Cybercrime, Hacking and Information Security

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group. co — first came online in February 2023.

Hacking

Hacking Cybercrime Advertising Data breaches

Cybercrime group FIN7 advertises new EDR bypass tool on hacking forums

Security Affairs

JULY 18, 2024

The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. SentinelOne researchers warn that the financially motivated group FIN7 is using multiple pseudonyms to advertise a security evasion tool in several criminal underground forums.

Advertising

Advertising Cybercrime Hacking Ransomware

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges.

Cybercrime

Cybercrime Ransomware Healthcare Education

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Security Affairs

NOVEMBER 21, 2024

Justice Department charged five suspects linked to the Scattered Spider cybercrime gang with wire fraud conspiracy. Justice Department charged five alleged members of the cybercrime gang Scattered Spider (also known as UNC3944 , 0ktapus ) with conspiracy to commit wire fraud. ” reads the press release published by DoJ. .

Cybercrime

Cybercrime Identity Theft Cryptocurrency Phishing

Researchers uncovered new infrastructure linked to the cybercrime group FIN7

Security Affairs

AUGUST 19, 2024

Team Cymru, Silent Push and Stark Industries Solutions researchers uncovered a new infrastructure linked to the cybercrime group FIN7. Researchers from Team Cymru identified two clusters potentially linked to the cybercrime group FIN7. ” concludes the report.

Cybercrime

Cybercrime Hacking Cybersecurity Information Security

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs

FEBRUARY 2, 2025

and Dutch authorities seized 39 domains and servers linked to the HeartSender cybercrime group based in Pakistan. A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools.

Cybercrime

Cybercrime Advertising Phishing Hacking

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by IntelBroker on a cybercrime forum was stolen from its DevHub environment.

Cybercrime

Cybercrime Data breaches Technology Banking

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.” “Thanks to you, we are now developing in the field of information security and anonymity! But that action did not name any defendants.

Cybercrime

Cybercrime Advertising IoT Malware

HPE is investigating IntelBroker’s claims of the company hack

Security Affairs

JANUARY 20, 2025

Last week, the notorious threat actor IntelBroker announced on a popular cybercrime forum the sale of data allegedly stolen from HPE. ” reads the announcement published on the cybercrime forum. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,HPE)

Hacking

Hacking Cybercrime Data breaches Information Security

Alleged Extortioner of Psychotherapy Patients Faces Trial

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime

Cybercrime Hacking Data breaches Banking

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime

Cybercrime VPN Malware Ransomware

RansomHub gang claims the hack of the telecommunications giant Frontier Communications

Security Affairs

JUNE 4, 2024

The company launched an investigation into the security breach and started operations to contain the incident. “Based on our investigation, we have determined that the third party was likely a cybercrime group, which gained access to, among other information, personally identifiable information.”

Telecommunications

Telecommunications Hacking Data breaches Cybercrime

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. Authorities in the United States, Germany, the Netherlands and the U.K.

Advertising

Advertising Cybercrime System Administration Hacking

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Security Affairs

NOVEMBER 21, 2024

Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. Today they are going to send me a report on the supposed hacking.” This is not the first time Mexico’s presidential office has been targeted in a hack involving sensitive information.

Government

Government Hacking Ransomware Insurance

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016.

Cybercrime

Cybercrime Cryptocurrency Banking Accountability

Microsoft disrupted a global cybercrime ring abusing Azure OpenAI Service

Security Affairs

MARCH 1, 2025

These individuals are members of a global cybercrime ring tracked as Storm-2139 by Microsoft. Members speculated on identities, exchanged blame, and leaked information, highlighting the lawsuit’s impact. The case demonstrates legal actions power in dismantling cybercrime networks. ” concludes the announcement.

Cybercrime

Cybercrime Technology Hacking Accountability

Four REvil Ransomware members sentenced for hacking and money laundering

Security Affairs

OCTOBER 27, 2024

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, REvil ransomware gang )

Ransomware

Ransomware Hacking Malware Cybercrime

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Krebs on Security

SEPTEMBER 24, 2022

Denis Emelyantsev , as the apparent owner of RSOCKS, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. “Thanks to you, we are now developing in the field of information security and anonymity!

Cybercrime

Cybercrime Data breaches Malware Ransomware

8Base ransomware group hacked Croatia’s Port of Rijeka

Security Affairs

DECEMBER 7, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ransomware) Grabovac pointed out that his organization will not pay the ransom requested by the ransomware gang.

Ransomware

Ransomware Hacking Accountability Cyber Attacks

Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors

Security Affairs

MAY 21, 2024

The Blackbasta extortion group claims to have hacked Atlas, one of the largest national distributors of fuel in the United States. The gang published a series of documents as proof of the hack, including people’s ID cards, data sheets, payroll payment requesters and a picture of the folder exfiltrated from the victim’s systems.

