Cybercrime and Media - Cyber Security Informer

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

This approach reflects the as-a-service logic already prevalent in other areas of the cybercrime sector, significantly reducing the level of technical knowledge needed by those wishing to access this confidential data.

Cybercrime

Cybercrime Social Engineering Accountability Government

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

JANUARY 31, 2025

On January 29, the FBI and the Dutch national police seized the technical infrastructure for a cybercrime service marketed under the brands Heartsender , Fudpage and Fudtools (and many other “fud” variations). “The Cybercrime Team is on the trail of a number of buyers of the tools,” the Dutch national police said.

Phishing

Phishing Cybercrime Advertising Malware

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs

FEBRUARY 2, 2025

and Dutch authorities seized 39 domains and servers linked to the HeartSender cybercrime group based in Pakistan. A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools.

Cybercrime

Cybercrime Advertising Phishing Hacking

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Russia Charges Notorious Ransomware Developer in Rare Cybercrime Case

SecureWorld News

DECEMBER 3, 2024

In a surprising move related to international cybercrime, Russian authorities have charged Mikhail Matveev, also known as "Wazawaka," with creating ransomware to extort commercial organizations, according to Russian media outlet RIA. Despite U.S.

Cybercrime

Cybercrime Ransomware Healthcare Cryptocurrency

Cybercrime Rapper Sues Bank over Fraud Investigation

Krebs on Security

AUGUST 7, 2024

In January, KrebsOnSecurity wrote about rapper Punchmade Dev , whose music videos sing the praises of a cybercrime lifestyle. That story showed how Punchmade’s social media profiles promoted Punchmade-themed online stores selling bank account and payment card data.

Banking

Banking Cybercrime Accountability Retail

How Does One Get Hired by a Top Cybercrime Gang?

Krebs on Security

JUNE 15, 2021

This post explores answers to those questions, as well as some of the ways Trickbot and other organized cybercrime gangs gradually recruit, groom and trust new programmers. Alla Witte’s personal website — allawitte[.]nl nl — circa October 2018. 6 in Miami, Fla. law enforcement agencies. Image: DOJ.

Cybercrime

Cybercrime Ransomware Passwords Banking

How Cryptocurrency Turns to Cash in Russian Banks

Krebs on Security

DECEMBER 11, 2024

A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. wtf, and PQHosting ; -sites selling aged email, financial, or social media accounts, such as verif[.]work

Cryptocurrency

Cryptocurrency Banking Cybercrime Advertising

Crazy Evil gang runs over 10 highly specialized social media scams

Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. The cybercrime gang focused on targeting the Web3 and decentralized finance industry. These factors make it a persistent cyber threat.

Scams

Scams Media Cryptocurrency Cybercrime

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

Security Affairs

FEBRUARY 26, 2025

Researchers found an updated LightSpy spyware with enhanced data collection features targeting social media platforms like Facebook and Instagram. have found an updated version of the LightSpy spyware that supports an expanded set of data collection features to target social media platforms like Facebook and Instagram.

Data collection

Data collection Spyware Media Surveillance

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

We’ll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the world’s most visited travel website. A scan of social media networks showed this is not an uncommon scam. A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Last year, the French security firm Intrinsec detailed Prospero’s connections to bulletproof services advertised on Russian cybercrime forums under the names Securehost and BEARHOST. The bulletproof hosting provider BEARHOST. This screenshot has been machine-translated from Russian. Image: Ke-la.com.

Malware

Malware Antivirus Software DDOS

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Krebs on Security

OCTOBER 17, 2024

AnonSudan ), a cybercrime business known for launching powerful distributed denial-of-service (DDoS) attacks against a range of targets, including dozens of hospitals, news websites and cloud providers. government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a.

DDOS

DDOS Government Internet Internet

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

That Joeleoli moniker registered on the cybercrime forum OGusers in 2018 with the email address joelebruh@gmail.com , which also was used to register accounts at several websites for a Joel Evans from North Carolina. Click to enlarge. A Scattered Spider phishing lure sent to Twilio employees.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

One English-speaking cybercriminal who goes by the nicknames “ Pwnstar ” and “ Pwnipotent ” has been selling fake EDR services on both Russian-language and English cybercrime forums. “I cannot 100% guarantee every order will go through,” Pwnstar explained. ” An ad from Pwnstar for fake EDR services.

