Cybercrime - Cyber Security Informer

Why Phishers Love New TLDs Like.shop,top and.xyz

Krebs on Security

DECEMBER 3, 2024

A study on phishing data released by Interisle Consulting finds that new gTLDs introduced in the last few years command just 11 percent of the market for new domains, but accounted for roughly 37 percent of cybercrime domains reported between September 2023 and August 2024. The top 5 new gTLDs, ranked by cybercrime domains reported.

Cybercrime

Cybercrime Phishing Accountability Internet

CrowdStrike 2025 Global Threat Report: 51-Second Breaches Shake Cybercrime

eSecurity Planet

MARCH 3, 2025

The business of cybercrime Cybercriminals are no longer disorganized hackers. The report emphasizes that modern cybercrime is not about deploying a single exploit but rather about orchestrating multifaceted campaigns that combine speed, stealth, and sophistication. Evolving tactics in a digital world: should you care?

Threat Reports

Threat Reports Cybercrime Artificial Intelligence Social Engineering

The Funnel of Justice: Why U.K. Cybercrime Victims Are Left Behind

SecureWorld News

NOVEMBER 29, 2024

New Insights from The Cyber Helpline reveal a shocking gap in the justice system for cybercrime victims in the U.K. Key insights from The Funnel of Justice report: Limited Resources: Less than 1% of police resources are dedicated to cybercrime, despite technology being involved in 58% of all crimes.

Cybercrime

Cybercrime Technology

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by IntelBroker on a cybercrime forum was stolen from its DevHub environment.

Cybercrime

Cybercrime Data breaches Technology Banking

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges.

Cybercrime

Cybercrime Ransomware Healthcare Education

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs

FEBRUARY 2, 2025

and Dutch authorities seized 39 domains and servers linked to the HeartSender cybercrime group based in Pakistan. A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools.

Cybercrime

Cybercrime Advertising Phishing Hacking

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Security Affairs

NOVEMBER 21, 2024

Justice Department charged five suspects linked to the Scattered Spider cybercrime gang with wire fraud conspiracy. Justice Department charged five alleged members of the cybercrime gang Scattered Spider (also known as UNC3944 , 0ktapus ) with conspiracy to commit wire fraud. ” reads the press release published by DoJ.

Cybercrime

Cybercrime Identity Theft Cryptocurrency Phishing

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

JANUARY 31, 2025

On January 29, the FBI and the Dutch national police seized the technical infrastructure for a cybercrime service marketed under the brands Heartsender , Fudpage and Fudtools (and many other “fud” variations). “The Cybercrime Team is on the trail of a number of buyers of the tools,” the Dutch national police said.

Phishing

Phishing Cybercrime Advertising Malware

Russia Charges Notorious Ransomware Developer in Rare Cybercrime Case

SecureWorld News

DECEMBER 3, 2024

In a surprising move related to international cybercrime, Russian authorities have charged Mikhail Matveev, also known as "Wazawaka," with creating ransomware to extort commercial organizations, according to Russian media outlet RIA. Despite U.S.

Cybercrime

Cybercrime Ransomware Healthcare Cryptocurrency

News alert: SpyCloud accelerates supply chain risk analysis with new ‘IDLink’ correlation capability

The Last Watchdog

OCTOBER 10, 2024

SpyCloud Investigations is a powerful cybercrime and identity threat investigation solution used by analysts and investigators to discover and act on threats by navigating the world’s largest repository of recaptured breach, malware, and phishing data. About SpyCloud — SpyCloud transforms recaptured darknet data to disrupt cybercrime.

Risk

Risk Cybercrime Identity Theft Phishing

DOJ, Allies Seize Cybercrime Forums Affecting 17 Million-Plus Americans

Security Boulevard

FEBRUARY 3, 2025

The post DOJ, Allies Seize Cybercrime Forums Affecting 17 Million-Plus Americans appeared first on Security Boulevard.

Cybercrime

Cybercrime Hacking Cybersecurity Network Security

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

FEBRUARY 7, 2024

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. Launched in 2001 under the tagline “Network terrorism,” Mazafaka would evolve into one of the most guarded Russian-language cybercrime communities. Mark Rasch , a former cybercrime prosecutor for the U.S. As well as the cost of my services.”

Cybercrime

Cybercrime Accountability Identity Theft Hacking

Cybercrime Rapper Sues Bank over Fraud Investigation

Krebs on Security

AUGUST 7, 2024

In January, KrebsOnSecurity wrote about rapper Punchmade Dev , whose music videos sing the praises of a cybercrime lifestyle. But until recently, there wasn’t much to support a conclusion that Punchmade was actually doing the cybercrime things he promotes in his songs.

