Remove 2010 Remove Cybercrime Remove Hacking Remove Malware
article thumbnail

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?

Malware 217
article thumbnail

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking 191
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. One of Megatraffer’s ads on an English-language cybercrime forum. WHO IS MEGATRAFFER? At least my laptop is sure of it.”

Malware 239
article thumbnail

No SOCKS, No Shoes, No Malware Proxy Services!

Krebs on Security

With the recent demise of several popular “proxy” services that let cybercriminals route their malicious traffic through hacked PCs, there is now something of a supply chain crisis gripping the underbelly of the Internet. com , a malware-based proxy network that has been in existence since at least 2010.

Malware 253
article thumbnail

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. MrMurza’s Faceless advertised on the Russian-language cybercrime forum ProCrd. Image: spur.us.

Malware 231
article thumbnail

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

Denis Emelyantsev , a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. A copy of the passport for Denis Emelyantsev, a.k.a.

article thumbnail

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a