Cybercrime, Internet and Web Fraud - Cyber Security Informer

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Krebs on Security

OCTOBER 17, 2024

AnonSudan ), a cybercrime business known for launching powerful distributed denial-of-service (DDoS) attacks against a range of targets, including dozens of hospitals, news websites and cloud providers. government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a.

DDOS

DDOS Government Internet Internet

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

We’ll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the world’s most visited travel website. According to the market share website statista.com , booking.com is by far the Internet’s busiest travel service, with nearly 550 million visits in September.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

In the United States, when federal, state or local law enforcement agencies wish to obtain information about an account at a technology provider — such as the account’s email address, or what Internet addresses a specific cell phone account has used in the past — they must submit an official court-ordered warrant or subpoena.

Hacking

Hacking Accountability Government Social Engineering

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

China-based SMS Phishing Triad Pivots to Banks

Krebs on Security

APRIL 10, 2025

But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime infrastructure and support staff. Until recently, the so-called “ Smishing Triad ” mainly impersonated toll road operators and shipping companies. Image: Prodaft.

Banking

Banking Phishing Mobile Retail

No SOCKS, No Shoes, No Malware Proxy Services!

Krebs on Security

AUGUST 2, 2022

With the recent demise of several popular “proxy” services that let cybercriminals route their malicious traffic through hacked PCs, there is now something of a supply chain crisis gripping the underbelly of the Internet. Last week, a seven-year-old proxy service called 911[.]re Image: Spur.us. The disruption at 911[.]re

Malware

Malware Cybercrime Internet Internet

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Pompompurin has been a thorn in the side of the FBI for years.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

JULY 29, 2022

re is was one of the original “residential proxy” networks, which allow someone to rent a residential IP address to use as a relay for his/her Internet communications, providing anonymity and the advantage of being perceived as a residential user surfing the web.

Cybercrime

Cybercrime Software VPN Backups

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

Kilmer said Faceless has emerged as one of the underground’s most reliable malware-based proxy services, mainly because its proxy network has traditionally included a great many compromised “Internet of Things” devices — such as media sharing servers — that are seldom included on malware or spam block lists.

Malware

Malware Passwords Accountability Advertising

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

For the past seven years, an online service known as 911 has sold access to hundreds of thousands of Microsoft Windows computers daily, allowing customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States. THE INTERNET NEVER FORGETS.

VPN

VPN Computers and Electronics Antivirus Software

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service. SocksEscort began in 2009 as “ super-socks[.]com

Malware

Malware VPN Internet Internet

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Krebs on Security

JANUARY 17, 2024

The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. But until recently, there wasn’t much to support a conclusion that Punchmade was actually doing the cybercrime things he promotes in his songs. Punchmade Dev’s shop.

Cybercrime

Cybercrime Media Banking Accountability

Local Networks Go Global When Domain Names Collide

Krebs on Security

AUGUST 23, 2024

At issue is a well-known security and privacy threat called “ namespace collision ,” a situation where domain names intended to be used exclusively on an internal company network end up overlapping with domains that can resolve normally on the open Internet. SSL/TLS certs). Image: Defcon.org.

DNS

DNS Internet Internet Authentication

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Brad Marden , superintendent of cybercrime operations for the Australian Federal Police (AFP), said their investigation into who was behind U-Admin began in late 2018, after Australian citizens began getting deluged with phishing attacks via mobile text messages that leveraged the software.

Phishing

Phishing Scams Banking Mobile

Hoax Email Blast Abused Poor Coding in FBI Website

Krebs on Security

NOVEMBER 13, 2021

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. I am contacting you today because we located a botnet being hosted on your forehead, please take immediate action thanks.”

Internet

Internet Internet Hacking Accountability

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Krebs on Security

SEPTEMBER 18, 2024

The page listed the correct time and date of the funeral service, which it claimed could be streamed over the Internet by following a link that led to a page requesting credit card information. xyz is currently hosted at a Bangladeshi web hosting provider named cloudswebserver[.]com The Internet address of livestreamnow[.]xyz

Scams

Scams DNS Internet Internet

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

Indeed, those messages show Sosa/King Bob was obsessed with finding new “ grails ,” the slang term used in some cybercrime discussion channels to describe recordings from popular artists that have never been officially released. “I got the most music in the com,” King Bob bragged in a Discord server in November 2022.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Krebs on Security

DECEMBER 5, 2022

In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba , one of the Internet’s largest and oldest botnets. The judge in the case was not amused, found for the plaintiff, and ordered the defendants and their U.S. attorney to pay Google’s legal fees.

