Cybercrime, Hacking and Information Security

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group. co — first came online in February 2023.

Hacking

Hacking Cybercrime Advertising Data breaches

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

This approach reflects the as-a-service logic already prevalent in other areas of the cybercrime sector, significantly reducing the level of technical knowledge needed by those wishing to access this confidential data.

Cybercrime

Cybercrime Social Engineering Accountability Government

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges.

Cybercrime

Cybercrime Ransomware Healthcare Education

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Security Affairs

NOVEMBER 21, 2024

Justice Department charged five suspects linked to the Scattered Spider cybercrime gang with wire fraud conspiracy. Justice Department charged five alleged members of the cybercrime gang Scattered Spider (also known as UNC3944 , 0ktapus ) with conspiracy to commit wire fraud. ” reads the press release published by DoJ. .

Cybercrime

Cybercrime Identity Theft Cryptocurrency Phishing

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs

FEBRUARY 2, 2025

and Dutch authorities seized 39 domains and servers linked to the HeartSender cybercrime group based in Pakistan. A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools.

Cybercrime

Cybercrime Advertising Phishing Hacking

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by IntelBroker on a cybercrime forum was stolen from its DevHub environment.

Cybercrime

Cybercrime Data breaches Technology Banking

HPE is investigating IntelBroker’s claims of the company hack

Security Affairs

JANUARY 20, 2025

Last week, the notorious threat actor IntelBroker announced on a popular cybercrime forum the sale of data allegedly stolen from HPE. ” reads the announcement published on the cybercrime forum. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,HPE)

Hacking

Hacking Cybercrime Data breaches Information Security

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Security Affairs

NOVEMBER 21, 2024

Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. Today they are going to send me a report on the supposed hacking.” This is not the first time Mexico’s presidential office has been targeted in a hack involving sensitive information.

Government

Government Hacking Ransomware Insurance

A member of the Scattered Spider cybercrime group pleads guilty

Security Affairs

APRIL 7, 2025

A 20-year-old man linked to the Scattered Spider cybercrime group has pleaded guilty to charges filed in Florida and California. ” Source News4Jax The charges relate to his alleged role in the Scattered Spider cybercrime group (also known as UNC3944 , 0ktapus ). .” ” reported News4Jax.

Cybercrime

Cybercrime Identity Theft Social Engineering Hacking

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016.

Cybercrime

Cybercrime Cryptocurrency Banking Accountability

Four REvil Ransomware members sentenced for hacking and money laundering

Security Affairs

OCTOBER 27, 2024

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, REvil ransomware gang )

Ransomware

Ransomware Hacking Malware Cybercrime

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Security Affairs

APRIL 10, 2025

The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack. The incident has raised serious concerns about the security of Oracles cloud infrastructure and the potential implications for affected customers.

Hacking

Hacking Data breaches Encryption Passwords

8Base ransomware group hacked Croatia’s Port of Rijeka

Security Affairs

DECEMBER 7, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ransomware) Grabovac pointed out that his organization will not pay the ransom requested by the ransomware gang.

Ransomware

Ransomware Hacking Accountability Cyber Attacks

FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info

Security Affairs

NOVEMBER 2, 2024

A former Disney World employee hacked servers after being fired, altering prices, adding profanities, and mislabeling allergy info. A former Walt Disney World employee hacked servers after being fired by the company. He is accused of changing prices, adding profanities, and falsely labeling items as allergy-safe.

Hacking

Hacking Risk Cybercrime Information Security

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” ” The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data.

Hacking

Hacking Healthcare Backups Ransomware

Microsoft disrupted a global cybercrime ring abusing Azure OpenAI Service

Security Affairs

MARCH 1, 2025

These individuals are members of a global cybercrime ring tracked as Storm-2139 by Microsoft. Members speculated on identities, exchanged blame, and leaked information, highlighting the lawsuit’s impact. The case demonstrates legal actions power in dismantling cybercrime networks. ” concludes the announcement.

Cybercrime

Cybercrime Technology Hacking Accountability

Operation Talent: An international law enforcement operation seized Cracked, Nulled and other cybercrime websites

Security Affairs

JANUARY 30, 2025

An international law enforcement operation targeted several major cybercrime websites, including Cracked, Nulled, Sellix, and StarkRDP. An international law enforcement operation led by Europol, code-named Operation Talent, dismantled several major cybercrime sites, including Cracked, Nulled, Sellix, and StarkRDP. and Nulled.to.”

