Cybercrime, Hacking and Web Fraud - Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking

Hacking Accountability Government Social Engineering

Crime Shop Sells Hacked Logins to Other Crime Shops

Krebs on Security

JANUARY 21, 2022

Criminals ripping off other crooks is a constant theme in the cybercrime underworld; Accountz Club’s slogan — “the best autoshop for your favorite shops’ accounts” — just normalizes this activity by making logins stolen from users of various cybercrime shops for sale at a fraction of their account balances.

Hacking

Hacking Cybercrime Passwords Authentication

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking

Hacking Phishing Cybercrime Passwords

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

We’ll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the world’s most visited travel website. One post last month on the Russian-language hacking forum BHF offered up to $5,000 for each hotel account.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Pompompurin has been a thorn in the side of the FBI for years.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

” Perm is the current administrator of Star Fraud , one of the more consequential cybercrime communities on Telegram and one that has emerged as a foundry of innovation in voice phishing attacks. As we’ll see in a moment, that phishing kit is operated and rented out by a cybercriminal known as “ Perm ” a.k.a.

Phishing

Phishing Cryptocurrency Accountability Social Engineering

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Krebs on Security

FEBRUARY 4, 2021

Facebook told KrebsOnSecurity it seized hundreds of accounts — mainly on Instagram — that have been stolen from legitimate users through a variety of intimidation and harassment tactics, including hacking, coercion, extortion, sextortion , SIM swapping , and swatting. THE MIDDLEMEN.

Accountability

Accountability Hacking Media Mobile

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

men have been charged with hacking into a U.S. The complaint doesn’t specify which agency portal was hacked, but it does state that the portal included access to law enforcement databases that track narcotics seizures in the United States. federal government portal without authorization. ” Image: USDOJ.

Hacking

Hacking Government Media Accountability

15-Year-Old Malware Proxy Network VIP72 Goes Dark

Krebs on Security

SEPTEMBER 1, 2021

Over the past 15 years, a cybercrime anonymity service known as VIP72 has enabled countless fraudsters to mask their true location online by routing their traffic through millions of malware-infected systems. based Internet address for more than a decade — a remarkable achievement for such a high-profile cybercrime service.

Malware

Malware Cybercrime Internet Internet

This Service Helps Malware Authors Fix Flaws in their Code

Krebs on Security

MAY 18, 2020

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems.

Malware

Malware Cybercrime Ransomware Marketing

‘ValidCC,’ a Major Payment Card Bazaar and Looter of E-Commerce Sites, Shuttered

Krebs on Security

FEBRUARY 2, 2021

ValidCC , a dark web bazaar run by a cybercrime group that for more than six years hacked online merchants and sold stolen payment card data, abruptly closed up shop last week. “UltraRank combined attacks on single targets with supply chain attacks.” We did not take this decision lightly!”

Cybercrime

Cybercrime Media Accountability Hacking

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Krebs on Security

JANUARY 17, 2024

The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. But until recently, there wasn’t much to support a conclusion that Punchmade was actually doing the cybercrime things he promotes in his songs. Punchmade Dev’s shop.

Cybercrime

Cybercrime Media Banking Accountability

How Cybercriminals are Weathering COVID-19

Krebs on Security

APRIL 30, 2020

In a report published today, the company said since late March 2020 it has observed several crooks complaining about COVID-19 interfering with the daily activities of their various money mules (people hired to help launder the proceeds of cybercrime). ” Alex Holden , founder and CTO of Hold Security , agreed.

Cybercrime

Cybercrime Computers and Electronics Marketing Scams

When Efforts to Contain a Data Breach Backfire

Krebs on Security

AUGUST 16, 2022

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. This identity has been highly active on Breached and its predecessor RaidForums for more than two years, mostly selling databases from hacked Mexican entities.

Data breaches

Data breaches Banking Cybercrime Marketing

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash , a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The answer involved Bitcoin, but also Taleon’s new service.

Cryptocurrency

Cryptocurrency Cybercrime Retail Government

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Krebs on Security

NOVEMBER 2, 2023

One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Services like SWAT are known as “Drops for stuff” on cybercrime forums. The login page for the criminal reshipping service SWAT USA Drop. “SwatVerified.”

Cybercrime

Cybercrime Marketing Scams Retail

Who’s Behind the SWAT USA Reshipping Service?

Krebs on Security

NOVEMBER 6, 2023

Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure.