Banking

Banking Cybercrime Accountability Retail

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Silent Push said Araneida is being advertised by an eponymous user on multiple cybercrime forums. Araneida Scanner’s Telegram channel bragging about how customers are using the service for cybercrime. The service’s Telegram channel boasts nearly 500 subscribers and explains how to use the tool for malicious purposes.

Hacking

Hacking Cybercrime Advertising Data breaches

Microsoft disrupted a global cybercrime ring abusing Azure OpenAI Service

Security Affairs

MARCH 1, 2025

These individuals are members of a global cybercrime ring tracked as Storm-2139 by Microsoft. The case demonstrates legal actions power in dismantling cybercrime networks. The defendants used exposed customer credentials scraped from public sources to unlawfully access accounts with certain generative AI services.

Cybercrime

Cybercrime Technology Hacking Accountability

U.S. Offered $10M for Hacker Just Arrested by Russia

Krebs on Security

DECEMBER 4, 2024

Matveev’s hacker identities were remarkably open and talkative on numerous cybercrime forums. image: x.com/vxunderground The golden rule of cybercrime in Russia has always been that as long as you never hack, extort or steal from Russian citizens or companies, you have little to fear of arrest. “Mother Russia will help you.

Cybercrime

Cybercrime Ransomware Cryptocurrency Government

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. Intel471 finds the user FlorainN registered across multiple cybercrime forums using the email address olivia.messla@outlook.de.

eCommerce

eCommerce Cybercrime Accountability Passwords

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016.

Cybercrime

Cybercrime Cryptocurrency Banking Accountability

Fintech Giant Finastra Investigating Data Breach

Krebs on Security

NOVEMBER 19, 2024

8, a cybercriminal using the nickname “ abyss0 ” posted on the English-language cybercrime community BreachForums that they’d stolen files belonging to some of Finastra’s largest banking clients. Importantly, for any customers who are deemed to be affected, we will be reaching out and working with them directly.”

Data breaches

Data breaches Banking Cybercrime Advertising

Nation-state actors and cybercrime gangs abuse malicious.lnk files for espionage and data theft

Security Affairs

MARCH 18, 2025

Trend ZDI researchers discovered 1,000 malicious.lnk files used by nation-state actors and cybercrime groups to execute hidden malicious commands on a victims machine by exploiting the vulnerability ZDI-CAN-25373. Since 2017, the vulnerability has been exploited by APT groups from North Korea, Iran, Russia, and China.

Cybercrime

Cybercrime Telecommunications Government Malware

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Last year, the French security firm Intrinsec detailed Prospero’s connections to bulletproof services advertised on Russian cybercrime forums under the names Securehost and BEARHOST. The bulletproof hosting provider BEARHOST. This screenshot has been machine-translated from Russian. Image: Ke-la.com.

Malware

Malware Antivirus Software DDOS

Operation Heart Blocker: International Police Disrupt Phishing Network

SecureWorld News

FEBRUARY 3, 2025

In a significant victory against cybercrime, U.S. Cybercrime as a service: an evolving threat As cybercriminals continue to develop more sophisticated and accessible tools, law enforcement agencies worldwide are struggling to keep pace. For every criminal group disrupted, multiple others remain active or emerge to take their place."

Phishing

Phishing Cybercrime Scams Authentication

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

We’ll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the world’s most visited travel website. A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans. A full, defanged list of domains is available here.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Security Affairs

OCTOBER 14, 2024

Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. These are two of the largest and longest-running dark web platforms for the trade of illegal goods, drugs, and cybercrime services.

Marketing

Marketing Cybercrime DDOS Cryptocurrency

Change Healthcare data breach impacted over 100 million people

Security Affairs

OCTOBER 25, 2024

“Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat.” However, after a $22 million transaction, an affiliate publicly complained on a Russian cybercrime forum, alleging that BlackCat did not pay their fee.

Data breaches

Data breaches Healthcare Cybercrime Insurance

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

Shefel claims the true mastermind behind the Target and other retail breaches was Dmitri Golubov , an infamous Ukrainian hacker known as the co-founder of Carderplanet, among the earliest Russian-language cybercrime forums focused on payment card fraud. “I’m also godfather of his second son.”

