Cybercrime and Mobile - Cyber Security Informer

Why Phishers Love New TLDs Like.shop,top and.xyz

Krebs on Security

DECEMBER 3, 2024

A study on phishing data released by Interisle Consulting finds that new gTLDs introduced in the last few years command just 11 percent of the market for new domains, but accounted for roughly 37 percent of cybercrime domains reported between September 2023 and August 2024. The top 5 new gTLDs, ranked by cybercrime domains reported.

Cybercrime

Cybercrime Phishing Accountability Internet

T-Mobile Data Breach

Schneier on Security

AUGUST 19, 2021

It’s a big one : As first reported by Motherboard on Sunday, someone on the dark web claims to have obtained the data of 100 million from T-Mobile’s servers and is selling a portion of it on an underground forum for 6 bitcoin, about $280,000.

Mobile

Mobile Data breaches Phishing Cybercrime

New T-Mobile Breach Affects 37 Million Accounts

Krebs on Security

JANUARY 19, 2023

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. In a filing with federal regulators, T-Mobile said an investigation determined that someone abused its systems to harvest subscriber data tied to approximately 37 million current customer accounts.

Mobile

Mobile Accountability Data breaches Identity Theft

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by IntelBroker on a cybercrime forum was stolen from its DevHub environment. The company has disabled public access to the site while we continue the investigation.

Cybercrime

Cybercrime Data breaches Technology Banking

Canadian Man Arrested in Snowflake Data Extortions

Krebs on Security

NOVEMBER 5, 2024

Judische would repeat that claim in Star Chat on May 13 — the day before Santander publicly disclosed a data breach — and would periodically blurt out the names of other Snowflake victims before their data even went up for sale on the cybercrime forums. prosecutors and federal law enforcement agencies. million customers.

Cybercrime

Cybercrime Mobile Media Hacking

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

Image: Shutterstock.com Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. Each advertises their claimed access to T-Mobile systems in a similar way. ” or “ Tmo up!

Mobile

Mobile Phishing Authentication Advertising

How Phished Data Turns into Apple & Google Wallets

Krebs on Security

FEBRUARY 18, 2025

But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores. And they are not traditional SMS phishing or “ smishing ” messages, as they bypass the mobile networks entirely.

Phishing

Phishing Mobile Scams Banking

T-Mobile: Breach Exposed SSN/DOB of 40M+ People

Krebs on Security

AUGUST 18, 2021

T-Mobile is warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. T-Mobile hasn’t yet responded to requests for clarification regarding how many of the 7.8

Mobile

Mobile Identity Theft Accountability Cybercrime

The Cost of Cybercrime

Schneier on Security

JUNE 4, 2019

Really interesting paper calculating the worldwide cost of cybercrime: Abstract: In 2012 we presented the first systematic study of the costs of cybercrime. Several new cybercrimes are significant enough to mention, including business email compromise and crimes involving cryptocurrencies. and more on response.

Cybercrime

Cybercrime Scams Cryptocurrency Antivirus

Cybercrime Rapper Sues Bank over Fraud Investigation

Krebs on Security

AUGUST 7, 2024

In January, KrebsOnSecurity wrote about rapper Punchmade Dev , whose music videos sing the praises of a cybercrime lifestyle. But until recently, there wasn’t much to support a conclusion that Punchmade was actually doing the cybercrime things he promotes in his songs. That record includes the Lexington, Ky.

Banking

Banking Cybercrime Accountability Retail

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

We’ll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the world’s most visited travel website. KrebsOnSecurity last week heard from a reader whose close friend received a targeted phishing message within the Booking mobile app just minutes after making a reservation at a California.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users

Krebs on Security

APRIL 12, 2021

Someone is selling account information for 21 million customers of ParkMobile , a mobile parking app that’s popular in North America. KrebsOnSecurity first heard about the breach from Gemini Advisory , a New York City based threat intelligence firm that keeps a close eye on the cybercrime forums.

Mobile

Mobile Passwords Accountability Cybercrime

Escobar mobile malware targets 190 banking and financial apps, steals 2FA codes

Tech Republic Security

MARCH 17, 2022

A new Android mobile malware dubbed Escobar has hit the cybercrime underground market. The post Escobar mobile malware targets 190 banking and financial apps, steals 2FA codes appeared first on TechRepublic. Read more about it and see how to protect yourself from this threat.

