2011, Cybercrime, Hacking and Malware - Cyber Security Informer

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

FEBRUARY 7, 2024

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. Launched in 2001 under the tagline “Network terrorism,” Mazafaka would evolve into one of the most guarded Russian-language cybercrime communities. Mark Rasch , a former cybercrime prosecutor for the U.S. As well as the cost of my services.”

Cybercrime

Cybercrime Accountability Identity Theft Hacking

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?

Malware

Malware Antivirus Cybercrime Hacking

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. MrMurza’s Faceless advertised on the Russian-language cybercrime forum ProCrd. Image: spur.us.

Malware

Malware Passwords Accountability Advertising

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

The Link Between AWM Proxy & the Glupteba Botnet

Krebs on Security

JUNE 28, 2022

On December 7, 2021, Google announced it was suing two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. AWMproxy, the storefront for renting access to infected PCs, circa 2011.

Passwords

Passwords Malware Internet Internet

YTStealer info-stealing malware targets YouTube content creators

Security Affairs

JUNE 29, 2022

Researchers detailed a new information-stealing malware, dubbed YTStealer, that targets YouTube content creators. Intezer cybersecurity researchers have detailed a new information-stealing malware, dubbed YTStealer, that was developed to steal authentication cookies from YouTube content creators. solutions.

Malware

Malware Authentication Software Accountability

Google obtained a temporary court order against CryptBot distributors

Security Affairs

APRIL 28, 2023

to disrupt the operations of the CryptBot malware, which experts estimate infected approximately 670,000 computers this past year. Google targeted the distributors of the malware who are paid to spread and deliver the malicious code and infect a larger number of systems as possible. ” reads the announcement published by Google.

Malware

Malware Cybercrime Cryptocurrency Media

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. Forward outlook Ransomware is a dynamic and increasingly hybrid segment of cybercrime.

Ransomware

Ransomware Hacking Encryption Penetration Testing

US man sentenced to 4 years in prison for his role in Infraud scheme

Security Affairs

MAY 29, 2022

The transnational cybercrime ring was engaged in the mass acquisition and sale of fraud-related goods and services, including stolen identities, compromised credit card data, and computer malware. SecurityAffairs – hacking, cybercrime). Telusma pleaded guilty to one count of racketeering conspiracy on October 13, 2021.

Cybercrime

Cybercrime Hacking Malware Cybersecurity

Happy 10th Birthday, Security Affairs

Security Affairs

NOVEMBER 15, 2021

I launched Security Affairs for passion in 2011 and millions of readers walked with me. Over the past decade, I have recovered tens of thousand stories focusing mainly on cybercrime, information warfare, hacktivism and computer security. SecurityAffairs – hacking, Security Affairs). I have a lot of surprises for you.

Cybercrime

Cybercrime Hacking Cybersecurity Data breaches

Copycat Criminals mimicking Lockbit gang in northern Europe

Security Affairs

JANUARY 28, 2023

The recent Hive infrastructure takedown as well as other major gangs dissolution such as Conti in 2022, is making room in the cybercrime business The Lockbit locker leaked a few months ago in the underground, is increasing its popularity and adoption among micro-criminal actors.

Penetration Testing

Penetration Testing Ransomware Firewall Social Engineering

Silent Night Zeus botnet available for sale in underground forums

Security Affairs

MAY 23, 2020

The source code of the Zeus Trojan is available in the cybercrime underground since 2011 allowing crooks to develop their own release since. Experts found multiple variants in the wild, many of them belonging to the Terdot Zbot/Zloader malware family. The malware is able to infect all operating systems.

Banking

Banking Advertising Malware Cybercrime

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Security Affairs

OCTOBER 19, 2020

Alexander Vinnik allegedly headed the Bitcoin exchange BTC-e, he is charged with different hacking crimes in Russia, France, and the United States. The authorities reported that since 2011, 7 million Bitcoin went into the BTC-e exchange and 5.5 SecurityAffairs – hacking, cybercrime). million withdrawn. Pierluigi Paganini.