Cybercrime

Cybercrime Hacking Cryptocurrency Phishing

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Security Affairs

OCTOBER 14, 2024

Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. These are two of the largest and longest-running dark web platforms for the trade of illegal goods, drugs, and cybercrime services.

Marketing

Marketing Cybercrime DDOS Cryptocurrency

Change Healthcare data breach impacted over 100 million people

Security Affairs

OCTOBER 25, 2024

“Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat.” However, after a $22 million transaction, an affiliate publicly complained on a Russian cybercrime forum, alleging that BlackCat did not pay their fee.

Data breaches

Data breaches Healthcare Cybercrime Insurance

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Fortinet) “2025 will be a fortunate year for the world.

VPN

VPN Passwords Firewall Firmware

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Security Affairs

DECEMBER 4, 2024

Since 2012, Crimenetwork facilitated the sale of illegal goods and services, including drugs, forged documents, hacking tools, and stolen data. The operation was carried out by Public Prosecutor’s Office in Frankfurt am Main, the Central Office for Combating Cybercrime (ZIT), and the Federal Criminal Police Office (BKA).

Cybercrime

Cybercrime Cryptocurrency Hacking Internet

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

Security Affairs

APRIL 2, 2025

FIN7 cybercrime group has been linked to Anubis, a Python-based backdoor that provides remote access to compromised Windows systems. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Anubis backdoor)

Antivirus

Antivirus Cybercrime Malware Encryption

Operation PowerOFF took down 27 DDoS platforms across 15 countries

Security Affairs

DECEMBER 12, 2024

Law enforcement globally targets these services to combat cybercrime. The police are taking tough action against cybercrime, in whatever form. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, Operation PowerOFF) The police are also present on the web.”

DDOS

DDOS Cybercrime Marketing Hacking

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware) .” The group uses an ARCrypter ransomware variant, derived from Babuks leaked code , to encrypt files after infiltrating a network.

Ransomware

Ransomware Hacking Social Engineering VPN

Change Healthcare data breach exposed the private data of over half the U.S.

Security Affairs

JANUARY 26, 2025

Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat. However, after a $22 million transaction, an affiliate publicly complained on a Russian cybercrime forum, alleging that BlackCat did not pay their fee.

Healthcare

Healthcare Data breaches Insurance Cybercrime

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. Recently, many cybercriminals have been creating profiles shortly before sharing information about hacks, attacks, or data leaks in France.” million mobile and fixed subscribers.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

Canadian authorities arrested alleged Snowflake hacker

Security Affairs

NOVEMBER 5, 2024

Canadian authorities arrested a suspect linked to multiple hacks following a breach of cloud data platform Snowflake earlier this year. “Canadian authorities have arrested a man suspected of being behind a string of hacks involving as many as 165 customers of Snowflake Inc., Charges remain undisclosed.

Unstructured Data

Unstructured Data Media Cybercrime Hacking

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Cybercrime Artificial Intelligence

Operation Serengeti: INTERPOL arrested 1,006 suspects in 19 African countries

Security Affairs

NOVEMBER 27, 2024

From multi-level marketing scams to credit card fraud on an industrial scale, the increasing volume and sophistication of cybercrime attacks is of serious concern.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Operation Serengeti)

Scams

Scams Cybercrime Ransomware Cyber threats

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

The two infostealers allowed operators to harvest usernames, passwords, contact info, and crypto-wallets from victims, the threat actors sold this data to criminals for financial theft and hacking. Authorities from the Netherlands, the United States, Belgium, Portugal, the United Kingdom and Australia took part in the operation.

Identity Theft

Identity Theft Malware Passwords Banking

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. Abusewith[.]us

Hacking

Hacking Accountability Data breaches Marketing

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 3, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cryptocurrency

Cryptocurrency Hacking Phishing Cyber Attacks

Russian authorities arrest three suspects behind Mamont Android banking trojan

Security Affairs

MARCH 28, 2025

” The authorities linked the three suspects to over 300 cybercrimes, the police seized servers, computers, storage devices, and bank cards. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Mamont)

Banking

Banking Computers and Electronics Mobile Malware

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Security Affairs

MARCH 21, 2025

Strategic Cyber Warfare In geopolitical conflicts, access to Telegram accounts and devices could provide military and intelligence advantages, such as intercepting sensitive communications, and identifying informants. Zero-day prices have risen as the level of security of messaging apps and mobile devices becomes harder to hack.

Government

Government Surveillance Mobile Hacking

Banshee macOS stealer supports new evasion mechanisms

Security Affairs

JANUARY 10, 2025

The malicious code was advertised on cybercrime forums for $3,000 per month. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Banshee Stealer) The malware can collect cookies, logins and browsing history, but from Safari only cookies can be collected.