Mobile

Mobile Banking Malware Cybercrime

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Last year, the French security firm Intrinsec detailed Prospero’s connections to bulletproof services advertised on Russian cybercrime forums under the names Securehost and BEARHOST. A fake browser update page pushing mobile malware. The bulletproof hosting provider BEARHOST. Image: Ke-la.com. Image: Intrinsec.

Malware

Malware Antivirus Software DDOS

Russian authorities arrest three suspects behind Mamont Android banking trojan

Security Affairs

MARCH 28, 2025

. “Preliminary findings indicate that the suspects developed malware called Mamont, which they distributed via Telegram channels under the guise of safe mobile applications and video files. ” The authorities linked the three suspects to over 300 cybercrimes, the police seized servers, computers, storage devices, and bank cards.

Banking

Banking Computers and Electronics Mobile Malware

Thai police arrested Chinese hackers involved in SMS blaster attacks

Security Affairs

NOVEMBER 25, 2024

Thai authorities arrested members of two Chinese cybercrime organizations, one of these groups carried out SMS blaster attacks. ” An SMS blaster attack is a cyberattack where a large number of malicious or fraudulent SMS messages are sent to mobile devices within a specific area or to a targeted group.

Mobile

Mobile Scams Technology Telecommunications

Are You One of the 533M People Who Got Facebooked?

Krebs on Security

APRIL 6, 2021

To my mind, this just reinforces the need to remove mobile phone numbers from all of your online accounts wherever feasible. It appears much of this database has been kicking around the cybercrime underground in one form or another since last summer at least. According to a Jan. Image: @UnderTheBreach.

Mobile

Mobile Accountability Passwords Authentication

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

Security Affairs

MARCH 29, 2025

“The emergence of the Crocodilus mobile banking Trojan marks a significant escalation in the sophistication and threat level posed by modern malware. Crocodilus tricks victims into revealing their seed phrase by displaying a fake warning, then logs the text via Accessibility features to steal and drain crypto wallets.

Banking

Banking Mobile Identity Theft Malware

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

million mobile and fixed subscribers. Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. Free S.A.S. is a French telecommunications company, subsidiary of Iliad S.A. that provides voice, video, data, and Internet telecommunications to consumers in France.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. That Joeleoli moniker registered on the cybercrime forum OGusers in 2018 with the email address joelebruh@gmail.com , which also was used to register accounts at several websites for a Joel Evans from North Carolina.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

750 million Indian mobile subscribers’ data offered for sale on dark web

Security Affairs

JANUARY 30, 2024

Data of 750 million Indian mobile subscribers was offered for sale on dark web hacker forums earlier in January. CloudSEK researchers warned that a database containing data of 750 million Indian mobile subscribers was offered for sale on dark web hacker forums earlier in January.

Mobile

Mobile Identity Theft Cybercrime Cyber Attacks

The Rise of One-Time Password Interception Bots

Krebs on Security

SEPTEMBER 29, 2021

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. The OTP interception service featured earlier this year — Otp[.]agency

Passwords

Passwords Mobile Authentication Banking

T-Mobile suffered a new data breach

Security Affairs

DECEMBER 29, 2021

T-Mobile discloses a new data breach that impacted a “very small number of customers” who were victim of SIM swap attacks. T-Mobile has suffered another security breach, threat actors gained access to the accounts of “a small number of” customers.’. ” a T-Mobile Spokesperson told BleepingComputer.

Data breaches

Data breaches Mobile Accountability Wireless

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Security Affairs

MARCH 21, 2025

Law Enforcement and Cybercrime Control Russian authorities may want to monitor criminal organizations, opposition groups, or foreign entities using Telegram. Zero-day prices have risen as the level of security of messaging apps and mobile devices becomes harder to hack.

Government

Government Surveillance Mobile Hacking

Hackers breached MDM firm Mobile Guardian and wiped thousands of devices

Security Affairs

AUGUST 6, 2024

Threat actors breached the UK-based mobile device management (MDM) firm Mobile Guardian and remotely wiped thousands of devices. Hackers breached the mobile device management (MDM) firm Mobile Guardian, the company detected unauthorized access to iOS and ChromeOS devices on August 4th. ” reported the MOE.

Mobile

Mobile Education Hacking Cybercrime

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

In each attack, the victims saw their email and financial accounts compromised after suffering an unauthorized SIM-swap, wherein attackers transferred each victim’s mobile phone number to a new device that they controlled. Prosecutors say Noah Michael Urban of Palm Coast, Fla., “I got thousands of grails.”

