That’s a lot of pain: $125,000 ransom seems small—but why do the scrotes want it paid in baguettes?

Hacking 125

Hacking Cryptocurrency Data privacy Risk 125

Security Affairs

NOVEMBER 3, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cryptocurrency 109

Cryptocurrency Hacking Phishing Cyber Attacks 109

Security Affairs

OCTOBER 13, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Over 300,000!

Malware 122

Malware DDOS Cryptocurrency Education 122

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 116

Data breaches Cryptocurrency Artificial Intelligence Cybercrime 116

Security Affairs

MARCH 13, 2025

The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025. The FBI, CISA, and MS-ISAC have issued a joint advisory detailing Medusa ransomware tactics, techniques, and indicators of compromise (IOCs) based on FBI investigations as recent as February 2025.

Ransomware 69

Ransomware Encryption Cryptocurrency Insurance 69

Krebs on Security

JULY 8, 2019

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. Image: Malwarebytes.

Ransomware 277

Ransomware Accountability Cybercrime Passwords 277

The Last Watchdog

JUNE 20, 2018

Cryptojacking, as defined by the Federal Trade Commission , is the use of JavaScript code to capture cryptocurrencies in users’ browsers without asking permission. Related: Why cryptojacking is more insidious than ransomware. LW: So cryptocurrency got discovered as the ideal payment vehicle for ransomware.

Cryptocurrency 176

Cryptocurrency Ransomware Passwords Malware 176

Security Affairs

MARCH 14, 2025

The US Justice Department announced that the LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S. The US Justice Department announced that one of the LockBit ransomware developer, Rostislav Panev (51), has been extradited to the United States. reads the press release published by DoJ.

Ransomware 64

Ransomware Cryptocurrency Small Business Malware 64

Security Affairs

APRIL 26, 2024

As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new investment opportunities and decentralized transactions.

Cryptocurrency 129

Cryptocurrency Cybercrime Education Scams 129

CyberSecurity Insiders

MARCH 10, 2022

But here’s a news piece that gives details of a ransomware group that paid $6 million in salaries last year and even tried to develop its cryptocurrency. Conti Ransomware group is the hacking group in discussion and is reported to have been led by an individual code named ‘Stern’.

Cryptocurrency 119

Cryptocurrency Ransomware Banking Hacking 119

SecureWorld News

NOVEMBER 22, 2024

The attacks have resulted in millions of dollars in theft, including cryptocurrency and sensitive corporate data, showcasing the ongoing threat of organized cybercrime. Scattered Spider has gained infamy for its high-profile cyberattacks, including the ransomware assault on MGM Casino in 2023 , which caused widespread disruption.

Phishing 102

Phishing Identity Theft Cryptocurrency Cybercrime 102

Security Affairs

DECEMBER 2, 2024

INTERPOL also issued a Purple Notice to warn countries about emerging fraudulent activities involving cryptocurrencies. The authorities have warned of “USDT Token Approval Scam” that allows scammers access to the victims’ cryptocurrency wallets and make unauthorized transactions. The operation led to 27 arrests and 19 indictments.

Cryptocurrency 126

Cryptocurrency Phishing Scams Cybercrime 126

Schneier on Security

AUGUST 15, 2018

Even a body camera with no Wi-Fi connection, like the CeeSc, can be compromised if a hacker gets physical access.

Hacking 179

Hacking Cryptocurrency Ransomware Malware 179

Security Affairs

MARCH 8, 2021

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. Researchers at 360Netlab are warning of a cryptocurrency malware campaign targeting unpatched QNAP network-attached storage (NAS) devices. Unity is an XMRig cryptocurrency miner. and Quick.tar.gz.

Cryptocurrency 139

Cryptocurrency Firmware Malware Threat Detection 139

Adam Levin

OCTOBER 10, 2018

High-profile Instagram accounts are being targeted by ransomware attacks and phishing schemes, with evidence suggesting that many account holders are paying the attackers. Your Instagram has been hacked,” the message sent to various high-profile Instagrammers reads. “[W]e This article originally appeared on LIFARS.com.

Accountability 195

Accountability Ransomware Media Phishing 195

Krebs on Security

NOVEMBER 8, 2021

Department of Justice today announced the arrest of Ukrainian man accused of deploying ransomware on behalf of the REvil ransomware gang, a Russian-speaking cybercriminal collective that has extorted hundreds of millions from victim organizations. million in cryptocurrency sent to another REvil affiliate, and that the U.S.