Hacking

Hacking Ransomware Phishing Malware

FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info

Security Affairs

NOVEMBER 2, 2024

A former Disney World employee hacked servers after being fired, altering prices, adding profanities, and mislabeling allergy info. A former Walt Disney World employee hacked servers after being fired by the company. He is accused of changing prices, adding profanities, and falsely labeling items as allergy-safe.

Hacking

Hacking Risk Cybercrime Information Security

A British national has been charged for his execution of a hack-to-trade scheme

Security Affairs

SEPTEMBER 30, 2024

The Department of Justice charged a British national for hacking into the systems of five U.S. The Department of Justice charged the British national Robert Westbrook (39) for hacking into the systems of five U.S. From January 2019 to May 2020, the man carried out a hack-to-trade scheme, earning over $3 million in profits.

Hacking

Hacking Accountability Passwords Cybercrime

LockBit claims the hack of the US Federal Reserve

Security Affairs

JUNE 24, 2024

Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, ransomware) “We are reaching out to known LockBit victims and encouraging anyone who suspects they were a victim to visit our Internet Crime Complaint Center at ic3.gov.”

Hacking

Hacking Banking Ransomware Encryption

Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug

Security Affairs

OCTOBER 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its Known Exploited Vulnerabilities catalog in July 2024. According to Sansec, CosmicSting (CVE-2024-34102) is the most severe bug impacting Magento and Adobe Commerce stores in two years, with hacks occurring at a rate of 3 to 5 per hour.

Hacking

Hacking Passwords Cybersecurity Cybercrime

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” ” The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data.

Hacking

Hacking Healthcare Backups Ransomware

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Security Affairs

AUGUST 16, 2024

Threat actors could exploit this flaw to inject malicious code, execute commands with system privileges, and take over devices, potentially leading to serious cybercrimes and data breaches. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Android)

Hacking

Hacking Firmware Mobile Penetration Testing

UK police arrested a 17-year-old linked to the Scattered Spider gang

Security Affairs

JULY 22, 2024

for suspected involvement in the Scattered Spider cybercrime syndicate. arrested a 17-year-old teenager from Walsall who is suspected to be a member of the Scattered Spider cybercrime group (also known as UNC3944 , 0ktapus ). Law enforcement arrested a 17-year-old boy from Walsall, U.K., Law enforcement in the U.K.

Cybercrime

Cybercrime Social Engineering Hacking Scams

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. Image: Lumen’s Black Lotus Labs. Usually, these users have no idea their systems are compromised.

Malware

Malware VPN Internet Internet

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Security Affairs

OCTOBER 14, 2024

Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. These are two of the largest and longest-running dark web platforms for the trade of illegal goods, drugs, and cybercrime services.

Marketing

Marketing Cybercrime DDOS Cryptocurrency

US offers $2.5M reward for Belarusian man involved in mass malware distribution

Security Affairs

AUGUST 28, 2024

million for information leading to the arrest and/or conviction in any country of Volodymyr Kadariya for his alleged participation in a significant malware organization.” Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, malware distribution)

Malware

Malware Computers and Electronics Cybercrime Internet

Change Healthcare data breach impacted over 100 million people

Security Affairs

OCTOBER 25, 2024

“Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat.” However, after a $22 million transaction, an affiliate publicly complained on a Russian cybercrime forum, alleging that BlackCat did not pay their fee.

Data breaches

Data breaches Healthcare Cybercrime Insurance

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Fortinet) “2025 will be a fortunate year for the world.

VPN

VPN Passwords Firewall Firmware

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

This email address is also connected to accounts on several Russian cybercrime forums, including “ __edman__ ,” who had a history of selling “logs” — large amounts of data stolen from many bot-infected computers — as well as giving away access to hacked Internet of Things (IoT) devices.

Scams

Scams DDOS Cryptocurrency Accountability

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Security Affairs

DECEMBER 4, 2024

Since 2012, Crimenetwork facilitated the sale of illegal goods and services, including drugs, forged documents, hacking tools, and stolen data. The operation was carried out by Public Prosecutor’s Office in Frankfurt am Main, the Central Office for Combating Cybercrime (ZIT), and the Federal Criminal Police Office (BKA).

Cybercrime

Cybercrime Cryptocurrency Hacking Internet

Feds indicted two alleged administrators of WWH Club dark web marketplace

Security Affairs

SEPTEMBER 8, 2024

WWH Club had over 353,000 users by 2023 and offered courses on fraud and cybercrime, generating profits through membership and tuition fees. Khodyrev and Kublitskii were also the administrators of many similar websites, including darkweb marketplaces, forums, and training centers to enable cybercrime.