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Data of a billion Chinese residents available for sale on a cybercrime forum

Security Affairs

JULY 4, 2022

The hacker is offering the database on a popular cybercrime forum for 10 bitcoins. The Chief Executive Officer of cryptocurrency exchange Binance , Zhao Changpeng, on July 3rd, announced that the threat intelligence team of his company has detected 1 billion resident records available for sale in a cybercrime forum.

Cybercrime

Cybercrime Data breaches Internet Internet

Cybersecurity Event Cancelled After Being Hit By Cybercriminals

Joseph Steinberg

OCTOBER 24, 2022

This major incident became known to the Australia’s pubic just two weeks after it learned that Optus, the country’s second-largest mobile phone network provider, was also hacked, leading to the records of nearly 10 million of its customers’ data being held for ransom by a cybercriminal.

Cybersecurity

Cybersecurity Social Engineering Artificial Intelligence Scams

Singapore Police arrest six men allegedly involved in a cybercrime syndicate

Security Affairs

SEPTEMBER 12, 2024

The Singapore Police Force (SPF) has arrested six individuals for their role in the operations of a cybercrime ring in the country. The six men are believed to be linked to a global cybercrime syndicate. Police seized a laptop, nine mobile phones, and S$465,000 in cash. We will deal severely with perpetrators.”

Cybercrime

Cybercrime Computers and Electronics Mobile Cryptocurrency

U.S. Justice Department Cracks Down on Scattered Spider Phishing Ring

SecureWorld News

NOVEMBER 22, 2024

The United States Department of Justice (DOJ) has unsealed charges against five individuals accused of orchestrating sophisticated phishing campaigns tied to the notorious Scattered Spider cybercrime group.

Phishing

Phishing Identity Theft Cryptocurrency Cybercrime

Data leak exposes users of car-sharing service Blink Mobility

Security Affairs

DECEMBER 21, 2023

More than 22,000 users of Blink Mobility should take the necessary steps to protect themselves against the risk of identity theft. Los Angeles-based electric car-sharing provider Blink Mobility left a misconfigured MongoDB database open to the public.

Mobile

Mobile Identity Theft Passwords Phishing

OP KAERB: Europol dismantled phishing scheme targeting mobile users

Security Affairs

SEPTEMBER 21, 2024

A joint international law enforcement operation led by Europol dismantled a major phishing scheme targeting mobile users. Europol supported European and Latin American law enforcement agencies in dismantling an international criminal network that unlocks stolen or lost mobile phones using a phishing platform.

Mobile

Mobile Phishing Computers and Electronics Marketing

U.K. Arrest in ‘SMS Bandits’ Phishing Service

Krebs on Security

FEBRUARY 1, 2021

Authorities in the United Kingdom have arrested a 20-year-old man for allegedly operating an online service for sending high-volume phishing campaigns via mobile text messages. ” SMS Bandits offered an SMS phishing (a.k.a. ” The proprietor of the SMS Bandits, telling the world he lives in Birmingham.

Phishing

Phishing Telecommunications Advertising Mobile

AI-Fueled Deep Fakes Signal New Era of Cybercrime

Security Boulevard

AUGUST 23, 2021

The post AI-Fueled Deep Fakes Signal New Era of Cybercrime appeared first on Security Boulevard. Events like the 2020 U.S. elections or COVID-19 vaccinations highlight how political opponents and rogue nations actively practice disinformation campaigns to undermine confidence in governments and science, sowing.

Cybercrime

Cybercrime Government Social Engineering Engineering

Interpol arrested 75 members of the cybercrime ring Black Axe

Security Affairs

OCTOBER 17, 2022

Interpol has announced the arrests of 75 individuals as part of a coordinated international operation against an organized cybercrime ring called Black Axe. Interpol arrested 75 individuals as part of a coordinated global operation, codenamed Operation Jackal, against the cybercrime ring Black Axe. and the U.S.) Pierluigi Paganini.

Cybercrime

Cybercrime Scams Banking Mobile

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Krebs on Security

FEBRUARY 26, 2025

In several posts to an English-language cybercrime forum in November, Kiberphant0m leaked some of the phone records and threatened to leak them all unless paid a ransom. More than 160 other Snowflake customers were relieved of data, including TicketMaster, Lending Tree, Advance Auto Parts and Neiman Marcus. million customers.

Hacking

Hacking Government Identity Theft Accountability

This Cybercrime Syndicate Pre-Infected Over 8.9 Million Android Phones Worldwide

The Hacker News

MAY 18, 2023

A cybercrime enterprise known as Lemon Group is leveraging millions of pre-infected Android smartphones worldwide to carry out their malicious operations, posing significant supply chain risks.

