Cybercrime, DDOS and Malware - Cyber Security Informer

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Last year, the French security firm Intrinsec detailed Prospero’s connections to bulletproof services advertised on Russian cybercrime forums under the names Securehost and BEARHOST. A fake browser update page pushing mobile malware. The bulletproof hosting provider BEARHOST. Image: Ke-la.com. Image: Intrinsec.

Malware

Malware Antivirus Software DDOS

German Police Raid DDoS-Friendly Host ‘FlyHosting’

Krebs on Security

MARCH 31, 2023

Authorities in Germany this week seized Internet servers that powered FlyHosting , a dark web offering that catered to cybercriminals operating DDoS-for-hire services, KrebsOnSecurity has learned. “Police says: They support ddos attacks, C&C/C2 and stresser a bit too much. A seizure notice left on the FlyHosting domains. .

DDOS

DDOS Internet Internet Cybercrime

UK Ad Campaign Seeks to Deter Cybercrime

Krebs on Security

MAY 28, 2020

The United Kingdom’s anti-cybercrime agency is running online ads aimed at young people who search the Web for services that enable computer crimes, specifically trojan horse programs and DDoS-for-hire services. law enforcement agents in connection with various cybercrime investigations. FLATTENING THE CURVE.

Cybercrime

Cybercrime DDOS Advertising Hacking

This Service Helps Malware Authors Fix Flaws in their Code

Krebs on Security

MAY 18, 2020

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals. is cybercrime forum.

Malware

Malware Cybercrime Ransomware Marketing

MikroTik botnet relies on DNS misconfiguration to spread malware

Security Affairs

JANUARY 16, 2025

Researchers discovered a 13,000-device MikroTik botnet exploiting DNS flaws to spoof 20,000 domains and deliver malware. Infoblox researchers discovered a botnet of 13,000 MikroTik devices that exploits DNS misconfigurations to bypass email protections, spoof approximately 20,000 domains, and deliver malware.

DNS

DNS Malware Firmware Authentication

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. to , and vDOS , a DDoS-for-hire service that was shut down in 2016 after its founders were arrested. 30, the U.S.

eCommerce

eCommerce Cybercrime Accountability Passwords

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. com — which was created to phish U.S.

Malware

Malware Banking Phishing DDOS

Cloudflare blocked a record-breaking 5.6 Tbps DDoS attack

Security Affairs

JANUARY 22, 2025

terabit-per-second (Tbps) distributed denial-of-service (DDoS) attack. Terabit per second (Tbps) DDoS attack, which is the largest attack ever reported. The previous largest DDoS attack blocked by Cloudflare occurred in October 2024 and peaked at 3.8 Cloudflare announced that it has blocked a record-breaking 5.6

DDOS

DDOS Malware Internet Internet

No, Elon — X DDoS was NOT by Ukraine

Security Boulevard

MARCH 12, 2025

The post No, Elon X DDoS was NOT by Ukraine appeared first on Security Boulevard. X marks the botnet: Outage outrage was a Ukrainian cyberattack, implies our favorite African billionaire comedy villain.

DDOS

DDOS Social Engineering Cyber Attacks Media

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

Krebs on Security

SEPTEMBER 10, 2021

On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. But on Thursday DDoS protection firm Qrator Labs identified the culprit — “Meris” — a new IoT monster that first emerged at the end of June 2021. In its Aug.

IoT

IoT DDOS Internet Internet

The Dutch police took down 15 DDoS-for-hire services in a week

Security Affairs

APRIL 13, 2020

Dutch authorities have taken down 15 DDoS-for-hire services in a week, this is another success of law enforcement in the fight against cybercrime. An operation conducted by Dutch authorities last week has shut down 15 DDoS-for-hire services (aka DDoS booters or DDoS stressor), states a press release published by Dutch police.

DDOS

DDOS Cybercrime Advertising Government

Dutch police warn customers of a popular DDoS booter service

Security Affairs

OCTOBER 13, 2021

Dutch police warn customers of a distributed denial-of-service (DDoS) website of stopping using the service to avoid prosecution. Dutch police warn customers of a booter service, abused to carry out distributed denial-of-service (DDoS) attacks, of to stop using it to avoid prosecution. by carrying out DDoS attacks on March 19.

