Krebs on Security

JUNE 28, 2022

On December 7, 2021, Google announced it was suing two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. PPI programs) to generate new installations of their malware.” ru , and the website web-site[.]ru

Passwords 321

Passwords Malware Internet Internet 321

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime 283

Cybercrime Banking Computers and Electronics DDOS 283

Security Affairs

MAY 24, 2025

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. The malware spreads via malspam campaigns, it inserts replies in active email threads. Gallyamov began developing Qakbot in 2008, building a team that expanded its capabilities over the time. and abroad.

Cybercrime 55

Cybercrime Cryptocurrency Ransomware Malware 55

SecureWorld News

AUGUST 29, 2023

The significance of this achievement cannot be overstated, as Qakbot has been responsible for a myriad of cybercrimes, including ransomware attacks and financial fraud, causing massive losses to individuals and businesses for more than a decade. What is Qakbot and why was it shutdown?

Cybercrime 113

Cybercrime Malware Ransomware Manufacturing 113

Security Affairs

JANUARY 18, 2022

Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem.

VPN 109

VPN Cybercrime Ransomware Advertising 109

Security Affairs

DECEMBER 18, 2023

Experts warn of a new phishing campaign distributing the QakBot malware, months after law enforcement dismantled its infrastructure. Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. ” concludes Microsoft.

Malware 132

Malware Phishing Ransomware Hacking 132

Heimadal Security

MAY 10, 2021

The small organization has been led by four East European nationals that pleaded guilty to conspiring to cyber-crime activities and “engage in a Racketeer Influenced Corrupt Organization (RICO) arising from their providing ‘bulletproof hosting’ services between 2008 and 2015”.

Malware 98

Malware Cybercrime Cybersecurity 98

Security Affairs

JULY 13, 2022

Experts warn that operators behind the Qakbot malware operation are improving their attack chain in an attempt to avoid detection. Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. SecurityAffairs – hacking, malware). Pierluigi Paganini.

Malware 137

Malware Hacking Cybercrime Information Security 137

CyberSecurity Insiders

AUGUST 23, 2022

Natural Gas supply hasn’t been hit by the malware, however, some systems on the administration side were reportedly disrupted. FBI issued a statement in May this year that Ragnar Locker was responsible for the disruption of systems across 53 organizations in the past two years, including 35 from the critical sector of the United States.

Ransomware 124

Ransomware Phishing Architecture Cybercrime 124

Security Affairs

OCTOBER 7, 2023

Threat actors behind the QakBot malware are still active, since August they are carrying out a phishing campaign delivering Ransom Knight ransomware and Remcos RAT. Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. Duck Hunt is one of the largest U.S. .

Malware 134

Malware Ransomware Phishing Hacking 134

Security Affairs

JUNE 7, 2022

The QBot malware operation has partnered with Black Basta ransomware group to target organizations worldwide. Researchers from NCC Group spotted a new partnership in the threat landscape between the Black Basta ransomware group and the QBot malware operation.

Ransomware 145

Ransomware Backups Malware Firewall 145

Security Affairs

DECEMBER 1, 2023

Some of the victims’ ransom payments were sent by both Conti and Black Basta groups to gang behind the Qakbot malware. Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. The malware spreads via malspam campaigns, it inserts replies in active email threads.

Ransomware 124

Ransomware Malware Retail Insurance 124

Malwarebytes

SEPTEMBER 20, 2021

Shortly after the FBI began seeking Eoin’s extradition in 2013, malware—later identified as EgotisticalGiraffe —was discovered on a number of Freedom Hosting sites. The malware exploited a bug in the Tor browser that revealed the IP addresses of visitors, defeating Tor’s anonymity protection, and allowing them to be located.

Malware 139

Malware Software Cybercrime 139

Security Affairs

NOVEMBER 29, 2020

A cyberattack crippled the IT infrastructure of the City of Saint John Hundreds of female sports stars and celebrities have their naked photos and videos leaked online Romanians arrested for running underground malware services Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs Computer Security and Data Privacy, the perfect alliance (..)