Cybercrime

Cybercrime Advertising Mobile Media

Three cybercrime technology trends to watch in 2023

CyberSecurity Insiders

JANUARY 3, 2023

The use of “wiper” malware will proliferate, erasing data from government and critical infrastructure systems as well as mobile phones. This emerging tactic warrants the attention of not only governments but critical infrastructure providers, as well, and possibly even individuals as criminals move to wiping clean mobile phones.

Technology

Technology Cybercrime Artificial Intelligence Government

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. “I wasn’t expected to be approve[d].”

Hacking

Hacking Energy and Utilities Cybercrime Accountability

Kroll Employee SIM-Swapped for Crypto Investor Data

Krebs on Security

AUGUST 25, 2023

19, 2023, someone targeted a T-Mobile phone number belonging to a Kroll employee “in a highly sophisticated ‘SIM swapping’ attack.” ” T-Mobile has not yet responded to requests for comment. . ” T-Mobile has not yet responded to requests for comment. Why do I suggest this?

Mobile

Mobile Cyber Risk Data breaches Cryptocurrency

Would You Have Fallen for This Phone Scam?

Krebs on Security

APRIL 28, 2020

But in a phone interview with KrebsOnSecurity earlier this week, Jim made a call to Citi’s automated system from his mobile phone on file with the bank, and I could hear Citi’s systems asking him to enter the last four digits of his credit card number before he could review recent transactions.

Scams

Scams Banking Accountability Financial Services

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Brad Marden , superintendent of cybercrime operations for the Australian Federal Police (AFP), said their investigation into who was behind U-Admin began in late 2018, after Australian citizens began getting deluged with phishing attacks via mobile text messages that leveraged the software.

Phishing

Phishing Scams Banking Mobile

March Madness Meets Cyber Mayhem: How Cybercriminals Are Playing Offense this Season

SecureWorld News

MARCH 20, 2025

Phishing plays straight out of the cybercrime playbook "March Madness brings heightened cybersecurity risks this year, especially with the expansion of sports gambling beyond traditional office pools creating new attack vectors for credential harvesting and financial fraud," warns J.

Scams

Scams Social Engineering Mobile Phishing

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. Conclusion: cybersecurity and cybercrime have matured.

Cybercrime

Cybercrime Banking Malware Ransomware

Why Phishers Love New TLDs Like.shop,top and.xyz

T-Mobile Data Breach

Trending Sources

New T-Mobile Breach Affects 37 Million Accounts

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Canadian Man Arrested in Snowflake Data Extortions

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

How Phished Data Turns into Apple & Google Wallets

T-Mobile: Breach Exposed SSN/DOB of 40M+ People

The Cost of Cybercrime

Cybercrime Rapper Sues Bank over Fraud Investigation

Booking.com Phishers May Leave You With Reservations

ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users

Escobar mobile malware targets 190 banking and financial apps, steals 2FA codes

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Russian authorities arrest three suspects behind Mamont Android banking trojan

Thai police arrested Chinese hackers involved in SMS blaster attacks

Are You One of the 533M People Who Got Facebooked?

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

France’s second-largest telecoms provider Free suffered a cyber attack

Feds Charge Five Men in ‘Scattered Spider’ Roundup

750 million Indian mobile subscribers’ data offered for sale on dark web

The Rise of One-Time Password Interception Bots

T-Mobile suffered a new data breach

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Hackers breached MDM firm Mobile Guardian and wiped thousands of devices

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Data of a billion Chinese residents available for sale on a cybercrime forum

Cybersecurity Event Cancelled After Being Hit By Cybercriminals

Singapore Police arrest six men allegedly involved in a cybercrime syndicate

U.S. Justice Department Cracks Down on Scattered Spider Phishing Ring

Data leak exposes users of car-sharing service Blink Mobility

OP KAERB: Europol dismantled phishing scheme targeting mobile users

U.K. Arrest in ‘SMS Bandits’ Phishing Service

AI-Fueled Deep Fakes Signal New Era of Cybercrime

Interpol arrested 75 members of the cybercrime ring Black Axe

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

This Cybercrime Syndicate Pre-Infected Over 8.9 Million Android Phones Worldwide

Three cybercrime technology trends to watch in 2023

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Kroll Employee SIM-Swapped for Crypto Investor Data

Would You Have Fallen for This Phone Scam?

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

March Madness Meets Cyber Mayhem: How Cybercriminals Are Playing Offense this Season

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

Stay Connected