Cybercrime

Cybercrime Malware Internet Internet

The Life Cycle of a Breached Database

Krebs on Security

JULY 29, 2021

One might even say passwords are the fossil fuels powering most IT modernization: They’re ubiquitous because they are cheap and easy to use, but that means they also come with significant trade-offs — such as polluting the Internet with weaponized data when they’re leaked or stolen en masse. TARGETED PHISHING.

Passwords

Passwords Password Management Phishing Scams

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic.

Malware

Malware Banking Phishing DDOS

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the “patient.” ” The other involves carefully editing email inboxes of public company executives to make it appear that some were involved in insider trading. .”

Healthcare

Healthcare Backups Ransomware Insurance

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. If someone bind anything with exe file and spread on internet its not my fault.” ” A number of questions, indeed.

Phishing

Phishing Cybercrime Malware Advertising

Riding the State Unemployment Fraud ‘Wave’

Krebs on Security

MAY 23, 2020

Earlier this week, email security firm Agari detailed a fraud operation tied to a seasoned Nigerian cybercrime group it dubbed “ Scattered Canary ,” which has been busy of late bilking states and the federal government out of economic stimulus and unemployment payments. ” CANARY IN THE GOLDMINE.

Insurance

Insurance Accountability Banking Government

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

Other Privnote phishing domains that also phoned home to the same Internet address as pirwnote[.]com com is currently selling security cameras made by the Chinese manufacturer Hikvision , via an Internet address based in Hong Kong. Searching DomainTools for domains that include both of these terms reveals pirwnote[.]com.

Phishing

Phishing Cryptocurrency DDOS Internet

That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards

Krebs on Security

NOVEMBER 13, 2018

A review of the neighboring domains that reside at Internet addresses adjacent to julierandallphoto-dot-com ( 196.196.152/153.x ” The report tracks the work of Magecart — the name given to a collective of at least seven cybercrime groups involved in hacking Web sites to steal payment card data.

Accountability

Accountability eCommerce Cybercrime Advertising

The Link Between AWM Proxy & the Glupteba Botnet

Krebs on Security

JUNE 28, 2022

There is also ample evidence to suggest that Glupteba may have spawned Meris , a massive botnet of hacked Internet of Things (IoT) devices that surfaced in September 2021 and was responsible for some of the largest and most disruptive distributed denial-of-service (DDoS) attacks the Internet has ever seen. But on Dec.

Passwords

Passwords Malware Internet Internet

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Krebs on Security

OCTOBER 25, 2018

According to the most recent statistics from the FBI ‘s Internet Crime Complaint Center , the most costly form of cybercrime stems from a complex type of fraud known as the “ B usiness E mail C ompromise” or BEC scam. Something like 63 percent of fraud losses reported to the FBI are related to it.

Scams

Scams Accountability Media Banking

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Krebs on Security

SEPTEMBER 2, 2021

Here’s the story of a cybercrime group that compromises up to 100,000 email inboxes per day, and apparently does little else with this access except siphon gift card and customer loyalty program data that can be resold online. How do the compromised email credentials break down in terms of ISPs and email providers?

Accountability

Accountability Authentication Passwords Hacking

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

In addition, 16Shop employed various tricks to help its users’ phishing pages stay off the radar of security firms, including a local “blacklist” of Internet addresses tied to security companies, and a feature that allowed users to block entire Internet address ranges from accessing phishing pages.

Phishing

Phishing Passwords Hacking Internet

Hoax Email Blast Abused Poor Coding in FBI Website

Security Boulevard

NOVEMBER 13, 2021

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation.

Cybercrime

Cybercrime Internet Internet Web Fraud

Massive Losses Define Epidemic of ‘Pig Butchering’

Krebs on Security

JULY 21, 2022

REACTs’ West said while there are a large number of pig butchering victims reporting their victimization to the FBI, very few are receiving anything more than instructions about filing a complaint with the FBI’s Internet Crime Complaint Center (IC3), which keeps track of cybercrime losses and victims.

Scams

Scams Cryptocurrency Marketing Internet

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

NOVEMBER 6, 2018

The force was originally created to tackle a range of cybercrimes, but Tarazi says SIM swappers are a primary target now for two reasons. The bug could be exploited simply by adding the phone number of a target to the end of a Web address used by one of the company’s internal tools that was nevertheless accessible via the open Internet.

Mobile

Mobile Cryptocurrency Accountability Passwords

Disneyland Malware Team: It’s a Puny World After All

Security Boulevard

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode, an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic and Ukrainian.

Malware

Malware Cybercrime Banking Phishing

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Security Boulevard

DECEMBER 5, 2022

In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba, one of the Internet's largest and oldest botnets.