DDOS

DDOS Cybercrime IoT Hacking

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. Upon installing the threat, the bot drops a file in /tmp/.pwned

DDOS

DDOS Architecture Malware Cybercrime

HelloKitty ransomware gang also targets victims with DDoS attacks

Security Affairs

NOVEMBER 1, 2021

According to the alert, the ransomware gang is launching distributed denial-of-service (DDoS) attacks as part of its extortion activities. In some cases, if the victim does not respond quickly or does not pay the ransom, the threat actors will launch a Distributed Denial of Service (DDoS) attack on the victim company’s public facing website.”

DDOS

DDOS Ransomware Cybercrime Encryption

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware

Malware VPN Internet Internet

Zxyel Flaw Powers New Mirai IoT Botnet Strain

Krebs on Security

MARCH 20, 2020

This week, security researchers said they spotted that same vulnerability being exploited by a new variant of Mirai , a malware strain that targets vulnerable Internet of Things (IoT) devices for use in large-scale attacks and as proxies for other cybercrime activity. Image: Palo Alto Networks. Zyxel issued a patch for the flaw on Feb.

IoT

IoT DDOS VPN Firewall

Hackers breached four prominent underground cybercrime forums

Security Affairs

MARCH 6, 2021

A suspicious wave of attacks resulted in the hack of four cybercrime forums Verified, Crdclub, Exploit, and Maza since January. Since January, a series of mysterious cyberattacks that resulted in the hack of popular Russian-language cybercrime forums. The hack of the Maza cybercrime forum was also reported by researchers at Flashpoint.

Cybercrime

Cybercrime Hacking DDOS Passwords

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

In December, Canada’s Laurentian University reported a DDoS attack. Educational institutions are recommended to use anti-DDoS solutions and strong firewall settings, and partner up with ISPs. In early October, a DDoS attack was reported by the PUBG Mobile team. But it dealt with the problem in a matter of minutes.

DDOS

DDOS Cryptocurrency Marketing Internet

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 36

Security Affairs

MARCH 9, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware

Malware DDOS Hacking Ransomware

DDoS attacks in Q3 2022

SecureList

NOVEMBER 7, 2022

In Q3 2022, DDoS attacks were, more often than not, it seemed, politically motivated. As before, most news was focused on the conflict between Russia and Ukraine, but other high-profile events also affected the DDoS landscape this quarter. The attackers stated on Telegram that they were “testing a new DDoS method.”

DDOS

DDOS Computers and Electronics Internet Internet

What is a DDoS Attack?

Security Boulevard

AUGUST 3, 2022

The usual purpose of cybercrime is either to make money or defame a business; none is acceptable. But DDoS attacks are often executed to make a statement, harm a competitor, or in some cases, shut down operations while installing malware or ransomware. The number of DDoS attacks is on the rise lately; thus, companies must […].

DDOS

DDOS Cybercrime Ransomware Malware

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Artificial Intelligence Cybercrime

REvil Ransomware gang uses DDoS attacks and voice calls to make pressure on the victims

Security Affairs

MARCH 7, 2021

The REvil ransomware operators are using DDoS attacks and voice calls to journalists and victim’s business partners to force victims to pay the ransom. Malware #Ransomware #REvil REvil Ransomware launched a service for contact to news media, companies for the best pressure at no cost, and DDoS (L3, L7) as a paid service.

DDOS

DDOS Ransomware Media Malware

Trickbot spreads malware through new distribution channels

Security Affairs

OCTOBER 16, 2021

TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The operators behind the infamous TrickBot (ITG23 and Wizard Spider) malware have resurfaced with new distribution channels to deliver malicious payloads, such as Conti ransomware. ” concludes the report.

Malware

Malware Cybercrime DDOS Social Engineering

Unraveling the truth behind the DDoS attack from electric toothbrushes

Security Affairs

FEBRUARY 8, 2024

Several media reported that three million electric toothbrushes were compromised and recruited into a DDoS botnet. The Swiss newspaper Aargauer Zeitung first published the news of a DDoS attack, carried out on January 30, that involved three million compromised electric toothbrushes. Is it true? What the f is wrong with you people????

DDOS

DDOS IoT Media Internet

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware.

Cybercrime

Cybercrime Ransomware DDOS Encryption

DDoS attacks in Q1 2022

SecureList

APRIL 25, 2022

The DDoS landscape in Q1 2022 was shaped by the ongoing conflict between Russia and Ukraine: a significant part of all DDoS-related news concerned these countries. In mid-January, the website of Kyiv Mayor Vitali Klitschko was hit by a DDoS attack, and the websites of a number of Ukrainian ministries were defaced. News overview.

