Cybercrime and VPN - Cyber Security Informer

US, European Law Enforcement Shut Down Cybercrime-Friendly VPN Services

Adam Levin

DECEMBER 23, 2020

Law enforcement agencies from the United States and Europe seized domain names and servers belonging to a virtual private network (VPN) provider long linked to online cybercrime. The post US, European Law Enforcement Shut Down Cybercrime-Friendly VPN Services appeared first on Adam Levin.

VPN

VPN Cybercrime Phishing Ransomware

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group published configuration files and VPN passwords for over 15,000 Fortinet FortiGate appliances. “The data includes: IPs.

VPN

VPN Passwords Firewall Firmware

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Security Affairs

NOVEMBER 21, 2024

Justice Department charged five suspects linked to the Scattered Spider cybercrime gang with wire fraud conspiracy. Justice Department charged five alleged members of the cybercrime gang Scattered Spider (also known as UNC3944 , 0ktapus ) with conspiracy to commit wire fraud. ” reads the press release published by DoJ.

Cybercrime

Cybercrime Identity Theft Cryptocurrency Phishing

Is Your Computer Part of ‘The Largest Botnet Ever?’

Krebs on Security

MAY 29, 2024

.” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. Cloud Router was previously called 911 S5. .”

VPN

VPN Government Cybercrime Internet

Dark Web: Many cybercrime services sell for less than $500

Tech Republic Security

OCTOBER 13, 2021

A ransomware kit costs as little as $66, though it needs to be modified, while a spearphishing attack can run as low as $100, says Altas VPN.

Cybercrime

Cybercrime VPN Ransomware

Bulletproof VPN services took down in a global police operation

Security Affairs

DECEMBER 22, 2020

A joint operation conducted by law European enforcement agencies resulted in the seizure of the infrastructure of three bulletproof VPN services. ” The three VPN bulletproof services were hosted at insorg.org , safe-inet.com , and safe-inet.net, their home page currently displays a law enforcement banner. day to $190/year.

VPN

VPN Cybercrime Advertising Ransomware

Honest And Unbiased CyberGhost VPN Review

SecureBlitz

FEBRUARY 1, 2022

Read on for an honest and unbiased CyberGhost VPN review, one of the top VPN service providers. With the rise in cyber-monitoring and other cybercrimes, everyone is looking for software that would ensure their security and privacy online, so they turn to VPN providers.

VPN

VPN Cybercrime Software Cybersecurity

Why developed countries are more vulnerable to cybercrime

Tech Republic Security

MAY 27, 2020

Developed nations have higher incomes, technology, urbanization, and digitalization, which are all factors for greater cyber risk, says VPN provider NordVPN.

Cybercrime

Cybercrime Cyber Risk VPN Technology

Europol Shuts Down VPNLab, Cybercriminals' Favourite VPN Service

The Hacker News

JANUARY 18, 2022

VPNLab.net, a VPN provider that was used by malicious actors to deploy ransomware and facilitate other cybercrimes, was taken offline following a coordinated law enforcement operation.

VPN

VPN Cybercrime Ransomware

Free VPN apps on Google Play turned Android phones into proxies

Bleeping Computer

MARCH 26, 2024

Over 15 free VPN apps on Google Play were found using a malicious software development kit that turned Android devices into unwitting residential proxies, likely used for cybercrime and shopping bots. [.]

VPN

VPN Cybercrime Software Mobile

Member of cybercrime group Karakurt charged in the US

Security Affairs

AUGUST 23, 2024

court for his role in the Karakurt cybercrime gang. court for his role in the Russian Karakurt cybercrime gang. “Among other things, the Russian cybercrime group steals victim data and threatens to release it unless the victim pays ransom in cryptocurrency. . ” reads the press release published by DoJ.

Cybercrime

Cybercrime VPN Cryptocurrency Hacking

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. Experts reported that brute-force cracking tools and account checkers are available on cybercrime marketplaces and forums for an average of $4. Pierluigi Paganini.

Cybercrime

Cybercrime Antivirus Marketing Accountability

The ‘Groove’ Ransomware Gang Was a Hoax

Krebs on Security

NOVEMBER 2, 2021

22 on RAMP , a new and fairly exclusive Russian-language darknet cybercrime forum. ” In the first week of September, Groove posted on its darknet blog nearly 500,000 login credentials for customers of Fortinet VPN products, usernames and passwords that could be used to remotely connect to vulnerable systems. .”

