DNS, Software and Web Fraud - Cyber Security Informer

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Krebs on Security

SEPTEMBER 18, 2024

According to DomainTools.com , the organization that registered this domain is called “ apkdownloadweb ,” is based in Rajshahi, Bangladesh, and uses the DNS servers of a Web hosting company in Bangladesh called webhostbd[.]net. net for DNS. net DNS servers). xyz and onlinestreaming[.]xyz. Livestreamnow[.]xyz

Scams

Scams DNS Internet Internet

15-Year-Old Malware Proxy Network VIP72 Goes Dark

Krebs on Security

SEPTEMBER 1, 2021

Like other anonymity networks marketed largely on cybercrime forums online, VIP72 routes its customers’ traffic through computers that have been hacked and seeded with malicious software. Corpse/Revive also long operated an extremely popular service called check2ip[.]com

Malware

Malware Cybercrime Internet Internet

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

911 says its network is made up entirely of users who voluntarily install its “free VPN” software. re network uses at least two free VPN services to lure its users to install a malware-like software that achieves persistence on the user’s computer,” the researchers wrote. “The 911[.]re

VPN

VPN Computers and Electronics Antivirus Software

No SOCKS, No Shoes, No Malware Proxy Services!

Krebs on Security

AUGUST 2, 2022

.” According to Spur.us , a startup that tracks proxy services, SocksEscort is a malware-based proxy offering, which means the machines doing the proxying of traffic for SocksEscort customers have been infected with malicious software that turns them into a traffic relay. The disruption at 911[.]re SocksEscort[.]com

Malware

Malware Cybercrime Internet Internet

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

A cybercrook who has been setting up websites that mimic the self-destructing message service privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. A review of the passive DNS records tied to this address shows that apart from subdomains dedicated to tornote[.]io,

Phishing

Phishing Cryptocurrency DDOS Internet

Phishers are Angling for Your Cloud Providers

Krebs on Security

AUGUST 30, 2019

Netskope’s Ashwin Vamshi said users of cloud CRM platforms have a high level of trust in the software because they view the data and associated links as internal, even though they are hosted in the cloud.

Phishing

Phishing Marketing Accountability DNS

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

NOVEMBER 21, 2020

“This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. Actively scan and monitor web applications for unauthorized access, modification, and anomalous activities. Verify web links do not have misspellings or contain the wrong domain.

Cryptocurrency

Cryptocurrency VPN Scams Social Engineering

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

The hackers were able to change the Domain Name System (DNS) records for the transaction brokering site escrow.com so that it pointed to an address in Malaysia that was host to just a few other domains, including the then brand-new phishing domain servicenow-godaddy[.]com. The key works without the need for any special software drivers.

Hacking

Hacking Social Engineering Phishing Scams

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. The registration records for the website Cryptor[.]biz ” Crypt[.]guru’s

Malware

Malware Antivirus Cybercrime Hacking

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

FEBRUARY 24, 2023

According to cyber intelligence firm Intel 471 , the user BHProxies also used the handle “ hassan_isabad_subar ” and marketed various software tools, including “Subar’s free email creator” and “Subar’s free proxy scraper.” 5, 2014 , but historic DNS records show BHproxies[.]com

Accountability

Accountability Advertising Marketing Malware

Who’s In Your Online Shopping Cart?

Krebs on Security

NOVEMBER 4, 2018

Although the malcode implanted on these sites is not designed to foist malicious software on visitors, please be aware that this could change at a moment’s notice. Before going further, I should note that this post includes references to domains that are either compromised or actively stealing user data.

Antivirus

Antivirus Hacking Internet Internet

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

ru , which periodically published hacking tools and exploits for software vulnerabilities. Passive domain name system (DNS) records show that in its early days BriansClub shared a server in Lithuania along with just a handful of other domains, including secure.pinpays[.]com

Cryptocurrency

Cryptocurrency Cybercrime Retail Government

Cyber Security Informer

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

15-Year-Old Malware Proxy Network VIP72 Goes Dark

Trending Sources

A Deep Dive Into the Residential Proxy Service ‘911’

No SOCKS, No Shoes, No Malware Proxy Services!

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Phishers are Angling for Your Cloud Providers

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

When Low-Tech Hacks Cause High-Impact Breaches

Why Malware Crypting Services Deserve More Scrutiny

Who’s Behind the Botnet-Based Service BHProxies?

Who’s In Your Online Shopping Cart?

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Stay Connected