Cybercrime

Cybercrime Internet Internet Web Fraud

KrebsOnSecurity in New Netflix Series on Cybercrime

Krebs on Security

JUNE 7, 2022

Netflix has a new documentary series airing next week — “ Web of Make Believe: Death, Lies & the Internet ” — in which Yours Truly apparently has a decent amount of screen time. “What starts out virtual can get real all too quickly — and when the web is worldwide, so are the consequences.”

Cybercrime

Cybercrime Internet Internet Web Fraud

15-Year-Old Malware Proxy Network VIP72 Goes Dark

Krebs on Security

SEPTEMBER 1, 2021

Over the past 15 years, a cybercrime anonymity service known as VIP72 has enabled countless fraudsters to mask their true location online by routing their traffic through millions of malware-infected systems. based Internet address for more than a decade — simply vanished. The domain Vip72[.]org

Malware

Malware Cybercrime Internet Internet

How Phished Data Turns into Apple & Google Wallets

Krebs on Security

FEBRUARY 18, 2025

But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market.

Phishing

Phishing Mobile Scams Banking

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, the government alleges. attorney general. .”

Cryptocurrency

Cryptocurrency Government Internet Internet

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

The security firm CrowdStrike dubbed the group “ Scattered Spider ,” a recognition that the MGM hackers came from different hacker cliques scattered across an ocean of Telegram and Discord servers dedicated to financially-oriented cybercrime. ” Beige members were implicated in two stories published here in 2020.

Cybercrime

Cybercrime Accountability Mobile Hacking

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. that were created from different Internet addresses in Vienna, Austria. billion last year.

Scams

Scams DDOS Cryptocurrency Accountability

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device.

Mobile

Mobile Phishing Authentication Advertising

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. biz , a long-running crypting service that is trusted by some of the biggest names in cybercrime.

Malware

Malware Antivirus Cybercrime Hacking

Meet the World’s Biggest ‘Bulletproof’ Hoster

Krebs on Security

JULY 16, 2019

For at least the past decade, a computer crook variously known as “ Yalishanda ,” “ Downlow ” and “ Stas_vl ” has run one of the most popular “bulletproof” Web hosting services catering to a vast array of phishing sites, cybercrime forums and malware download servers. Image: Intel471.

Cybercrime

Cybercrime Phishing Banking Malware

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

That story showed that the previous owner of the Doxbin also was part of a teenage hacking group that specialized in offering fake EDRs as a service on the dark web. .” Indeed, a screenshot of the ViLE group website includes the group’s official roster, which lists KT at the top, followed by Weep and Ominus. ” Image: USDOJ.

Hacking

Hacking Government Media Accountability

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

Krebs on Security

MARCH 29, 2022

There is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. ” On April 5, 2021, Everlynn posted a new sales thread to the cybercrime forum cracked[.]to

Accountability

Accountability Government Hacking Social Engineering

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Booking.com Phishers May Leave You With Reservations

Webinars

Trending Sources

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Webinars

China-based SMS Phishing Triad Pivots to Banks

No SOCKS, No Shoes, No Malware Proxy Services!

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

911 Proxy Service Implodes After Disclosing Breach

Giving a Face to the Malware Proxy Service ‘Faceless’

A Deep Dive Into the Residential Proxy Service ‘911’

Who and What is Behind the Malware Proxy Service SocksEscort?

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Local Networks Go Global When Domain Names Collide

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Hoax Email Blast Abused Poor Coding in FBI Website

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

The Life Cycle of a Breached Database

Disneyland Malware Team: It’s a Puny World After All

New Ransom Payment Schemes Target Executives, Telemedicine

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Riding the State Unemployment Fraud ‘Wave’

Fake Lawsuit Threat Exposes Privnote Phishing Sites

That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards

The Link Between AWM Proxy & the Glupteba Botnet

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Karma Catches Up to Global Phishing Service 16Shop

Hoax Email Blast Abused Poor Coding in FBI Website

Massive Losses Define Epidemic of ‘Pig Butchering’

Busting SIM Swappers and SIM Swap Myths

Disneyland Malware Team: It’s a Puny World After All

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

KrebsOnSecurity in New Netflix Series on Cybercrime

15-Year-Old Malware Proxy Network VIP72 Goes Dark

How Phished Data Turns into Apple & Google Wallets

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

The Dark Nexus Between Harm Groups and ‘The Com’

Interview With a Crypto Scam Investment Spammer

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Why Malware Crypting Services Deserve More Scrutiny

Meet the World’s Biggest ‘Bulletproof’ Hoster

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

Stay Connected