Ransomware

Ransomware Cybercrime VPN Media

Treasury Sanctions Creators of 911 S5 Proxy Botnet

Krebs on Security

MAY 28, 2024

911 built its proxy network mainly by offering “free” virtual private networking (VPN) services. 911’s VPN performed largely as advertised for the user — allowing them to surf the web anonymously — but it also quietly turned the user’s computer into a traffic relay for paying 911 S5 customers.

VPN

VPN Banking Cybercrime Internet

Fox Kitten Campaign – Iranian hackers exploit 1-day VPN flaws in attacks

Security Affairs

FEBRUARY 16, 2020

Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world. Iran-linked attackers targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies as part of the Fox Kitten Campaign. SecurityAffairs – Fox Kitten campaign, VPN ). Pierluigi Paganini.

VPN

VPN Advertising Telecommunications Hacking

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Some SMS phishing messages told employees their VPN credentials were expiring and needed to be changed; other phishing messages advised employees about changes to their upcoming work schedule. The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. Recently Microsoft observed Iran-linked APT Mercury and the Russian cybercrime gang TA505 exploiting the Zerologon flaw in attacks in the wild. Pierluigi Paganini.

VPN

VPN Government Authentication Advertising

Zxyel Flaw Powers New Mirai IoT Botnet Strain

Krebs on Security

MARCH 20, 2020

In February, hardware maker Zyxel fixed a zero-day vulnerability in its routers and VPN firewall products after KrebsOnSecurity told the company the flaw was being abused by attackers to break into devices. Security experts at Palo Alto Networks said Thursday their sensors detected the new Mirai variant — dubbed Mukashi — on Mar.

IoT

IoT DDOS VPN Firewall

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. The post FBI: Compromised US academic credentials available on various cybercrime forums appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

Cybercrime

Cybercrime Education Accountability Phishing

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. The employee phishing page bofaticket[.]com. Image: urlscan.io. ” SPEAR VISHING.

Phishing

Phishing VPN Social Engineering Media

Q&A: Here’s why VPNs are likely to remain a valuable DIY security tool for consumers, SMBs

The Last Watchdog

JULY 11, 2022

Related: VPNs vs ZTNA. It’s in findings of a deep dive data analytics study led by Surfshark , a supplier of VPN services aimed at the consumer and SMB markets. Here are excerpts of our dialogue, edited for clarity and length: LW: Is it safe to assume demand for consumer VPNs has spiked, post Covid19?

VPN

VPN Data breaches Internet Internet

Global police shut down VPN service favored by cybercriminals

We Live Security

JUNE 30, 2021

The post Global police shut down VPN service favored by cybercriminals appeared first on WeLiveSecurity. A global operation takes down the infrastructure of DoubleVPN and seizes data about its customers.

VPN

VPN Cybercrime

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

But judging from the proliferation of help-wanted ads for offensive pentesters in the cybercrime underground, today’s attackers have exactly zero trouble gaining that initial intrusion: The real challenge seems to be hiring enough people to help everyone profit from the access already gained. THE DOCTOR IS IN. ” WHO IS DR. SAMUIL?

Cybercrime

Cybercrime VPN Malware Ransomware

Cybercrime underground flooded with offers for initial access to shipping and logistics orgs

Security Affairs

NOVEMBER 3, 2021

Experts warn of the availability in the cybercrime underground of offers for initial access to networks of players in global supply chains. The post Cybercrime underground flooded with offers for initial access to shipping and logistics orgs appeared first on Security Affairs. Pierluigi Paganini.

Cybercrime

Cybercrime VPN Ransomware Hacking

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

Consider extra security layers : Use additional protection like a VPN for safer online activity. Authorities from the Netherlands, the United States, Belgium, Portugal, the United Kingdom and Australia took part in the operation. The following authorities participated in the Operation Magnus.

Identity Theft

Identity Theft Passwords Malware Banking

Russian Hacker “Wazawaka” Indicted for Ransomware

Krebs on Security

MAY 16, 2023

In a January 2021 discussion on a top Russian cybercrime forum, Matveev’s alleged alter ego Wazawaka said he had no plans to leave the protection of “Mother Russia,” and that traveling abroad was not an option for him. “Mother Russia will help you,” Wazawaka concluded. 17, 1992). .” 17, 1992).

