Remove 2008 Remove Cybercrime Remove Hacking
article thumbnail

Leader of Qakbot cybercrime network indicted in U.S. crackdown

Security Affairs

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. Gallyamov began developing Qakbot in 2008, building a team that expanded its capabilities over the time. The malware spreads via malspam campaigns, it inserts replies in active email threads.

article thumbnail

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. Launched in 2001 under the tagline “Network terrorism,” Mazafaka would evolve into one of the most guarded Russian-language cybercrime communities. Some of those photos date back to 2008. One representation of the leaked Mazafaka database.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Krebs on Security

District Court for the Southern District of California allege Firsov was the administrator of deer.io, an online platform that hosted more than 24,000 shops for selling stolen and/or hacked usernames and passwords for a variety of top online destinations. ru , a cybercrime forum in its own right that called itself “ The Antichat Mafia.”

article thumbnail

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

According to cyber intelligence firm Intel 471 , that dark_cl0ud6@hotmail.com address has been used in conjunction with the handle “ DCReavers2 ” to register user accounts on a half-dozen English-language cybercrime forums since 2008, including Hackforums , Blackhatworld, and Ghostmarket.

article thumbnail

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years

Krebs on Security

A 26-year-old Finnish man was sentenced to more than six years in prison today after being convicted of hacking into an online psychotherapy clinic, leaking tens of thousands of patient therapy records, and attempting to extort the clinic and patients. After being charged with the attack in October 2022, Kivimäki fled the country.

DDOS 317
article thumbnail

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Krebs on Security

” These last two nicknames correspond to accounts on several top cybercrime forums way back in 2013, where a user named “Yaroslav2468” registered using the email address yarik45@gmail.com. Prosecutors say Vasinskyi also used the monikers “ Yarik45 ,” and “ Yaroslav2468.” 3 was Lublin, Poland.

article thumbnail

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

One of Megatraffer’s ads on an English-language cybercrime forum. Megatraffer has continued to offer their code-signing services across more than a half-dozen other Russian-language cybercrime forums, mostly in the form of sporadically available EV and non-EV code-signing certificates from major vendors like Thawte and Comodo.

Malware 314