Advertising

Advertising Cybercrime Hacking Cryptocurrency

Google disrupts the Glupteba botnet

Security Affairs

DECEMBER 7, 2021

The blockchain-enabled botnet has been active since at least 2011, researchers estimate that the Glupteba botnet is currently composed of more than 1 million Windows PCs around the world. Botnet operators use to spread the malware via cracked or pirated software and pay-per-install (PPI) schemes. Pierluigi Paganini.

Backups

Backups Advertising Accountability Malware

The Origins and History of the Dark Web

Identity IQ

FEBRUARY 8, 2024

But the dark web is also associated with illegal activities including the trafficking of drugs, weapons, and illegal pornography, hacking and cybercrime, terrorism, and the sale of stolen data or personal information. From 2011 to 2013, the Silk Road hosted 1.2 million transactions between 957,079 users, totaling about $1.2

Identity Theft

Identity Theft Cryptocurrency Government Engineering

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, data breach) The post Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack appeared first on Security Affairs.

Education

Education Data breaches Ransomware Hacking

Glupteba botnet is back after Google disrupted it in December 2021

Security Affairs

DECEMBER 19, 2022

The blockchain-enabled botnet has been active since at least 2011, researchers estimated that the Glupteba botnet was composed of more than 1 million Windows PCs around the world as of December 2021. Botnet operators use to spread the malware via cracked or pirated software and pay-per-install (PPI) schemes. Pierluigi Paganini.

DNS

DNS Antivirus Cryptocurrency Software

US Treasury FinCEN linked $5.2 billion in BTC transactions to ransomware payments

Security Affairs

OCTOBER 16, 2021

FinCEN analyzed a data set composed of 2,184 SARs filed between 1 January 2011 and 30 June 2021 and identified 177 CVC (convertible virtual currency) wallets addresses that were used in ransomware operations associated with the above ransomware variants. SecurityAffairs – hacking, FinCEN). Pierluigi Paganini.

Ransomware

Ransomware Cryptocurrency Hacking Cybercrime

Russian Alexander Vinnik sentenced in Paris to five years in prison for money laundering

Security Affairs

DECEMBER 8, 2020

Alexander Vinnik allegedly headed the Bitcoin exchange BTC-e, he is charged with different hacking crimes in Russia, France, and the United States. The French court acquitted Vinnik of charges of extortion and association with a cybercrime organization. SecurityAffairs – hacking, Alexander Vinnik). million withdrawn.

Cryptocurrency

Cryptocurrency Hacking Ransomware Cybercrime

Breach Exposes Users of Microleaves Proxy Service

Krebs on Security

JULY 28, 2022

According to the cyber intelligence company Intel 471 , a user named Acidut with the email address iulyan87_4u@gmail.com had an active presence on almost a dozen shadowy money-making and cybercrime forums from 2010 to 2017, including BlackHatWorld , Carder[.]pro 1, 2021: 15-Year-Old Malware Proxy Network VIP72 Goes Dark.

Advertising

Advertising Software Computers and Electronics Internet

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Krebs on Security

DECEMBER 16, 2019

Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “ Evil Corp ” and stole roughly $100 million from businesses and consumers.

Cybercrime

Cybercrime Banking Small Business Accountability

Prilex: the pricey prickle credit card complex

SecureList

SEPTEMBER 28, 2022

Prilex is a Brazilian threat actor that has evolved out of ATM-focused malware into modular point-of-sale malware. Active since 2014, in 2016, the group decided to give up ATM malware and focus all of their attacks on PoS systems, targeting the core of the payment industry. Evolving into PoS malware.

Malware

Malware Banking Software Encryption

Security Affairs newsletter Round 178 – News of the week

Security Affairs

SEPTEMBER 2, 2018

Spyware

Spyware Banking Data breaches Mobile

Mariposa Botnet Author, Darkcode Crime Forum Admin Arrested in Germany

Krebs on Security

OCTOBER 1, 2019

A Slovenian man convicted of authoring the destructive and once-prolific Mariposa botnet and running the infamous Darkode cybercrime forum has been arrested in Germany on request from prosecutors in the United States, who’ve recently re-indicted him on related charges. issued international arrest warrant for his extradition.

