2019, Cybercrime, Hacking and System Administration

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years.

Cybercrime

Cybercrime Banking Malware Ransomware

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. The RUSdot mailer, the email spamming tool made and sold by the administrator of RSOCKS.

Advertising

Advertising Cybercrime System Administration Hacking

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Security Affairs

OCTOBER 3, 2023

Our investigation revealed that this remote endpoint is associated with criminal activities dating back to 2019, indicating that these hosts were likely under the control of the same technical administration. For instance: In September 2019, Cybereason found this hostname in old LockBit 2.0

Scams

Scams Ransomware System Administration Malware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Caketap, a new Unix rootkit used to siphon ATM banking data

Security Affairs

MARCH 18, 2022

Mandiant researchers discovered a new Unix rootkit named Caketap, which is used to steal ATM banking data, while investigating the activity of the LightBasin cybercrime group (aka UNC1945 ). The China-linked hacking group has been active since at least 2016, according to the CrowdStrike researchers it is using a very sophisticated toolset.

Banking

Banking Telecommunications System Administration Hacking

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

GandCrab dissolved in July 2019, and is thought to have become “ REvil ,” one of the most ruthless and rapacious Russian ransomware groups of all time. “The command requires Windows system administrators,” Truniger’s ads explained. “Experience in backup, increase privileges, mikicatz, network.

Ransomware

Ransomware Accountability Cybercrime Backups

A member of the FIN7 group was sentenced to 10 years in prison

Security Affairs

APRIL 18, 2021

The Ukrainian national Fedir Hladyr (35), aka “das” or “AronaXus,” was sentenced to 10 years in prison for having served as a manager and systems administrator for the financially motivated group FIN7 , aka Carbanak. SecurityAffairs – hacking, FIN7). ” reads the press release published by DoJ. ” concludes DoJ.

System Administration

System Administration Penetration Testing Malware Banking

FIN7 sysadmin behind “billions in damage” gets 10 years

Malwarebytes

APRIL 20, 2021

In 2018 three high-ranking members of a sophisticated international cybercrime group operating out of Eastern Europe were arrested and taken into custody by US authorities. Ukrainian nationals Dmytro Fedorov, Fedir Hladyr, and Andrii Kolpakov, were members of a prolific hacking group widely known as FIN7. The conviction.

System Administration

System Administration Banking Malware Penetration Testing

The Hacker Mind Podcast: Ethical Hacking

ForAllSecure

MAY 26, 2022

Is hacking a crime? Bryan McAninch (Aph3x) talks about his organization, Hacking Is Not A Crime , and the ethical line it draws on various hacking activities. I used to hack the phone company quite a bit. I was like living in our systems for years and I want to get in some trouble for that.

Hacking

Hacking Technology InfoSec Media

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Shah provides her expertise in hacking, software development, and kernel development and advocates for open source initiatives. lazydocker : A simple terminal UI for both docker and docker-compose : [link] pic.twitter.com/HsK17rzg8m — Binni Shah (@binitamshah) July 1, 2019. — Jason Haddix (@Jhaddix) July 27, 2019.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Dissecting the malicious arsenal of the Makop ransomware gang

Security Affairs

MARCH 14, 2023

In particular, recent investigations were able to identify four of them: the ARestore escalation tool, the backdoor, and other publicly available toolkits such as Advanced_Port_Scanner and a particular popular Chinese hack tool. The Makop criminals were recently using version 2.5.3869 of the tool, which dates back to 2019.

Ransomware

Ransomware Software System Administration Encryption

Canadian Police Raid ‘Orcus RAT’ Author

Krebs on Security

APRIL 2, 2019

31, 2019, Rezvesz said his company recently was the subject of an international search warrant executed jointly by the Royal Canadian Mounted Police (RCMP) and the Canadian Radio-television and Telecommunications Commission (CRTC). In an “official press release” posted to pastebin.com on Mar.

Advertising

Advertising Malware Marketing Software

FireEye experts found source code for CARBANAK malware on VirusTotal?

Security Affairs

APRIL 23, 2019

CARBANAK cybercrime gang was first uncovered in 2014 by Kaspersky Lab that dated its activity back to 2013 when the group leveraged the Anunak malware in targeted attacks on financial institutions and ATM networks. MB) [link] — Nick Carr (@ItsReallyNick) April 22, 2019. kb3r1p.rar 879 files (15.03

Malware

Malware Penetration Testing Banking System Administration

FireEye experts found source code for CARBANAK malware on VirusTotal?

Security Affairs

APRIL 23, 2019

CARBANAK cybercrime gang was first uncovered in 2014 by Kaspersky Lab that dated its activity back to 2013 when the group leveraged the Anunak malware in targeted attacks on financial institutions and ATM networks. MB) [link] — Nick Carr (@ItsReallyNick) April 22, 2019. kb3r1p.rar 879 files (15.03

Malware

Malware Penetration Testing Banking System Administration

IT threat evolution Q2 2021

SecureList

AUGUST 12, 2021

This tool was used as part of an ongoing campaign that we named “ TunnelSnake “ The rootkit was detected on the targeted machines as early as November 2019; and another tool we found, showing significant code overlaps with the rootkit, suggests that the developers had been active since at least 2018. Black Kingdom ransomware.

Ransomware

Ransomware Malware Banking Encryption

Updates from the MaaS: new threats delivered through NullMixer

Security Affairs

MARCH 27, 2023

The Originating Malvertising Campaign According to CTI investigation on the adversary infrastructure, we were able to identify an ongoing campaign luring system administrators to install the malicious code into their machines. He is a former member of the ANeSeC CTF team, one of the firsts Italian cyber wargame teams born back in 2011.

Malware

Malware Social Engineering Encryption Marketing

Cyber Security Informer

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

Meet the Administrators of the RSOCKS Proxy Botnet

Webinars

Trending Sources

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Webinars

Caketap, a new Unix rootkit used to siphon ATM banking data

A Closer Look at the Snatch Data Ransom Group

A member of the FIN7 group was sentenced to 10 years in prison

FIN7 sysadmin behind “billions in damage” gets 10 years

The Hacker Mind Podcast: Ethical Hacking

Top Cybersecurity Accounts to Follow on Twitter

Dissecting the malicious arsenal of the Makop ransomware gang

Canadian Police Raid ‘Orcus RAT’ Author

FireEye experts found source code for CARBANAK malware on VirusTotal?

FireEye experts found source code for CARBANAK malware on VirusTotal?

IT threat evolution Q2 2021

Updates from the MaaS: new threats delivered through NullMixer

Stay Connected