Hacking

Hacking Accountability Government Social Engineering

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

SecureWorld News

APRIL 22, 2025

A sophisticated cybercrime campaign, dubbed Elusive Comet , has been uncovered, in which North Korean threat actors are exploiting Zoom's remote control feature to infiltrate the systems of cryptocurrency professionals. Victims are sent unsolicited invitations to join Zoom calls, often via links in phishing emails or messages.

Cryptocurrency

Cryptocurrency Social Engineering Cybercrime Engineering

How threat actors can use generative artificial intelligence?

Security Affairs

DECEMBER 1, 2024

Deepfakes are media content—such as videos, images, or audio—created using GAI to realistically manipulate faces, voices, or even entire events. For example, these campaigns leverage fake social media accounts to post questions and comments about divisive internal issues in the U.S.

Artificial Intelligence

Artificial Intelligence Phishing Media Cyber threats

The ‘Groove’ Ransomware Gang Was a Hoax

Krebs on Security

NOVEMBER 2, 2021

22 on RAMP , a new and fairly exclusive Russian-language darknet cybercrime forum. In a post on the Russian cybercrime forum XSS , an established cybercrook using the handle “ Boriselcin ” explained that Groove was little more than a pet project to screw with the media and security industry. ” reads the Oct.

Ransomware

Ransomware Cybercrime VPN Media

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Krebs on Security

JANUARY 17, 2024

The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. But until recently, there wasn’t much to support a conclusion that Punchmade was actually doing the cybercrime things he promotes in his songs. Punchmade Dev’s shop.

Cybercrime

Cybercrime Media Banking Accountability

FBI: Investment Scams Surpass BEC as Most Costly Cybercrime

SecureWorld News

MARCH 15, 2023

The FBI's Internet Crime Complaint Center (IC3) has released its 2022 Internet Crime Report , which reveals the trends and impacts of cybercrime in the United States. The report shows that phishing schemes were the most common type of cybercrime reported by victims in 2022, with 300,497 complaints.

Cybercrime

Cybercrime Scams Cryptocurrency Identity Theft

How Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate Cybercrime

Trend Micro

OCTOBER 26, 2023

This report explores the Kopeechka service and gives a detailed technical analysis of the service’s features and capabilities and how it can help cybercriminals to achieve their goals.

Media

Media Cybercrime Accountability

Canadian authorities arrested alleged Snowflake hacker

Security Affairs

NOVEMBER 5, 2024

UNC5537 is systematically compromising Snowflake customer instances using stolen customer credentials, advertising victim data for sale on cybercrime forums, and attempting to extort many of the victims.” Independent news outlet 404 Media also confirmed Krebs’s findings 404 Media in September 2024.

Unstructured Data

Unstructured Data Media Cybercrime Hacking

Brazil’s Polícia Federal arrested the notorious hacker USDoD

Security Affairs

OCTOBER 16, 2024

Among them, it was possible to identify tax registration, email addresses, registered domains, IP addresses, social media accounts, telephone number and city. The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec). Despite attempts to hide his identity by claiming U.S.

Data breaches

Data breaches Media Cybercrime Accountability

Europol warns about counterfeit goods and the criminals behind them

Malwarebytes

OCTOBER 28, 2024

Not only does this ecosystem provide buyers with substandard goods, it also enables crimes like intellectual property (IP) crime, cybercrime, money laundering, and environmental crime. Review advertisements on social media, influencer channels, and chat platforms with a little bit of extra caution. Look for consumer reviews.

Cybercrime

Cybercrime Advertising Media Risk

Microsoft seized the US infrastructure of the Storm-1152 cybercrime group

Security Affairs

DECEMBER 14, 2023

Microsoft’s Digital Crimes Unit seized multiple domains used by cybercrime group Storm-1152 to sell fraudulent Outlook accounts. Microsoft’s Digital Crimes Unit seized multiple domains used by a cybercrime group, tracked as Storm-1152, to sell fraudulent accounts. ” reads the announcement published by Microsoft.

Cybercrime

Cybercrime Accountability Media Technology

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

The Last Watchdog

FEBRUARY 4, 2025

“SpyCloud has a long history of leading the way in understanding the cybercrime ecosystem, from our early days in world-class ATO prevention to continuing to build solutions that empower organizations to proactively protect against threats stemming from infostealer malware, phished and breach data.