Retail

Retail Advertising Cryptocurrency Marketing

How Criminals Are Using Generative AI

Schneier on Security

MAY 9, 2024

There’s a new report on how criminals are using generative AI tools: Key Takeaways: Adoption rates of AI technologies among criminals lag behind the rates of their industry counterparts because of the evolving nature of cybercrime. Instead, they are jailbreaking existing ones.

Financial Services

Financial Services Cybercrime Technology Artificial Intelligence

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

The Last Watchdog

FEBRUARY 4, 2025

“SpyCloud has a long history of leading the way in understanding the cybercrime ecosystem, from our early days in world-class ATO prevention to continuing to build solutions that empower organizations to proactively protect against threats stemming from infostealer malware, phished and breach data.

Cybercrime

Cybercrime Phishing Accountability Malware

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

One English-speaking cybercriminal who goes by the nicknames “ Pwnstar ” and “ Pwnipotent ” has been selling fake EDR services on both Russian-language and English cybercrime forums. “I cannot 100% guarantee every order will go through,” Pwnstar explained. ” An ad from Pwnstar for fake EDR services.

Hacking

Hacking Accountability Government Social Engineering

'Operation Endgame' Hits Malware Delivery Platforms

Krebs on Security

MAY 30, 2024

Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Dubbed "the largest ever operation against botnets," the international effort…

Malware

Malware Cybercrime Ransomware

WordPress Plugin Exploited to Turn Legitimate Sites Into Phishing Traps

Security Boulevard

JANUARY 6, 2025

A WordPress plugin known as PhishWP, has been discovered on Russian cybercrime forums and is being exploited by cybercriminals to steal sensitive data from unsuspecting users. The post WordPress Plugin Exploited to Turn Legitimate Sites Into Phishing Traps appeared first on Security Boulevard.

Phishing

Phishing Cybercrime Cybersecurity

HPE is investigating IntelBroker’s claims of the company hack

Security Affairs

JANUARY 20, 2025

Last week, the notorious threat actor IntelBroker announced on a popular cybercrime forum the sale of data allegedly stolen from HPE. ” reads the announcement published on the cybercrime forum. HPE is probing claims by the threat actor IntelBroker who is offering to sell alleged stolen source code and data from the company.

Hacking

Hacking Cybercrime Data breaches Information Security

Spooky Spam, Scary Scams: Halloween Threats Rise

Security Boulevard

OCTOBER 29, 2024

In the first half of October alone, spam volumes increased by 18% compared to September, signaling the start of a cybercrime spike that is expected to continue through the. The post Spooky Spam, Scary Scams: Halloween Threats Rise appeared first on Security Boulevard.

Scams

Scams Cybercrime Security Awareness Phishing

Ransomware Threats, Led by FunkSec, Rise to New Heights

Security Boulevard

JANUARY 28, 2025

FunkSec, a newly identified group combining hacktivism and cybercrime, accounted for over 100 attacks (18% of the total), making it the most active group that month, ahead of Cl0p, Akira and RansomHub. Ransomware attacks surged to a record high in December 2024, with 574 incidents reported, according to an NCC Group report.

Ransomware

Ransomware Cybercrime Accountability Cybersecurity

FBI Hacker Dropped Stolen Airbus Data on 9/11

Krebs on Security

SEPTEMBER 13, 2023

The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold. In a post on the English language cybercrime forum BreachForums , USDoD leaked information on roughly 3,200 Airbus vendors, including names, addresses, phone numbers, and email addresses. But on Sept. But on Sept.

Cybercrime

Cybercrime Passwords Authentication Malware

Beyond Keylogging: HookBot’s Advanced Techniques for Data Theft

Penetration Testing

NOVEMBER 4, 2024

Netcraft’s latest research details HookBot, a sophisticated Android-based banking Trojan that’s steadily advancing its footprint in the cybercrime world.

Cybercrime

Cybercrime Banking Cybersecurity Penetration Testing

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

” Perm is the current administrator of Star Fraud , one of the more consequential cybercrime communities on Telegram and one that has emerged as a foundry of innovation in voice phishing attacks. As we’ll see in a moment, that phishing kit is operated and rented out by a cybercriminal known as “ Perm ” a.k.a.

Phishing

Phishing Cryptocurrency Accountability Social Engineering

Change Healthcare data breach exposed the private data of over half the U.S.

Security Affairs

JANUARY 26, 2025

Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat. However, after a $22 million transaction, an affiliate publicly complained on a Russian cybercrime forum, alleging that BlackCat did not pay their fee.