Data breaches 106

Data breaches Social Engineering Ransomware Malware 106

Security Affairs

AUGUST 30, 2023

’ Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. The malware spreads via malspam campaigns, it inserts replies in active email threads. The Duck Hunt operation involved law enforcement agencies from the U.S., and abroad.

Malware 98

Malware Manufacturing Data breaches Cyber threats 98

Security Affairs

APRIL 17, 2023

Kaspersky researchers warn of a new QBot campaign leveraging hijacked business emails to deliver malware. In early April, Kaspersky experts observed a surge in attacks that QBot malware attacks (aka Qakbot , QuackBot, and Pinkslipbot ). Its modular structure allows operators to implement new features to extend their capabilities.

Malware 98

Malware Education Banking Media 98

SecureList

JUNE 2, 2022

LuoYu is a lesser-known threat actor that has been active since 2008. In their initial disclosures on this threat actor, TeamT5 identified three malware families: SpyDealer, Demsty and WinDealer. Leaving the mystery of the delivery method aside for now, let’s look at the capabilities of the malware itself.

Malware 137

Malware Encryption Social Engineering Telecommunications 137

Security Affairs

JULY 1, 2023

In June 2023, the malware analyst rivitna published a sample of the ransomware that is compiled for Linux. Files are encrypted by Chacha 2008 ( D. Cybersecurity firm Avast released a free decryptor for the Akira ransomware that can allow victims to recover their data without paying the ransom. Bernstein’s implementation ).”

Ransomware 98

Ransomware Encryption Malware Hacking 98

Malwarebytes

JANUARY 19, 2022

VPNLab had been around since 2008 and had built its service around the OpenVPN technology, used strong encryption, and provided double VPN, with servers located in many different countries. “Our service is designed for a broad spectrum of clients who care about their personal security. The impact.

VPN 88

VPN Encryption Cybercrime Technology 88

Security Boulevard

JANUARY 24, 2022

Sample portfolio of pay per install rogue fraudulent and malicious affiliate network domains known to have been in operation in 2008 include: vipsoftcash[.]com. Related pay per install rogue fraudulent and malicious domains known to have been used back in 2008 for various rogue fraudulent and malicious purposes include: drawn-cash[.]com.

Adware 105

Adware Software Accountability Cybercrime 105

Security Affairs

JULY 11, 2019

The second one, tracked as CVE-2019.0880, affects Windows 7 and Server 2008. In April 2015, ESET discovered a malware campaign dubbed Operation Buhtrap , a conjunction of the Russian word for accountant “Buhgalter” and the English word “trap”. The issue resides in the way splwow64 (Thunking Spooler APIs) handles certain calls.

Government 108

Government Advertising Passwords Banking 108

Security Affairs

FEBRUARY 17, 2022

Experts pointed out that despite having the same name, this botnet should not be confused with the Kraken botnet that was spotted in 2008. Kraken is a new Golang-based botnet discovered in late October 2021 by researchers from threat intelligence firm ZeroFox Intelligence.

VPN 100

VPN Cryptocurrency Hacking Cybercrime 100

Digital Shadows

OCTOBER 29, 2024

Whether they’re nation-state actors, cybercrime groups, or hacktivists, understanding who these groups are and how they operate is the first step in fortifying your cybersecurity posture. They have also been linked to ransomware deployments, including Endurance ransomware, which acts as wiper malware, corrupting and deleting files.

Ransomware 88

Ransomware Encryption Technology Cybercrime 88

SecureList

DECEMBER 2, 2022

We have been doing so since 2008, benefiting from Kaspersky’s decades of cyberthreat data management, and unrivaled technologies. As an example, one of our active research heuristics might identify previously unknown malware being tentatively executed on a customer system. But why are we offering cyber threat intelligence at all?

Cyber threats 131

Cyber threats DNS Data collection Technology 131

SiteLock

AUGUST 27, 2021

Cybercrime is a big business and cybercriminals are actively looking to cash in, no matter the website’s size or purpose. Cyberattacks are usually caused by malware , which is software created for malicious purposes. Malware can: Slow or crash your website. Steal data or traffic. Q: Who is SiteLock? Q: What is website security?