Cybercrime

Cybercrime Accountability Phishing Malware

Cybersecurity Event Cancelled After Being Hit By Cybercriminals

Joseph Steinberg

OCTOBER 24, 2022

An online cybersecurity event with 2,500 people already logged in had to be cancelled after suspected cybercriminals launched a social engineering attack in the event’s chat window.

Cybersecurity

Cybersecurity Social Engineering Artificial Intelligence Scams

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

CoralRaider: Vietnamese Hackers Wage Stealthy Campaign, Targeting Social Media and Financial Data

Penetration Testing

APRIL 4, 2024

Researchers at Cisco Talos have uncovered a sophisticated cybercrime operation dubbed “CoralRaider,” pinpointing the threat actors as likely based in Vietnam.

Media

Media Penetration Testing Cybercrime Malware

News alert: SpyCloud study shows gaps in EDR, antivirus — 66% of malware infections missed

The Last Watchdog

APRIL 7, 2025

SpyCloud helps stop cybercrime before it happens by identifying these identity risks early, mapping them back to impacted users, devices, and applications, and sending actionable intelligence to an organizations EDR for response and remediation. About SpyCloud: SpyCloud transforms recaptured darknet data to disrupt cybercrime.

Antivirus

Antivirus Malware Cybercrime Identity Theft

Election season raises fears for nearly a third of people who worry their vote could be leaked

Malwarebytes

OCTOBER 15, 2024

Elsewhere, 60% had received election-related ads through emails, 58% through physical mailers, 55% through text messages, 40% through social media, and 29% through phone calls. A focus on cybercrime While people hold a sense of distrust for election-related ads, they also revealed another emotion towards them: Fear.

Scams

Scams Identity Theft Cybercrime Accountability

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

CISA adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog Three new Ivanti CSA zero-day actively exploited in attacks Ukrainian national pleads guilty in U.S.

Data breaches

Data breaches Cryptocurrency Cybercrime Artificial Intelligence

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Krebs on Security

MARCH 10, 2020

In addition to facilitating the sale of hacked accounts at video streaming services like Netflix and Hulu and social media platforms like Facebook , Twitter and Vkontakte (the Russian equivalent of Facebook), deer.io also is a favored marketplace for people involved in selling phony social media accounts.

Accountability

Accountability Advertising Hacking Cybercrime

Arrest in ‘Ransom Your Employer’ Email Scheme

Krebs on Security

NOVEMBER 22, 2021

In June 2021, the Nigerian government officially placed an indefinite ban on Twitter , restricting it from operating in Nigeria after the social media platform deleted tweets by the Nigerian president. But after his name appeared in the news media, he received thousands of inquiries from people interested in his idea.

Scams

Scams Cybercrime Banking Identity Theft

How to Detect Fake Social Media Profiles

SecureBlitz

SEPTEMBER 13, 2023

In this post, we will show you how to detect fake social media profiles. With the increasing prevalence of social media platforms in our daily lives, fake social media profiles have become a significant concern. Detecting […] The post How to Detect Fake Social Media Profiles appeared first on SecureBlitz Cybersecurity.

Media

Media Identity Theft Scams Cybersecurity

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Krebs on Security

MAY 14, 2021

“Servers were seized (country not named), money of advertisers and founders was transferred to an unknown account,” reads a message from a cybercrime forum reposted to the Russian OSINT Telegram channel. The new restrictions came as some Russian cybercrime forums began distancing themselves from ransomware operations altogether.

Ransomware

Ransomware Cryptocurrency Cybercrime Healthcare

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking

Hacking Cybercrime Phishing Passwords

Russian Hacker “Wazawaka” Indicted for Ransomware

Krebs on Security

MAY 16, 2023

In a January 2021 discussion on a top Russian cybercrime forum, Matveev’s alleged alter ego Wazawaka said he had no plans to leave the protection of “Mother Russia,” and that traveling abroad was not an option for him. “Mother Russia will help you,” Wazawaka concluded. 17, 1992). .” 17, 1992).

Ransomware

Ransomware Cybercrime VPN Healthcare

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication. Authorities from the Netherlands, the United States, Belgium, Portugal, the United Kingdom and Australia took part in the operation.