Cybercrime

Cybercrime Accountability Banking Advertising

Cybersecurity giant Fortinet discloses a data breach

Security Affairs

SEPTEMBER 12, 2024

Data Breach Alert Fortinet: Threat Actor Claims Data Breach, While Company Confirms Unauthorized Access to a Third-Party Service A potential data breach at Fortinet has been detected on a hacking forum. They’ve also acquired Lacework, a cloud security company. Guess what? Their Azure Sharepoint got leaked.

Data breaches

Data breaches Cybersecurity Cybercrime Hacking

Change Healthcare data breach exposed the private data of over half the U.S.

Security Affairs

JANUARY 26, 2025

Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat. However, after a $22 million transaction, an affiliate publicly complained on a Russian cybercrime forum, alleging that BlackCat did not pay their fee.

Healthcare

Healthcare Data breaches Insurance Cybercrime

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. Recently, many cybercriminals have been creating profiles shortly before sharing information about hacks, attacks, or data leaks in France.” million mobile and fixed subscribers.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Artificial Intelligence Cybercrime

Highline Public Schools school district suspended its activities following a cyberattack

Security Affairs

SEPTEMBER 11, 2024

At this time, no cybercrime group has claimed responsibility for the attack. Unfortunately, school districts are privileged targets of cybercrime groups due to the huge amount of date they manage. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Education)

Cybercrime

Cybercrime Ransomware Education Technology

Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

Security Affairs

JULY 13, 2024

In October 2022, Swiss police arrested Penchukov in Geneva, also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. In 2012, Vyacheslav Igorevich Penchukov was accused of being a member of a cybercrime gang known as JabberZeus crew. The man was also condemned to pay $73 million in restitution.

Cybercrime

Cybercrime Banking Malware Hacking

U.S. sanctioned virtual currency exchanges Cryptex and PM2BTC for facilitating illegal activities

Security Affairs

SEPTEMBER 27, 2024

government sanctioned the virtual currency exchanges Cryptex and PM2BTC for facilitating cybercrime and money maundering. The authorities believe that these exchanges facilitate the laundering of proceeds from cybercrime. ” reads the press release published by DoJ. data breaches.

Cybercrime

Cybercrime Cryptocurrency Banking Ransomware

Hackers stole over $44 million from Asian crypto platform BingX

Security Affairs

SEPTEMBER 21, 2024

Learn more: [link] — BingX (@BingXOfficial) September 20, 2024 In a post, the company said it detected abnormal network activity on September 20, 2024, at around 04:00 (UTC+8), indicating a potential hack targeting their hot wallet. While there was a minor asset loss, the exact amount is still being calculated.

Cryptocurrency

Cryptocurrency Hacking Cybercrime Media

Dutch Police shut down bulletproof hosting provider Zservers and seized 127 servers

Security Affairs

FEBRUARY 17, 2025

In 2023, Zservers leased infrastructure, including a Russian IP address, to a Lockbit affiliate” Bulletproof hosting services enable global cybercrime by providing safe havens for threat actors. The law enforcement revealed that Zservers’ servers were in Amsterdam, and cybercrime groups like Conti and LockBit used the platform.

Cybercrime

Cybercrime Ransomware Hacking Advertising

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Cybercrime group FIN7 advertises new EDR bypass tool on hacking forums

Trending Sources

Russian Phobos ransomware operator faces cybercrime charges

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Researchers uncovered new infrastructure linked to the cybercrime group FIN7

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Administrator of RSOCKS Proxy Botnet Pleads Guilty

HPE is investigating IntelBroker’s claims of the company hack

Alleged Extortioner of Psychotherapy Patients Faces Trial

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

RansomHub gang claims the hack of the telecommunications giant Frontier Communications

Meet the Administrators of the RSOCKS Proxy Botnet

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Microsoft disrupted a global cybercrime ring abusing Azure OpenAI Service

Four REvil Ransomware members sentenced for hacking and money laundering

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

8Base ransomware group hacked Croatia’s Port of Rijeka

Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors

FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info

A British national has been charged for his execution of a hack-to-trade scheme

LockBit claims the hack of the US Federal Reserve

Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

UK police arrested a 17-year-old linked to the Scattered Spider gang

Who and What is Behind the Malware Proxy Service SocksEscort?

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

US offers $2.5M reward for Belarusian man involved in mass malware distribution

Change Healthcare data breach impacted over 100 million people

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Interview With a Crypto Scam Investment Spammer

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Feds indicted two alleged administrators of WWH Club dark web marketplace

Cybersecurity giant Fortinet discloses a data breach

Change Healthcare data breach exposed the private data of over half the U.S.

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Highline Public Schools school district suspended its activities following a cyberattack

Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

U.S. sanctioned virtual currency exchanges Cryptex and PM2BTC for facilitating illegal activities

Hackers stole over $44 million from Asian crypto platform BingX

Dutch Police shut down bulletproof hosting provider Zservers and seized 127 servers

Stay Connected