Malware 52

Malware Backups Engineering Small Business 52

Krebs on Security

DECEMBER 16, 2019

Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “ Evil Corp ” and stole roughly $100 million from businesses and consumers. HITCHED TO A MULE.

Cybercrime 288

Cybercrime Banking Small Business Accountability 288

Digital Shadows

OCTOBER 29, 2024

Whether they’re nation-state actors, cybercrime groups, or hacktivists, understanding who these groups are and how they operate is the first step in fortifying your cybersecurity posture. They have also been linked to ransomware deployments, including Endurance ransomware, which acts as wiper malware, corrupting and deleting files.

Ransomware 52

Ransomware Encryption Technology Cybercrime 52

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?

Malware 283

Malware Antivirus Cybercrime Hacking 283

SecureList

OCTOBER 6, 2022

During the pandemic, lockdowns forced people to stay at home and do their shopping online, which was mirrored in point-of-sale (PoS) and ATM malware activity, as certain regions saw malicious transactions drop significantly. Perpetrators continue to spread already-existing, widely used malware to attack PoS terminals and ATMs.

Malware 143

Malware Banking Software Cybercrime 143

Krebs on Security

JANUARY 11, 2022

This post examines some of the clues left behind by “ Wazawaka ,” the hacker handle chosen by a major access broker in the Russian-speaking cybercrime scene. Wazawaka has been a highly active member of multiple cybercrime forums over the past decade, but his favorite is the Russian-language community Exploit.

DDOS 335

DDOS Accountability Cybercrime Ransomware 335

eSecurity Planet

OCTOBER 21, 2022

Anyone who has used a computer for any significant length of time has probably at least heard of malware. Malware has been present in the digital space since the 1980s, with early prank malware like the Morris Worm or the (c)Brain. However, malware is not quite as amusing in a modern context. How Does Malware Work?

Malware 75

Malware Adware Spyware Antivirus 75

Krebs on Security

JANUARY 14, 2022

million), 500,000 euros, and 20 “premium cars” purchased with funds obtained from cybercrime. Russia also has been suspected of releasing NotPetya , a large-scale cyberattack initially aimed at Ukrainian businesses that ended up creating an extremely disruptive and expensive global malware outbreak. ”

Ransomware 356

Ransomware Government Media Cybercrime 356

ForAllSecure

APRIL 21, 2023

The 1980s also saw the emergence of computer viruses and malware as a significant threat to computer security. One of the most famous malware of this era was the Morris worm , which was created by a graduate student named Robert Tappan Morris Jr. The 1990s also saw the emergence of a new type of hacker: the "script kiddie".

Hacking 75

Hacking Cybersecurity Internet Internet 75

NopSec

DECEMBER 7, 2016

Remember Shamoon, the malware that disabled some 35,000 computers at one of the world’s largest oil companies in 2012? When the malware hit Saudi Aramco four years ago, it propelled the company into a technological dark age, forcing the company to rely on typewriters and faxes while it recovered.

Cyber threats 40

Cyber threats Ransomware Cyber Attacks Manufacturing 40

ForAllSecure

JULY 6, 2022

Mikko Hypponen joins The Hacker Mind to discuss cybercrime unicorns, the fog of cyber war that surrounds the Ukrainian war with its much larger neighbor, and of course Mikko’s new book, If it’s Smart, it’s Vulnerable. Like in 2008, when I presented with Chris Boyd from the UK, on the rise of teenage hackers.

Cybercrime 40

Cybercrime Government Ransomware Hacking 40

Krebs on Security

NOVEMBER 18, 2019

But according to denizens of several Russian-language cybercrime forums that have been following his case in the Israeli news media, Burkov was by all accounts an elite cybercrook who primarily operated under the hacker alias “ K0pa.” A screen shot from the Mazafaka cybercrime forum, circa 2011.

Cybercrime 268

Cybercrime Government Hacking Banking 268