Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. The Spanish police told local media that Buchanan, who allegedly went by the alias “ Tylerb ,” at one time possessed Bitcoins worth $27 million.

Identity Theft 250

Identity Theft Phishing Cryptocurrency Accountability 250

Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. The cybercrime gang focused on targeting the Web3 and decentralized finance industry. These factors make it a persistent cyber threat.

Scams 85

Scams Media Cryptocurrency Cybercrime 85

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. “They even got [a] forum to discuss things.”

Hacking 363

Hacking Energy and Utilities Cybercrime Accountability 363

Security Affairs

FEBRUARY 26, 2025

Researchers found an updated LightSpy spyware with enhanced data collection features targeting social media platforms like Facebook and Instagram. have found an updated version of the LightSpy spyware that supports an expanded set of data collection features to target social media platforms like Facebook and Instagram.

Data collection 105

Data collection Spyware Media Surveillance 105

Krebs on Security

FEBRUARY 4, 2021

At the center of the account ban wave are some of the most active members of OGUsers , a forum that caters to thousands of people selling access to hijacked social media and other online accounts. Like most cybercrime forums, OGUsers is overrun with shady characters who are there mainly to rip off other members. .”

Accountability 326

Accountability Hacking Media Mobile 326

Krebs on Security

JULY 22, 2020

The New York Times last week ran an interview with several young men who claimed to have had direct contact with those involved in last week’s epic hack against Twitter. ” Twice in the past year, the OGUsers forum was hacked , and both times its database of usernames, email addresses and private messages was leaked online.

Hacking 330

Hacking Accountability Scams Media 330

Krebs on Security

FEBRUARY 16, 2022

KrebsOnSecurity has learned that the email address used by a cybercriminal actor who offered to sell the stolen ICRC data also was used to register multiple domain names the FBI says are tied to a sprawling media influence operation originating from Iran. In their online statement about the hack (updated on Feb. “Mr. .”

Hacking 293

Hacking Ransomware Media Accountability 293

Krebs on Security

OCTOBER 17, 2024

AnonSudan ), a cybercrime business known for launching powerful distributed denial-of-service (DDoS) attacks against a range of targets, including dozens of hospitals, news websites and cloud providers. government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a.

DDOS 249

DDOS Government Internet Internet 249

Security Affairs

NOVEMBER 5, 2024

Canadian authorities arrested a suspect linked to multiple hacks following a breach of cloud data platform Snowflake earlier this year. “Canadian authorities have arrested a man suspected of being behind a string of hacks involving as many as 165 customers of Snowflake Inc., Charges remain undisclosed.

Unstructured Data 122

Unstructured Data Media Cybercrime Hacking 122

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking 235

Hacking Cybercrime Ransomware Government 235

SecureWorld News

APRIL 22, 2025

A sophisticated cybercrime campaign, dubbed Elusive Comet , has been uncovered, in which North Korean threat actors are exploiting Zoom's remote control feature to infiltrate the systems of cryptocurrency professionals. Victims are sent unsolicited invitations to join Zoom calls, often via links in phishing emails or messages.

Cryptocurrency 90

Cryptocurrency Social Engineering Cybercrime Engineering 90

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches 118

Data breaches Cybercrime Cyber Insurance Marketing 118

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 117

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 117

Krebs on Security

MARCH 10, 2020

District Court for the Southern District of California allege Firsov was the administrator of deer.io, an online platform that hosted more than 24,000 shops for selling stolen and/or hacked usernames and passwords for a variety of top online destinations. ru , a cybercrime forum in its own right that called itself “ The Antichat Mafia.”

Accountability 341

Accountability Advertising Hacking Cybercrime 341

Joseph Steinberg

OCTOBER 24, 2022

This major incident became known to the Australia’s pubic just two weeks after it learned that Optus, the country’s second-largest mobile phone network provider, was also hacked, leading to the records of nearly 10 million of its customers’ data being held for ransom by a cybercriminal.

Cybersecurity 363

Cybersecurity Social Engineering Artificial Intelligence Scams 363

Security Affairs

DECEMBER 1, 2024

Deepfakes are media content—such as videos, images, or audio—created using GAI to realistically manipulate faces, voices, or even entire events. For example, these campaigns leverage fake social media accounts to post questions and comments about divisive internal issues in the U.S.

Artificial Intelligence 134

Artificial Intelligence Phishing Media Cyber threats 134

Security Affairs

OCTOBER 29, 2024

The two infostealers allowed operators to harvest usernames, passwords, contact info, and crypto-wallets from victims, the threat actors sold this data to criminals for financial theft and hacking. Authorities from the Netherlands, the United States, Belgium, Portugal, the United Kingdom and Australia took part in the operation.

Identity Theft 126

Identity Theft Passwords Malware Banking 126

Security Affairs

OCTOBER 16, 2024

Among them, it was possible to identify tax registration, email addresses, registered domains, IP addresses, social media accounts, telephone number and city. The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec). Despite attempts to hide his identity by claiming U.S.

Data breaches 128

Data breaches Media Cybercrime Accountability 128

Krebs on Security

JANUARY 17, 2024

The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. But until recently, there wasn’t much to support a conclusion that Punchmade was actually doing the cybercrime things he promotes in his songs. Punchmade Dev’s shop.

Cybercrime 319

Cybercrime Media Banking Accountability 319

Krebs on Security

JULY 27, 2022

It’s been seven years since the online cheating site AshleyMadison.com was hacked and highly sensitive data about its users posted online. It’s also a complete lie,” the hacking group wrote. The leak led to the public shaming and extortion of many Ashley Madison users, and to at least two suicides.