Ransomware

Ransomware Cybercrime VPN Healthcare

UNC2447 cybercrime gang exploited SonicWall Zero-Day before it was fixed

Security Affairs

APRIL 30, 2021

UNC2447 cybercrime gang exploited a zero-day in the Secure Mobile Access (SMA), addressed by SonicWall earlier this year, before the vendor released a fix. The post UNC2447 cybercrime gang exploited SonicWall Zero-Day before it was fixed appeared first on Security Affairs. ” reads the analysis published by FireEye. .”

Cybercrime

Cybercrime Ransomware Malware Mobile

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

Security Affairs

OCTOBER 3, 2023

Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023. The malware is also able to steal data from messaging apps and VPN clients. ” continues the report.

Advertising

Advertising Cybercrime Malware Cryptocurrency

New ‘Karakurt’ cybercrime gang focuses on data theft and extortion

Security Affairs

DECEMBER 11, 2021

Accenture researchers detailed the activity of a new sophisticated cybercrime group, called Karakurt, behind recent cyberattacks. The analysis of the attack chain associated with this threat actor revealed that it primarily leverages VPN credentials to gain initial access to the target’s network. group and karakurt[.]tech,

Cybercrime

Cybercrime VPN Ransomware Hacking

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

JULY 29, 2022

But some of them — like 911 — build their networks in part by offering “free VPN” or “free proxy” services that are powered by software which turns the user’s PC into a traffic relay for other users. We are reviewing every existing user, to ensure their usage is legit and [in] compliance with our Terms of Service.”

Cybercrime

Cybercrime Software VPN Backups

Wazawaka Goes Waka Waka

Krebs on Security

FEBRUARY 14, 2022

In January, KrebsOnSecurity examined clues left behind by “ Wazawaka ,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. 26, 2020, a new user named Biba99 registered on the English language cybercrime forum RaidForums. This post is an attempt to remedy that.

Ransomware

Ransomware VPN Cybercrime Accountability

Protect yourself and your business on public Wi-Fi

Tech Republic Security

DECEMBER 6, 2022

At 75% off, this affordable VPN service is more affordable than ever and capable of defending your business from cybercrime while browsing the internet. The post Protect yourself and your business on public Wi-Fi appeared first on TechRepublic.

VPN

VPN Cybercrime Internet Internet

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Proxy services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they make it difficult to trace malicious traffic to its original source. co and a VPN provider called HideIPVPN[.]com. com , segate[.]org

Malware

Malware VPN Internet Internet

A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls

Security Affairs

JANUARY 14, 2025

The campaign likely began in November 2024, the campaign unfolded in four phases: vulnerability scanning (Nov 1623, 2024), reconnaissance (Nov 2227), SSL VPN setup (Dec 47), and lateral movement (Dec 1627). In the next phase (starting Dec 4, 2024), attackers targeted SSL VPN access by creating super admin accounts or hijacking existing ones.

Firewall

Firewall VPN Accountability Firmware

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency

Cryptocurrency Hacking Phishing Cyber Attacks

TrickBot indictment reveals the scale and complexity of organized cybercrime

Malwarebytes

JUNE 8, 2021

A Latvian woman has been charged for their alleged role in a transnational cybercrime organisation. As touched on above, the group hired experts in a variety of cybercrime fields. Multiple VPN services made use of around the world are the final anonymous splashes of icing on a very large cake. What happened this week, you ask?

Cybercrime

Cybercrime Malware Banking Phishing

Russian-based DoubleVPN seized by law enforcement

Security Affairs

JUNE 30, 2021

Law enforcement has seized the servers of DoubleVPN (doublevpn.com), a Russian-based VPN service that provides double-encryption service widely used by threat actors to anonymize their operation while performing malicious activities. The VPN service was offered for a starting price of €22 ($25). . Pierluigi Paganini.

VPN

VPN Cybercrime Encryption Advertising

Who’s Behind the GandCrab Ransomware?