Passwords

Passwords Cybercrime Accountability Hacking

No SOCKS, No Shoes, No Malware Proxy Services!

Krebs on Security

AUGUST 2, 2022

With the recent demise of several popular “proxy” services that let cybercriminals route their malicious traffic through hacked PCs, there is now something of a supply chain crisis gripping the underbelly of the Internet. Last week, a seven-year-old proxy service called 911[.]re Image: Spur.us. The disruption at 911[.]re

Malware

Malware Cybercrime Internet Internet

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

JULY 29, 2022

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source.

Cybercrime

Cybercrime Software VPN Backups

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

But judging from the proliferation of help-wanted ads for offensive pentesters in the cybercrime underground, today’s attackers have exactly zero trouble gaining that initial intrusion: The real challenge seems to be hiring enough people to help everyone profit from the access already gained. THE DOCTOR IS IN.

Cybercrime

Cybercrime VPN Malware Ransomware

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. biz , a long-running crypting service that is trusted by some of the biggest names in cybercrime.

Malware

Malware Antivirus Cybercrime Hacking

The Life Cycle of a Breached Database

Krebs on Security

JULY 29, 2021

Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another. “If you were to look [on cybercrime forums] at the past history of people posting about that Ledger database, you’d see people were selling it privately for months prior to that,” Nixon said.

Passwords

Passwords Password Management Phishing Scams

Hoax Email Blast Abused Poor Coding in FBI Website

Krebs on Security

NOVEMBER 13, 2021

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. ” In an interview with KrebsOnSecurity, Pompompurin said the hack was done to point out a glaring vulnerability in the FBI’s system.

Internet

Internet Internet Hacking Accountability

Would You Have Fallen for This Phone Scam?

Krebs on Security

APRIL 28, 2020

The request for the last four of the customer’s credit card number was consistent with my own testing, which relied upon on a caller ID spoofing service advertised in the cybercrime underground and aimed at a Citi account controlled by this author. A screen shot from an underground store selling CVV records. Click to enlarge.

Scams

Scams Banking Accountability Financial Services

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

” MRMURZA Faceless is a project from MrMurza , a particularly talkative member of more than a dozen Russian-language cybercrime forums over the past decade. MrMurza’s Faceless advertised on the Russian-language cybercrime forum ProCrd. Image: Darkbeast/Ke-la.com. In 2013, U.S.

Malware

Malware Passwords Accountability Advertising

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Krebs on Security

SEPTEMBER 2, 2021

Here’s the story of a cybercrime group that compromises up to 100,000 email inboxes per day, and apparently does little else with this access except siphon gift card and customer loyalty program data that can be resold online. ” On top of that, it’s also difficult to know how much activity you’re not seeing.

Accountability

Accountability Authentication Passwords Hacking

That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards

Krebs on Security

NOVEMBER 13, 2018

.” The report tracks the work of Magecart — the name given to a collective of at least seven cybercrime groups involved in hacking Web sites to steal payment card data. which looked at a network of hacked sites that fit the Magecart profile.

Accountability

Accountability eCommerce Cybercrime Advertising

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. Image: Lumen’s Black Lotus Labs. Usually, these users have no idea their systems are compromised.

Malware

Malware VPN Internet Internet

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Krebs on Security

MARCH 31, 2022

At issue are forged “emergency data requests,” (EDRs) sent through hacked police or government agency email accounts. ” Tuesday’s story showed how fraudulently obtained EDRs were a tool used by members of LAPSUS$ , the data extortion group that recently hacked Microsoft , NVIDIA , Okta and Samsung.

Government

Government Accountability Education Media

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, the government alleges. had some personal problems and checked himself into rehab.

Cryptocurrency

Cryptocurrency Government Internet Internet

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

Krebs on Security

MARCH 29, 2022

The reality that teenagers are now impersonating law enforcement agencies to subpoena privileged data on their targets at whim is evident in the dramatic backstory behind LAPSUS$ , the data extortion group that recently hacked into some of the world’s most valuable technology companies , including Microsoft , Okta , NVIDIA and Vodafone.

Accountability

Accountability Government Hacking Social Engineering

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

This email address is also connected to accounts on several Russian cybercrime forums, including “ __edman__ ,” who had a history of selling “logs” — large amounts of data stolen from many bot-infected computers — as well as giving away access to hacked Internet of Things (IoT) devices.