DDOS

DDOS Cybercrime Internet Internet

New evolving Abcbot DDoS botnet targets Linux systems

Security Affairs

NOVEMBER 13, 2021

Qihoo 360’s Netlab detailed a new evolving DDoS botnet called Abcbot with wormable capabilities that targets Linux systems. Researchers from Qihoo 360’s Netlab security team have spotted a new botnet, tracked as Abcbot, that targets Linux systems to launch distributed denial-of-service (DDoS) attacks. Pierluigi Paganini.

DDOS

DDOS Malware Passwords Cryptocurrency

AWS mitigated largest DDoS attack ever of 2.3 Tbps

Security Affairs

JUNE 17, 2020

Tbps DDoS attack, the largest ever, which surpassed the previous record of 1.7 Amazon announced it has mitigated the largest ever DDoS attack of 2.3 ” The report didn’t name the target of the DDoS attack, AWS experts only revealed that the magnitude was obtained with CLDAP reflection attack. Pierluigi Paganini.

DDOS

DDOS Advertising Internet Internet

Security Affairs newsletter Round 497 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 10, 2024

Mazda Connect flaws allow to hack some Mazda vehicles Veeam Backup & Replication exploit reused in new Frag ransomware attack Texas oilfield supplier Newpark Resources suffered a ransomware attack Palo Alto Networks warns of potential RCE in PAN-OS management interface iPhones in a law enforcement forensics lab mysteriously rebooted losing their (..)

Ransomware

Ransomware Cybercrime Phishing Banking

Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 17, 2024

Agency Warns Employees About Phone Use Amid Ongoing China Hack APT Actors Embed Malware within macOS Flutter Applications The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat Iranian “Dream Job” Campaign 11.24

Cryptocurrency

Cryptocurrency Malware Hacking Ransomware

Cloudflare Blocks Record DDoS Attack as Threats Surge

eSecurity Planet

FEBRUARY 16, 2023

Cloudflare mitigated dozens of hyper-volumetric DDoS attacks last weekend, most of them ranging from 50 to 70 million requests per second (RPS) – and the largest one exceeding 71 million RPS. DDoS attacks, on the other hand, don’t require infiltration to be effective and thus are growing in frequency and intensity.

DDOS

DDOS Ransomware Backups Cryptocurrency

Developer of DDoS Mirai based botnets sentenced to prison

Security Affairs

JUNE 26, 2020

A man accused to have developed distributed denial of service (DDoS) botnets based on the Mirai botnet was sentenced to 13 months in federal prison. Schuchman compromised hundreds of thousands of IoT devices, including home routers and IP cameras, to create multiple DDoS IoT botnets that he rented to carry out the attacks.

DDOS

DDOS IoT Advertising Internet

Dutch police shut down bulletproof service hosting tens of DDoS botnets

Security Affairs

OCTOBER 3, 2019

Dutch police seized a bulletproof hosting service in a major takedown, the infrastructure was used by tens of IoT botnets involved in DDoS attacks. The servers were hosted at an unnamed data center in Amsterdam, it was used by tens of IoT botnets involved in DDoS attacks worldwide. over a period of one year. Pierluigi Paganini.

DDOS

DDOS IoT Cybercrime Advertising

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Image: treasury.gov.

Ransomware

Ransomware Cybercrime Accountability Malware

Fake DDoS protection pages on compromised WordPress sites lead to malware infections

Security Affairs

AUGUST 21, 2022

Threat actors compromise WordPress sites to display fake Cloudflare DDoS protection pages to distribute malware. DDoS Protection pages are associated with browser checks performed by WAF/CDN services which verify if the site visitor is a human or a bot. The file poses as a tool required to bypass the DDoS verification.

DDOS

DDOS Malware Antivirus Firewall

Europol lifts the lid on cybercrime tactics

Malwarebytes

SEPTEMBER 15, 2023

The report follows the Internet Organized Crime Assessment (IOCTA), Europol’s assessment of the cybercrime landscape and how it has changed over the last 24 months. These groups work closely with other malware-as-a-service groups to compromise high-revenue targets and post huge ransom demands, running into millions of Euros.

Cybercrime

Cybercrime Ransomware DDOS Backups

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. Malware developers — no longer hiring.

Cybercrime

Cybercrime Banking Malware Ransomware

Cloudflare blocked a 2.5 Tbps DDoS attack aimed at the Minecraft server

Security Affairs

OCTOBER 13, 2022

Cloudflare mitigated a record distributed denial-of-service (DDoS) attack against Wynncraft, one of the largest Minecraft servers. Cloudflare announced it has mitigated a record distributed denial-of-service (DDoS) attack against Wynncraft, one of the largest Minecraft servers. The largest attack was a 2.5 ” continues the report.