Krebs on Security

JULY 8, 2019

“In one year, people who worked with us have earned over US $2 billion,” read the farewell post by the eponymous GandCrab identity on the cybercrime forum Exploit[.]in That email address and nickname had been used since 2009 to register multiple identities on more than a half dozen cybercrime forums. Vpn-service[.]us

Ransomware

Ransomware Accountability Cybercrime Passwords

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. Experts noticed that in this supply chain attack, UNC2465 did not deliver the Darkside ransomware as the final payload, but they not exclude that the cybercrime group could move to a new RaaS operation.

Cybercrime

Cybercrime Ransomware Software Antivirus

Security Affairs newsletter Round 499 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime

Cybercrime Artificial Intelligence Hacking VPN

Zyxel 0day Affects its Firewall Products, Too

Krebs on Security

FEBRUARY 26, 2020

This week’s story on the Zyxel patch was prompted by the discovery that exploit code for attacking the flaw was being sold in the cybercrime underground for $20,000. ” The updated security advisory from Zyxel states the exploit works against its UTM, ATP, and VPN firewalls running firmware version ZLD V4.35

Firewall

Firewall Firmware VPN IoT

It’s Easy to Become a Cyberattack Target, but a VPN Can Help

Threatpost

APRIL 22, 2021

You might think that cybercrime is more prevalent in less digitally literate countries. However, NordVPN's Cyber Risk Index puts North American and Northern European countries at the top of the target list.

VPN

VPN Cyber Risk Cybercrime Risk

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group published configuration files and VPN passwords for over 15,000 Fortinet FortiGate appliances. “The data includes: IPs.

VPN

VPN Passwords Firewall Firmware

Are your visuals making businesses more vulnerable to cybercrime?

The State of Security

JULY 18, 2022

The post Are your visuals making businesses more vulnerable to cybercrime? Social media marketing, for instance, was once deemed an easy way for companies to reach additional eyes but today, marketing is a lot more competitive than simply creating a post and hoping it […]… Read More. appeared first on The State of Security.

Cybercrime

Cybercrime Marketing Media VPN

US, European Law Enforcement Shut Down Cybercrime-Friendly VPN Services

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Trending Sources

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Is Your Computer Part of ‘The Largest Botnet Ever?’

Dark Web: Many cybercrime services sell for less than $500

Bulletproof VPN services took down in a global police operation

Honest And Unbiased CyberGhost VPN Review

Why developed countries are more vulnerable to cybercrime

Europol Shuts Down VPNLab, Cybercriminals' Favourite VPN Service

Free VPN apps on Google Play turned Android phones into proxies

Member of cybercrime group Karakurt charged in the US

15 billion credentials available in the cybercrime marketplaces

The ‘Groove’ Ransomware Gang Was a Hoax

Treasury Sanctions Creators of 911 S5 Proxy Botnet

Fox Kitten Campaign – Iranian hackers exploit 1-day VPN flaws in attacks

Feds Charge Five Men in ‘Scattered Spider’ Roundup

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Zxyel Flaw Powers New Mirai IoT Botnet Strain

FBI: Compromised US academic credentials available on various cybercrime forums

Voice Phishers Targeting Corporate VPNs

Q&A: Here’s why VPNs are likely to remain a valuable DIY security tool for consumers, SMBs

Global police shut down VPN service favored by cybercriminals

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Cybercrime underground flooded with offers for initial access to shipping and logistics orgs

International law enforcement operation dismantled RedLine and Meta infostealers

Russian Hacker “Wazawaka” Indicted for Ransomware

UNC2447 cybercrime gang exploited SonicWall Zero-Day before it was fixed

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

New ‘Karakurt’ cybercrime gang focuses on data theft and extortion

911 Proxy Service Implodes After Disclosing Breach

Wazawaka Goes Waka Waka

Protect yourself and your business on public Wi-Fi

Who and What is Behind the Malware Proxy Service SocksEscort?

A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

TrickBot indictment reveals the scale and complexity of organized cybercrime

Russian-based DoubleVPN seized by law enforcement

Who’s Behind the GandCrab Ransomware?

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Security Affairs newsletter Round 499 by Pierluigi Paganini – INTERNATIONAL EDITION

Zyxel 0day Affects its Firewall Products, Too

It’s Easy to Become a Cyberattack Target, but a VPN Can Help

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Are your visuals making businesses more vulnerable to cybercrime?

Stay Connected