Healthcare

Healthcare Data breaches Insurance Cybercrime

Breaking Down The Blue Yonder Cyberattack

Security Boulevard

JANUARY 2, 2025

In a recent podcast interview with Cybercrime Magazine's host, Charlie Osborne, Scott Schober, Cyber Expert, Author of "Hacked Again," and CEO of Berkeley Varitronics Systems, discusses the recent cyberattack on Blue Yonder, including how the incident impacted supply chains, effective steps an organization can take after a ransomware attack, and more. (..)

Cybercrime

Cybercrime Ransomware Hacking

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Security Affairs

DECEMBER 4, 2024

The operation was carried out by Public Prosecutor’s Office in Frankfurt am Main, the Central Office for Combating Cybercrime (ZIT), and the Federal Criminal Police Office (BKA). Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime) Now in custody.

Cybercrime

Cybercrime Cryptocurrency Hacking Internet

U.S. cannabis dispensary STIIIZY disclosed a data breach

Security Affairs

JANUARY 11, 2025

. “On November 20, 2024, we were notified by a vendor of point-of-sale processing services for some of our retail locations that accounts with their organization had been compromised by an organized cybercrime group.” ” reads the notice of data breach published by the company on its website.

Data breaches

Data breaches Retail Cybercrime Government

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking

Hacking Cybercrime Phishing Passwords

Video: What Is Quishing & How to Protect Your Personal Information

eSecurity Planet

NOVEMBER 25, 2024

Quishing (QR code phishing) is a cybercrime tactic where cybercriminals exploit deceptive QR codes to trick unsuspecting individuals. Learn how to recognize the warning signs of quishing attacks and protect yourself from this growing threat to safeguard your personal information.

Cybercrime

Cybercrime Phishing

Video: Salt Typhoon Hacks Major Telecom Giants Using Malware

eSecurity Planet

DECEMBER 4, 2024

In this video, we delve into the world of cybercrime with our feature on the Salt Typhoon incident, where hackers successfully breached major telecommunications companies. With expert commentary and in-depth analysis, this video is essential viewing for anyone interested in cybersecurity, tech news, or protecting their digital privacy.

Hacking

Hacking Malware Telecommunications Cybercrime

Why Phishers Love New TLDs Like.shop,top and.xyz

CrowdStrike 2025 Global Threat Report: 51-Second Breaches Shake Cybercrime

Trending Sources

The Funnel of Justice: Why U.K. Cybercrime Victims Are Left Behind

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Russian Phobos ransomware operator faces cybercrime charges

Law enforcement seized the domains of HeartSender cybercrime marketplaces

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Russia Charges Notorious Ransomware Developer in Rare Cybercrime Case

News alert: SpyCloud accelerates supply chain risk analysis with new ‘IDLink’ correlation capability

DOJ, Allies Seize Cybercrime Forums Affecting 17 Million-Plus Americans

From Cybercrime Saul Goodman to the Russian GRU

Cybercrime Rapper Sues Bank over Fraud Investigation

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Microsoft disrupted a global cybercrime ring abusing Azure OpenAI Service

U.S. Offered $10M for Hacker Just Arrested by Russia

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Fintech Giant Finastra Investigating Data Breach

Nation-state actors and cybercrime gangs abuse malicious.lnk files for espionage and data theft

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Operation Heart Blocker: International Police Disrupt Phishing Network

Booking.com Phishers May Leave You With Reservations

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Change Healthcare data breach impacted over 100 million people

An Interview With the Target & Home Depot Hacker

How Criminals Are Using Generative AI

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

FBI: Spike in Hacked Police Emails, Fake Subpoenas

'Operation Endgame' Hits Malware Delivery Platforms

WordPress Plugin Exploited to Turn Legitimate Sites Into Phishing Traps

HPE is investigating IntelBroker’s claims of the company hack

Spooky Spam, Scary Scams: Halloween Threats Rise

Ransomware Threats, Led by FunkSec, Rise to New Heights

FBI Hacker Dropped Stolen Airbus Data on 9/11

Beyond Keylogging: HookBot’s Advanced Techniques for Data Theft

A Day in the Life of a Prolific Voice Phishing Crew

Change Healthcare data breach exposed the private data of over half the U.S.

Breaking Down The Blue Yonder Cyberattack

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

U.S. cannabis dispensary STIIIZY disclosed a data breach

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Video: What Is Quishing & How to Protect Your Personal Information

Video: Salt Typhoon Hacks Major Telecom Giants Using Malware

Stay Connected