Scams

Scams DDOS Cryptocurrency Accountability

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. ” Exactly what that “new work” might entail, Saim Raza wouldn’t say. ” A number of questions, indeed.

Phishing

Phishing Cybercrime Malware Advertising

RaidForums Gets Raided, Alleged Admin Arrested

Krebs on Security

APRIL 12, 2022

Department of Justice (DOJ) said today it seized the website and user database for RaidForums , an extremely popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the world’s largest data breaches since 2015. Not all of those undercover buys went as planned.

Government

Government Identity Theft Mobile Data breaches

The Link Between AWM Proxy & the Glupteba Botnet

Krebs on Security

JUNE 28, 2022

That same day, AWM Proxy — a 14-year-old anonymity service that rents hacked PCs to cybercriminals — suddenly went offline. Launched in March 2008, AWM Proxy quickly became the largest service for crooks seeking to route their malicious Web traffic through compromised devices.

Passwords

Passwords Malware Internet Internet

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device.

Mobile

Mobile Phishing Authentication Advertising

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries. One of this user’s Facebook pages says Rizky is the chief executive officer and founder of an entity called BandungXploiter , whose Facebook page indicates it is a group focused mainly on hacking and defacing websites.

Phishing

Phishing Passwords Internet Internet

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

First spotted in mid-August 2022 , Venus is known for hacking into victims’ publicly-exposed Remote Desktop services to encrypt Windows devices. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S. healthcare organizations. “They are targeting a lot of U.S.

Healthcare

Healthcare Backups Ransomware Insurance

Crime Shop Sells Hacked Logins to Other Crime Shops

Security Boulevard

JANUARY 21, 2022

The post Crime Shop Sells Hacked Logins to Other Crime Shops appeared first on Security Boulevard.

Hacking

Hacking Cybercrime Authentication Accountability

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Security Boulevard

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum.

Hacking

Hacking Cybercrime Accountability Web Fraud

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Krebs on Security

APRIL 27, 2022

When KrebsOnSecurity recently explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media firms and technology providers, many security experts called it a fundamentally unfixable problem.

Mobile

Mobile Government Media Technology

Hoax Email Blast Abused Poor Coding in FBI Website

Security Boulevard

NOVEMBER 13, 2021

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation.

Cybercrime

Cybercrime Internet Internet Web Fraud

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

While MGM was still trying to evict the intruders from its systems, an individual who claimed to have firsthand knowledge of the hack contacted multiple media outlets to offer interviews about how it all went down. ’s West Midlands Police as part of a joint investigation with the FBI into the MGM hack.

Cybercrime

Cybercrime Accountability Mobile Hacking

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Crime Shop Sells Hacked Logins to Other Crime Shops

Trending Sources

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Booking.com Phishers May Leave You With Reservations

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

A Day in the Life of a Prolific Voice Phishing Crew

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Two U.S. Men Charged in 2022 Hacking of DEA Portal

15-Year-Old Malware Proxy Network VIP72 Goes Dark

This Service Helps Malware Authors Fix Flaws in their Code

‘ValidCC,’ a Major Payment Card Bazaar and Looter of E-Commerce Sites, Shuttered

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

How Cybercriminals are Weathering COVID-19

When Efforts to Contain a Data Breach Backfire

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Who’s Behind the SWAT USA Reshipping Service?

No SOCKS, No Shoes, No Malware Proxy Services!

911 Proxy Service Implodes After Disclosing Breach

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Why Malware Crypting Services Deserve More Scrutiny

The Life Cycle of a Breached Database

Hoax Email Blast Abused Poor Coding in FBI Website

Would You Have Fallen for This Phone Scam?

Giving a Face to the Malware Proxy Service ‘Faceless’

Gift Card Gang Extracts Cash From 100k Inboxes Daily

That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards

Who and What is Behind the Malware Proxy Service SocksEscort?

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

Interview With a Crypto Scam Investment Spammer

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

RaidForums Gets Raided, Alleged Admin Arrested

The Link Between AWM Proxy & the Glupteba Botnet

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Karma Catches Up to Global Phishing Service 16Shop

New Ransom Payment Schemes Target Executives, Telemedicine

Crime Shop Sells Hacked Logins to Other Crime Shops

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Hoax Email Blast Abused Poor Coding in FBI Website

The Dark Nexus Between Harm Groups and ‘The Com’

Stay Connected