Cybercrime 62

Cybercrime Hacking Media Advertising 62

SecureWorld News

MARCH 15, 2023

The FBI's Internet Crime Complaint Center (IC3) has released its 2022 Internet Crime Report , which reveals the trends and impacts of cybercrime in the United States. The report shows that phishing schemes were the most common type of cybercrime reported by victims in 2022, with 300,497 complaints.

Cybercrime 136

Cybercrime Scams Cryptocurrency Identity Theft 136

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. “It is true our accounts were hacked into but not to the extent of what is being reported. Local media reported that the threat actors that call themselves “Waste” is responsible for the attack.

Banking 142

Banking Government Accountability Hacking 142

Security Affairs

APRIL 26, 2025

” reported the media outlet KOCO 5 News. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, malware ) One of those computers was for employees only.” ” reads the hospital’s statement.

Malware 145

Malware Cybersecurity Healthcare Media 145

Security Affairs

DECEMBER 14, 2023

Microsoft’s Digital Crimes Unit seized multiple domains used by cybercrime group Storm-1152 to sell fraudulent Outlook accounts. Microsoft’s Digital Crimes Unit seized multiple domains used by a cybercrime group, tracked as Storm-1152, to sell fraudulent accounts. ” reads the announcement published by Microsoft.

Cybercrime 136

Cybercrime Accountability Media Technology 136

Malwarebytes

OCTOBER 15, 2024

Elsewhere, 60% had received election-related ads through emails, 58% through physical mailers, 55% through text messages, 40% through social media, and 29% through phone calls. A focus on cybercrime While people hold a sense of distrust for election-related ads, they also revealed another emotion towards them: Fear.

Scams 138

Scams Identity Theft Cybercrime Accountability 138

Krebs on Security

MAY 14, 2021

“Servers were seized (country not named), money of advertisers and founders was transferred to an unknown account,” reads a message from a cybercrime forum reposted to the Russian OSINT Telegram channel. The new restrictions came as some Russian cybercrime forums began distancing themselves from ransomware operations altogether.

Ransomware 364

Ransomware Cryptocurrency Cybercrime Healthcare 364

Security Affairs

APRIL 30, 2021

UNC2447 cybercrime gang exploited a zero-day in the Secure Mobile Access (SMA), addressed by SonicWall earlier this year, before the vendor released a fix. UNC2447 extortion activity employed the FIVEHANDS ransomware, the threat actors aggressively threatened victims to disclose their hack on the media to sell the data on hacker forums. .

Cybercrime 142

Cybercrime Ransomware Malware Mobile 142

Security Affairs

DECEMBER 30, 2024

“We are aware of some recent social media posts made by the actor. In October 2024, Cisco confirmed that the data posted by the notorious threat actor IntelBroker on a cybercrime forum was stolen from its DevHub environment. We have analyzed the post data, and it aligns with the known data set from October 14, 2024.”

Data breaches 125

Data breaches Cybercrime Authentication Technology 125

Security Affairs

NOVEMBER 30, 2024

Some of the malicious apps were promoted through deceptive advertising on social media. “ SpyLoan apps exploit official app stores like Google Play, deceptive branding, and social media ads to appear credible. The researchers reported the apps to Google who notified the developers that their apps violate Google Play policies.

Social Engineering 130

Social Engineering Media Mobile Scams 130

Security Affairs

NOVEMBER 10, 2024

Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Ransomware 117

Ransomware Cybercrime Phishing Banking 117

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. Abusewith[.]us

Hacking 230

Hacking Accountability Data breaches Marketing 230

Krebs on Security

JULY 26, 2023

Sachkov, 37, has been detained for nearly two years under charges that the Kremlin has kept classified and hidden from public view, and he joins a growing roster of former Russian cybercrime fighters who are now serving hard time for farcical treason convictions. Ilya Sachkov. Image: Group-IB.com. election. presidential election.

Cybersecurity 233

Cybersecurity Cybercrime Media Hacking 233

Security Affairs

NOVEMBER 23, 2024

Microsoft announced the disruption of the ONNX phishing service, another success against cybercrime which led to the seizure of 240 sites. Phishing kits are sold mainly via Telegram, complemented by instructional videos on social media platforms that guide buyers on purchasing and deploying them.

Phishing 74

Phishing Cybercrime Financial Services Media 74

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime 135

Cybercrime Computers and Electronics Hacking Banking 135

Security Affairs

OCTOBER 11, 2024

Rather than using advanced hacking techniques, they exploited systems with default credentials to compromise target networks. The group used the chatbot to receive support in Android malware development and to create a scraper for the social media platform Instagram.

Malware 137

Malware Social Engineering Engineering Hacking 137

Krebs on Security

APRIL 18, 2023

Kilmer said Faceless has emerged as one of the underground’s most reliable malware-based proxy services, mainly because its proxy network has traditionally included a great many compromised “Internet of Things” devices — such as media sharing servers — that are seldom included on malware or spam block lists.

Malware 290

Malware Passwords Accountability Advertising 290

Krebs on Security

MARCH 26, 2020

“Our continuous monitoring of underground activity revealed despite the conviction, Flint24 never left the cybercrime scene,” reads an analysis penned by Intel 471. law enforcement source who asked to remain anonymous because he was not authorized to speak to the media. authorities in 2017. authorities in 2017.

Cybercrime 320

Cybercrime Retail Banking Insurance 320