Cybercrime

Cybercrime Malware Antivirus Banking

Ramnit is back and contributes in creating a massive proxy botnet, tracked as ‘Black’ botnet

Security Affairs

AUGUST 8, 2018

Ramnit is one of the most popular banking malware families in existence today, it was first spotted in 2010 as a worm, in 2011, its authors improved it starting from the leaked Zeus source code turning the malware into a banking Trojan. Malware actor publishes the address of the Bot-A in DNS (or using any other public channel).

Malware

Malware DNS Encryption Banking

Dissecting the malicious arsenal of the Makop ransomware gang

Security Affairs

MARCH 14, 2023

In particular, recent investigations were able to identify four of them: the ARestore escalation tool, the backdoor, and other publicly available toolkits such as Advanced_Port_Scanner and a particular popular Chinese hack tool. He is a former member of the ANeSeC CTF team, one of the firsts Italian cyber wargame teams born back in 2011.

Ransomware

Ransomware Software System Administration Encryption

Ten Years Later, New Clues in the Target Breach

Krebs on Security

DECEMBER 14, 2023

The malware used in the Target breach included the text string “ Rescator ,” which also was the handle chosen by the cybercriminal who was selling all of the cards stolen from Target customers. For starters, the text string “Rescator” was found in some of the malware used in the Target breach.

Cybercrime

Cybercrime Accountability Advertising Computers and Electronics

Meet the World’s Biggest ‘Bulletproof’ Hoster

Krebs on Security

JULY 16, 2019

For at least the past decade, a computer crook variously known as “ Yalishanda ,” “ Downlow ” and “ Stas_vl ” has run one of the most popular “bulletproof” Web hosting services catering to a vast array of phishing sites, cybercrime forums and malware download servers.

Cybercrime

Cybercrime Phishing Banking Malware

Updates from the MaaS: new threats delivered through NullMixer

Security Affairs

MARCH 27, 2023

A technical analysis of NullMixer malware operation revealed Italy and France are the favorite European countries from the attackers’ perspective. Executive Summary Our insights into a recent NullMixer malware operation revealed Italy and France are the favorite European countries from the opportunistic attackers’ perspective.

Malware

Malware Social Engineering Encryption Marketing

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Security Affairs

OCTOBER 3, 2023

On August 2023, the security researcher 0xToxin documented an infection chain leveraging AutoIT scripts to deliver the DarkGate malware, a particular stealer supporting also HVNC and HAnyDesk, and the C2 he decoded was using the same hostname too. This hostname connection is particularly heterogeneous, but it technically makes sense.

Scams

Scams Ransomware System Administration Malware

Happy birthday Security Affairs … 11 years together!

Security Affairs

NOVEMBER 15, 2022

I launched Security Affairs for passion in November 2011 and since then the blog was visited by tens of millions of readers. SecurityAffairs – hacking, cybersecurity). Happy BirthDay Security Affairs! Eleven years together! I wish you and your families all the best. Sincerely, Thank you! Pierluigi Paganini.

Cybersecurity

Cybersecurity Government Hacking Data breaches

Phishers turning hard-working: CERT-GIB records upsurge of phishing resource blockages as duration of attacks grows

Security Affairs

MAY 8, 2020

Malware delivery: what’s on the menu? H2 2019 has proved the tendency of past several years: mail remains the main method of delivering ransomware, spyware, backdoors and other malware, being used by cyber crooks in 94 percent of cases.

Phishing

Phishing Spyware Banking Malware

APT trends report Q1 2021

SecureList

APRIL 27, 2021

In our initial report on Sunburst , we examined the method used by the malware to communicate with its C2 (command-and-control) server and the protocol used to upgrade victims for further exploitation. This campaign made use of a previously unknown malware family we dubbed FourteenHi.

Malware

Malware Spyware Government Social Engineering

The History of Computer Viruses & Malware

eSecurity Planet

NOVEMBER 2, 2022

If you’ve used a computer for more than 5 minutes, you probably know a thing or two about computer viruses and malware. On the modern Internet, malware is a near-constant presence. Though often conflated with one another, malware and computer viruses aren’t necessarily the same thing. Looking to Protect Yourself Against Malware?