Identity Theft

Identity Theft Passwords Malware Banking

Hidden in plain sight: How the dark web is spilling onto social media

We Live Security

FEBRUARY 10, 2022

The post Hidden in plain sight: How the dark web is spilling onto social media appeared first on WeLiveSecurity. A trip into the dark corners of Telegram, which has become a magnet for criminals peddling everything from illegal drugs to fake money and COVID-19 vaccine passes.

Media

Media Cybercrime

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. “They even got [a] forum to discuss things.”

Hacking

Hacking Energy and Utilities Cybercrime Accountability

Arrest, Seizures Tied to Netwalker Ransomware

Krebs on Security

JANUARY 27, 2021

and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. The DOJ’s media advisory doesn’t mention the defendant’s age, but a 2015 report in the Gatineau local news website ledroit.com suggests this may not be his first offense.

Ransomware

Ransomware Cybercrime Antivirus Encryption

A Retrospective on the 2015 Ashley Madison Breach

Krebs on Security

JULY 27, 2022

But a recent review of Ashley Madison mentions across Russian cybercrime forums and far-right websites in the months leading up to the hack revealed some previously unreported details that may deserve further scrutiny. Several media outlets pounced on salacious exchanges in Biderman’s emails as proof he had carried on multiple affairs.

Cybercrime

Cybercrime Hacking Media Advertising

Microsoft Takes Legal Action to Crack Down on Storm-1152's Cybercrime Network

The Hacker News

DECEMBER 13, 2023

Microsoft on Wednesday said it obtained a court order to seize infrastructure set up by a group called Storm-1152 that peddled roughly 750 million fraudulent Microsoft accounts and tools through a network of bogus websites and social media pages to other criminal actors, netting them millions of dollars in illicit revenue.

Cybercrime

Cybercrime Media Accountability

Microsoft seized 240 sites used by the ONNX phishing service

Security Affairs

NOVEMBER 23, 2024

Microsoft announced the disruption of the ONNX phishing service, another success against cybercrime which led to the seizure of 240 sites. Phishing kits are sold mainly via Telegram, complemented by instructional videos on social media platforms that guide buyers on purchasing and deploying them.

Phishing

Phishing Cybercrime Financial Services Media

EDR-as-a-Service makes the headlines in the cybercrime landscape

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Webinars

Trending Sources

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Webinars

Russia Charges Notorious Ransomware Developer in Rare Cybercrime Case

Cybercrime Rapper Sues Bank over Fraud Investigation

How Does One Get Hired by a Top Cybercrime Gang?

How Cryptocurrency Turns to Cash in Russian Banks

Crazy Evil gang runs over 10 highly specialized social media scams

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

Booking.com Phishers May Leave You With Reservations

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Feds Charge Five Men in ‘Scattered Spider’ Roundup

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

How threat actors can use generative artificial intelligence?

The ‘Groove’ Ransomware Gang Was a Hoax

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

FBI: Investment Scams Surpass BEC as Most Costly Cybercrime

How Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate Cybercrime

Canadian authorities arrested alleged Snowflake hacker

Brazil’s Polícia Federal arrested the notorious hacker USDoD

Europol warns about counterfeit goods and the criminals behind them

Microsoft seized the US infrastructure of the Storm-1152 cybercrime group

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

Cybersecurity Event Cancelled After Being Hit By Cybercriminals

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

CoralRaider: Vietnamese Hackers Wage Stealthy Campaign, Targeting Social Media and Financial Data

News alert: SpyCloud study shows gaps in EDR, antivirus — 66% of malware infections missed

Election season raises fears for nearly a third of people who worry their vote could be leaked

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Arrest in ‘Ransom Your Employer’ Email Scheme

How to Detect Fake Social Media Profiles

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Russian Hacker “Wazawaka” Indicted for Ransomware

International law enforcement operation dismantled RedLine and Meta infostealers

Hidden in plain sight: How the dark web is spilling onto social media

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Arrest, Seizures Tied to Netwalker Ransomware

A Retrospective on the 2015 Ashley Madison Breach

Microsoft Takes Legal Action to Crack Down on Storm-1152's Cybercrime Network

Microsoft seized 240 sites used by the ONNX phishing service

Stay Connected