Security Affairs

JULY 11, 2020

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces.

Hacking 85

Hacking Cybercrime Data breaches Advertising 85

Krebs on Security

JUNE 1, 2023

One of Megatraffer’s ads on an English-language cybercrime forum. Megatraffer has continued to offer their code-signing services across more than a half-dozen other Russian-language cybercrime forums, mostly in the form of sporadically available EV and non-EV code-signing certificates from major vendors like Thawte and Comodo.

Malware 249

Malware Cybercrime Software Antivirus 249

Security Affairs

SEPTEMBER 30, 2020

Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison for hacking LinkedIn, Dropbox, and Formspring in 2012. The Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison in the United States for hacking LinkedIn, Dropbox, and Formspring in 2012. Source: US Defense Watch.com.

Identity Theft 105

Identity Theft Cybercrime Advertising Hacking 105

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime 213

Cybercrime Banking Computers and Electronics DDOS 213

Security Boulevard

MARCH 9, 2023

A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The arrest coincided with a seizure of the NetWire sales website by the U.S. Federal Bureau of Investigation (FBI).

Cybercrime 52

Cybercrime Marketing Passwords 52

Krebs on Security

DECEMBER 3, 2021

More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials — such as usernames and passwords needed to remotely connect to the target’s network. All of these domains date back to between 2012 and 2013. com and wwwpexpay[.]com. com , and portalsagepay[.]com.

Ransomware 303

Ransomware Passwords Accountability Cybercrime 303

Security Affairs

DECEMBER 29, 2023

On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version (2.2). Presently, Meduza password stealer supports Windows Server 2012/2016/2019/2022 and Windows 10/11.

Password Management 132

Password Management Cryptocurrency Passwords Authentication 132

Security Affairs

JUNE 11, 2021

The US Department of Justice seized the servers and domains of the popular cybercrime marketplace SlilPP. In the past, law enforcement shut down other cybercrime marketplace focused on the sale of login credentials, such as xDedic and DEER.IO. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Cybercrime 112

Cybercrime Accountability Retail Cyber threats 112

Security Affairs

NOVEMBER 22, 2019

The banking trojan is able to record keystrokes, to steal passwords stored on the PC, and take screenshots and videos from the victims’ machine. Lisov operated the infrastructure behind the NeverQuest malware between June 2012 and January 2015, the managed a network of servers containing lists of millions of stolen login credentials.

Banking 105

Banking Malware Advertising Passwords 105

Daniel Miessler

FEBRUARY 1, 2020

As far as they’re concerned, if you don’t say the name of your password manager 7 times before bed the Dark Web will haunt your closet. And some people really go there to steal identities, buy things in your name, and all those cybercrime things you’ve heard about. And sure—the Dark Web can be…well, dark.

Advertising 103

Advertising InfoSec Password Management Education 103

Krebs on Security

JULY 18, 2022

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source. “all promotion methods allowed”).

VPN 310

VPN Computers and Electronics Antivirus Software 310

The Last Watchdog

JUNE 21, 2020

The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked. FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. None of these early threats went pro.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. used the password 225948. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc.

Ransomware 242

Ransomware Cybercrime Accountability Malware 242

Krebs on Security

JULY 18, 2023

com , a service that sold access to billions of passwords and other data exposed in countless data breaches. LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. In 2019, a Canadian company called Defiant Tech Inc. A copy of pictrace[.]com

Hacking 198

Hacking Accountability Data breaches Marketing 198

The Last Watchdog

MAY 11, 2020

These developments would have, over the next decade or so, steadily and materially reduced society’s general exposure to cybercrime and online privacy abuses. What’s more the FBI reports that Business Email Compromise (BEC) accounted for an estimated $26 billion in cybercrime-related losses over a three year period.

Computers and Electronics 113

Computers and Electronics Data privacy Encryption Media 113

Security Affairs

FEBRUARY 26, 2019

The banking trojan is able to record keystrokes, to steal passwords stored on the PC, and take screenshots and video from the victims’ machine. Lisov operated the infrastructure behind the NeverQuest malware between June 2012 and January 2015, the managed a network of servers containing lists of millions of stolen login credentials.