Malware

Malware Advertising Antivirus Cybercrime

Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)

Security Affairs

MARCH 27, 2025

Arkana Security, a new ransomware group, claims to have breached the telecommunications provider WideOpenWest (WOW!). The new ransomware group Arkana Security claims to have hacked US telecom provider WOW!, stealing customer data. WideOpenWest (WOW!) ” WOW! has not yet confirmed the alleged data breach.

Hacking

Hacking Telecommunications Data breaches Internet

DoJ charged three Russian citizens with operating crypto-mixing services

Security Affairs

JANUARY 11, 2025

By allegedly operating these mixers, the defendants made it easier for state-sponsored hacking groups and other cybercriminals to profit from offenses that jeopardized both public safety and national security. were allegedly used for laundering funds from ransomware and cybercrimes. Blender.io and Sinbad.io Blender.io

Cybercrime

Cybercrime Cryptocurrency Hacking Ransomware

The controversial case of the threat actor EncryptHub

Security Affairs

APRIL 7, 2025

Microsoft credited controversial actor EncryptHub, a lone actor with ties to cybercrime, for reporting two Windows flaws. In 2024, he shifted to cybercrime, starting with low-level roles in vishing and ransomware, later moving into malware and vulnerability research that drew wide attention.

Cybercrime

Cybercrime Malware Hacking VPN

Interpol: Operation HAECHI-V led to more than 5,500 suspects arrested

Security Affairs

DECEMBER 2, 2024

The borderless nature of cybercrime means international police cooperation is essential, and the success of this operation supported by INTERPOL shows what results can be achieved when countries work together. ” said INTERPOL Secretary General Valdecy Urquiza.

Cryptocurrency

Cryptocurrency Phishing Scams Cybercrime

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.” “Thanks to you, we are now developing in the field of information security and anonymity! But that action did not name any defendants.

Cybercrime

Cybercrime Advertising IoT Malware

Internet Archive was breached twice in a month

Security Affairs

OCTOBER 21, 2024

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. At this time, no one has claimed responsibility for this security breach.

Internet

Internet Internet Data breaches Authentication

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

The investigation began in early 2024 after data stolen from a Madrid business association was leaked on dark web cybercrime forums. The hacker claimed responsibility for the attacks on multiple cybercrime forums under different monikers to avoid being identified. ” continues the press release. ” concludes the statement.

Cybercrime

Cybercrime Government Data breaches Information Security

Dutch Police shut down bulletproof hosting provider Zservers and seized 127 servers

Security Affairs

FEBRUARY 17, 2025

In 2023, Zservers leased infrastructure, including a Russian IP address, to a Lockbit affiliate” Bulletproof hosting services enable global cybercrime by providing safe havens for threat actors. The law enforcement revealed that Zservers’ servers were in Amsterdam, and cybercrime groups like Conti and LockBit used the platform.

Cybercrime

Cybercrime Ransomware Hacking Advertising

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

EDR-as-a-Service makes the headlines in the cybercrime landscape

Trending Sources

Russian Phobos ransomware operator faces cybercrime charges

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

HPE is investigating IntelBroker’s claims of the company hack

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

A member of the Scattered Spider cybercrime group pleads guilty

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Four REvil Ransomware members sentenced for hacking and money laundering

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

8Base ransomware group hacked Croatia’s Port of Rijeka

FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Microsoft disrupted a global cybercrime ring abusing Azure OpenAI Service

Operation Talent: An international law enforcement operation seized Cracked, Nulled and other cybercrime websites

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Change Healthcare data breach impacted over 100 million people

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

Operation PowerOFF took down 27 DDoS platforms across 15 countries

Cloak ransomware group hacked the Virginia Attorney General’s Office

Change Healthcare data breach exposed the private data of over half the U.S.

France’s second-largest telecoms provider Free suffered a cyber attack

Canadian authorities arrested alleged Snowflake hacker

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Operation Serengeti: INTERPOL arrested 1,006 suspects in 19 African countries

International law enforcement operation dismantled RedLine and Meta infostealers

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

Russian authorities arrest three suspects behind Mamont Android banking trojan

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Banshee macOS stealer supports new evasion mechanisms

Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)

DoJ charged three Russian citizens with operating crypto-mixing services

The controversial case of the threat actor EncryptHub

Interpol: Operation HAECHI-V led to more than 5,500 suspects arrested

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Internet Archive was breached twice in a month

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Dutch Police shut down bulletproof hosting provider Zservers and seized 127 servers

Stay Connected