Ransomware 346

Ransomware Cybercrime System Administration Passwords 346

Security Affairs

JANUARY 2, 2022

North Korea-linked threat actors are behind some of the largest cyberattacks against cryptocurrency exchanges. North Korea-linked APT groups are suspected to be behind some of the largest cyberattacks against cryptocurrency exchanges. billion (2 trillion won) worth of cryptocurrency from multiple exchanges during the past five years.

Cryptocurrency 142

Cryptocurrency Cybercrime Media Government 142

Security Affairs

MARCH 3, 2020

The Department of Justice has charged the two Chinese nationals for laundering cryptocurrency for North Korea-linked APT groups. for helping North Korea-linked hackers in laundering cryptocurrency. The cryptocurrency have been stolen by the APT groups from two cryptocurrency exchanges. and Li Jiadong (???),

Cryptocurrency 139

Cryptocurrency Banking Hacking Accountability 139

Adam Levin

MAY 14, 2021

Colonial Pipeline paid roughly $5 million to the ransomware group responsible for hacking its systems, contradicting earlier claims. . Bloomberg News reported that the company paid the ransom in cryptocurrency hours after the May 7 cyberattack that shut down the country’s largest fuel pipeline.

Backups 260

Backups Cryptocurrency Ransomware Hacking 260

Krebs on Security

FEBRUARY 1, 2024

government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX , which had just filed for bankruptcy on that same day. A graphic illustrating the flow of more than $400 million in cryptocurrencies stolen from FTX on Nov. 11-12, 2022.

Cryptocurrency 296

Cryptocurrency Ransomware Retail Government 296

Security Affairs

APRIL 13, 2020

The crew behind the Sodinokibi Ransomware plans to stop accepting Bitcoin and switched on Monero cryptocurrency to hide the money trail. The gang behind the Sodinokibi Ransomware has started accepting the Monero cryptocurrency instead of Bitcoin to make it harder investigation by law enforcement agencies.

Ransomware 143

Ransomware Cryptocurrency Advertising Hacking 143

Krebs on Security

SEPTEMBER 26, 2024

The government also indicted and sanctioned a top Russian cybercriminal known as Taleon , whose cryptocurrency exchange Cryptex has evolved into one of Russia’s most active money laundering networks. ru , which periodically published hacking tools and exploits for software vulnerabilities. The links have been redacted.

Cryptocurrency 292

Cryptocurrency Cybercrime Retail Government 292

Security Affairs

JUNE 18, 2024

Over the last few years, ransomware attacks have become one of the most prevalent and expensive forms of cybercrime. Today, this tactic has evolved, where ransomware operators in nearly every case first exfiltrate sensitive data and then threaten to publicly expose it if a ransom demand is not paid.

Ransomware 141

Ransomware Cryptocurrency Insurance Cybercrime 141

Krebs on Security

MARCH 11, 2024

Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. “And yes, this is an extortion!!!! .”

Marketing 336

Marketing Scams Cryptocurrency Cybercrime 336

Security Affairs

JANUARY 7, 2021

The Ryuk ransomware had a disruptive impact on multiple industries around the world, operators already earned more than $150 million. The Ryuk ransomware gang is one of the most prolific criminal operations that caused destruction in multiple industries around the world. ” concludes the report.

Ransomware 145

Ransomware Cryptocurrency Antivirus Banking 145

Security Affairs

MAY 9, 2020

The Sodinokibi ransomware gang stolen gigabytes of legal documents from the law firm of the stars, Grubman Shire Meiselas & Sacks (GSMLaw). The Sodinokibi ransomware gang has published a screenshot of the folders they have stolen from the law firm. SecurityAffairs – Sodinokibi ransomware, hacking).

Hacking 144

Hacking Ransomware Advertising Cryptocurrency 144

Security Boulevard

FEBRUARY 24, 2021

In mid-February 2021, the Department of Justice shared the content of what had been a sealed indictment charging three North Korean (DPRK) hacking “operatives” with a plethora of cybercrimes, including “cyber heists and extortion schemes, targeting both traditional and cryptocurrencies.” Assistant Attorney General John C.

Cybercrime 136

Cybercrime Hacking Cryptocurrency Ransomware 136