Malware

Malware Ransomware Antivirus Internet

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime

Cybercrime Computers and Electronics Banking Hacking

Former Russian Cybersecurity Chief Sentenced to 22 Years in Prison

Krebs on Security

FEBRUARY 26, 2019

Sergei Mikhailov , formerly deputy chief of Russia’s top anti-cybercrime unit, was sentenced today to 22 years in prison. In 2013, Vrublevsky was convicted of hiring his most-trusted spammer and malware writer to launch a crippling distributed denial-of-service (DDoS) attack against one of his company’s chief competitors.

Cybersecurity

Cybersecurity Cybercrime Media Antivirus

The FBI's Most Wanted Iranian Nation-State Hackers

SecureWorld News

NOVEMBER 4, 2021

What makes Iran's military hacking methods a significant threat? Their cyber methods include such things as malware insertions, such as MUD-ing, wiper attacks, like the Shamoon virus. In the digital world, bad actors are using social engineering methods to hack on behalf of the Iranian government, even threatening the 2020 U.S.

Social Engineering

Social Engineering Government DDOS Engineering

Russian Cybercrime Boss Burkov Gets 9 Years

Krebs on Security

JUNE 27, 2020

When Israeli authorities turned down requests to send him back to Russia — supposedly to face separate hacking charges there — the Russians then imprisoned Israeli citizen Naama Issachar on trumped-up drug charges in a bid to trade prisoners. Nevertheless, Burkov was extradited to the United States in November 2019. Aqua, a.k.a.

Cybercrime

Cybercrime Banking Government Accountability

Why Were the Russians So Set Against This Hacker Being Extradited?

Krebs on Security

NOVEMBER 18, 2019

When Israeli authorities turned down requests to send him back to Russia — supposedly to face separate hacking charges there — the Russians then imprisoned an Israeli woman for seven years on trumped-up drug charges in a bid to trade prisoners. A screen shot from the Mazafaka cybercrime forum, circa 2011.

Cybercrime

Cybercrime Government Hacking Banking

From Cybercrime Saul Goodman to the Russian GRU

Why Malware Crypting Services Deserve More Scrutiny

Webinars

Trending Sources

Giving a Face to the Malware Proxy Service ‘Faceless’

Webinars

The Link Between AWM Proxy & the Glupteba Botnet

YTStealer info-stealing malware targets YouTube content creators

Google obtained a temporary court order against CryptBot distributors

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

US man sentenced to 4 years in prison for his role in Infraud scheme

Happy 10th Birthday, Security Affairs

Copycat Criminals mimicking Lockbit gang in northern Europe

Silent Night Zeus botnet available for sale in underground forums

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Google disrupts the Glupteba botnet

The Origins and History of the Dark Web

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Glupteba botnet is back after Google disrupted it in December 2021

US Treasury FinCEN linked $5.2 billion in BTC transactions to ransomware payments

Russian Alexander Vinnik sentenced in Paris to five years in prison for money laundering

Breach Exposes Users of Microleaves Proxy Service

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Prilex: the pricey prickle credit card complex

Security Affairs newsletter Round 178 – News of the week

Mariposa Botnet Author, Darkcode Crime Forum Admin Arrested in Germany

Ramnit is back and contributes in creating a massive proxy botnet, tracked as ‘Black’ botnet

Dissecting the malicious arsenal of the Makop ransomware gang

Ten Years Later, New Clues in the Target Breach

Meet the World’s Biggest ‘Bulletproof’ Hoster

Updates from the MaaS: new threats delivered through NullMixer

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Happy birthday Security Affairs … 11 years together!

Phishers turning hard-working: CERT-GIB records upsurge of phishing resource blockages as duration of attacks grows

APT trends report Q1 2021

The History of Computer Viruses & Malware

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Former Russian Cybersecurity Chief Sentenced to 22 Years in Prison

The FBI's Most Wanted Iranian Nation-State Hackers

Russian Cybercrime Boss Burkov Gets 9 Years

Why Were the Russians So Set Against This Hacker Being Extradited?

Stay Connected