DDOS

DDOS Threat Reports Hacking Cybercrime

Cloudflare mitigated 2 Tbps DDoS attack, the largest attack it has seen to date

Security Affairs

NOVEMBER 15, 2021

Cloudflare announced to have mitigated a distributed denial-of-service (DDoS) attack that peaked at almost 2 terabytes per second (Tbps). is an American web infrastructure and website security company that provides content delivery network and DDoS mitigation services. SecurityAffairs – hacking, DDoS). Cloudflare, Inc.

DDOS

DDOS DNS IoT Internet

Cloudflare mitigated the largest ever volumetric DDoS attack to date

Security Affairs

AUGUST 20, 2021

Web infrastructure and website security company Cloudflare announced to have mitigated the largest ever volumetric DDoS attack to date. Cloudflare, the web infrastructure and website security company, announced that it has mitigated the largest ever volumetric distributed denial of service (DDoS) attack to date.

DDOS

DDOS Telecommunications Internet Internet

New RapperBot Campaign targets game servers with DDoS attacks

Security Affairs

NOVEMBER 16, 2022

Fortinet researchers discovered new samples of RapperBot used to build a botnet to launch Distributed DDoS attacks against game servers. Fortinet FortiGuard Labs researchers have discovered new samples of the RapperBot malware that are being used to build a DDoS botnet to target game servers. ” continues the report.

DDOS

DDOS IoT Malware Architecture

PHP Vulnerability Used For Malware And DDOS Attacks

Security Boulevard

JULY 25, 2024

The cybercrime landscape has recently seen multiple threat actors exploiting a known PHP vulnerability. As per recent media reports, the vulnerability is exploited to deliver crypto miners, distributed denial-of-service (DDoS) botnets, and remote access trojans.

DDOS

DDOS Malware Cybercrime Media

Mirai botnet targets SSR devices, Juniper Networks warns

Security Affairs

DECEMBER 19, 2024

Threat actors initially compromised the devices, and then employed them in DDoS attacks. These systems have been infected with the Mirai malware and were subsequently used as a DDOS attack source to other devices accessible by their network.” ” read the report published by Juniper Networks.

DDOS

DDOS Firmware Firewall Passwords

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

German Police Raid DDoS-Friendly Host ‘FlyHosting’

Trending Sources

UK Ad Campaign Seeks to Deter Cybercrime

This Service Helps Malware Authors Fix Flaws in their Code

MikroTik botnet relies on DNS misconfiguration to spread malware

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Disneyland Malware Team: It’s a Puny World After All

Cloudflare blocked a record-breaking 5.6 Tbps DDoS attack

No, Elon — X DDoS was NOT by Ukraine

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

The Dutch police took down 15 DDoS-for-hire services in a week

Dutch police warn customers of a popular DDoS booter service

Enemybot, a new DDoS botnet appears in the threat landscape

HelloKitty ransomware gang also targets victims with DDoS attacks

Who and What is Behind the Malware Proxy Service SocksEscort?

Zxyel Flaw Powers New Mirai IoT Botnet Strain

Hackers breached four prominent underground cybercrime forums

DDoS attacks in Q4 2020

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 36

DDoS attacks in Q3 2022

What is a DDoS Attack?

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

REvil Ransomware gang uses DDoS attacks and voice calls to make pressure on the victims

Trickbot spreads malware through new distribution channels

Unraveling the truth behind the DDoS attack from electric toothbrushes

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

DDoS attacks in Q1 2022

New evolving Abcbot DDoS botnet targets Linux systems

AWS mitigated largest DDoS attack ever of 2.3 Tbps

Security Affairs newsletter Round 497 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

Cloudflare Blocks Record DDoS Attack as Threats Surge

Developer of DDoS Mirai based botnets sentenced to prison

Dutch police shut down bulletproof service hosting tens of DDoS botnets

How Did Authorities Identify the Alleged Lockbit Boss?

Fake DDoS protection pages on compromised WordPress sites lead to malware infections

Europol lifts the lid on cybercrime tactics

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

Cloudflare blocked a 2.5 Tbps DDoS attack aimed at the Minecraft server

Cloudflare mitigated 2 Tbps DDoS attack, the largest attack it has seen to date

Cloudflare mitigated the largest ever volumetric DDoS attack to date

New RapperBot Campaign targets game servers with DDoS attacks

PHP Vulnerability Used For Malware And DDOS Attacks

Mirai botnet targets SSR devices, Juniper Networks warns

Stay Connected