Banking 81

Banking Malware Advertising Accountability 81

SecureList

MAY 6, 2024

They can download additional modules and third-party malware, collect various types of data, such as passwords stored in browsers, and perform other malicious activities. To protect your devices and finance-related accounts: Use secure authentication methods, such as multifactor authentication, strong unique passwords, and so on.

Phishing 106

Phishing Banking Mobile Scams 106

Security Affairs

APRIL 28, 2020

Based on our findings, there are some similarities in both techniques and architectures with another cybercrime group, which appeared in the wild around 2012, most probably Romanian. We suggest to harden and update your SSH server configuring authentication with authorized keys and disabling passwords. Technical Analysis.

Architecture 103

Architecture Malware Hacking DDOS 103

SecureList

NOVEMBER 1, 2022

While its activities have been observed since 2012, its presence was only revealed in 2015 (Kaspersky was among the first to report it) and no public activity was recorded until January 2021. Lazarus Group delivered additional malware such as a keylogger and password-dumping tool to collect more information.

Malware 142

Malware Ransomware Spyware Encryption 142

Security Affairs

JULY 18, 2018

In June 2018 we have spotted a strange database publicly exposed to the public internet (no password/login required) along with a large number of credit card numbers and personal information inside.” ” reads the blog post published by Kromtech Security. ” reported Kromtech Security. Offered by. Android Users. Clash of Clans.

Mobile 60

Mobile Accountability Advertising Marketing 60

Krebs on Security

DECEMBER 14, 2023

That reporting was based on clues from an early Russian cybercrime forum in which a hacker named Rescator — using the same profile image that Rescator was known to use on other forums — claimed to have originally been known as “Helkern,” the nickname chosen by the administrator of a cybercrime forum called Darklife.

Cybercrime 231

Cybercrime Accountability Advertising Computers and Electronics 231

SiteLock

AUGUST 27, 2021

When security researchers discovered more than 2 million stolen passwords on a hacker server in December, a piece of malware called a keylogger was suspected. bank accounts in 2012 by cybercrooks using malware like keyloggers. Which probably explains why an estimated $5 billion was siphoned from U.S.

Cybercrime 87

Cybercrime Small Business Antivirus Malware 87

SecureWorld News

DECEMBER 29, 2020

Cybersecurity Ventures predicts that cybercrime will cost the world $6 trillion annually by the end of 2021. What was compromised: names, email addresses, and passwords. A majority of the passwords were protected by the weak SHA-1 hashing algorithm, which resulted in 99% of the credentials being posted by LeakSource.com in 2016.

Data breaches 98

Data breaches Passwords Accountability Government 98

Security Affairs

DECEMBER 4, 2022

Recently security the security expert researcher Sam Curry warned of vulnerabilities in mobile apps that exposed Hyundai and Genesis car models after 2012 to remote attacks. Law enforcement and intelligence worldwide are buying technologies that exploit weaknesses in vehicle systems.

Surveillance 104

Surveillance Technology Mobile Hacking 104

eSecurity Planet

FEBRUARY 8, 2021

Don Duncan, security engineer at NuData Security, told eSecurity Planet by email that POS systems are often dangerously easy to penetrate with malware , including the following (among many others): Dexter was discovered by Seculert (now Radware) researchers in 2012. vSkimmer malware, a successor to Dexter, dates back to 2013.

Retail 52

Retail Encryption Malware Artificial Intelligence 52

SecureList

OCTOBER 17, 2023

This email contained a link leading to a password-protected archive hosted on Google Drive, which represented the first stage of the infection – a.NET binary that was obfuscated and trying to pass itself off as an OpenVPN binary, when in fact it was a malware loader.

Government 116

Government Malware VPN Manufacturing 116

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

Schneier on Security

DECEMBER 28, 2020

We don’t know how, but last year the company’s update server was protected by the password “solarwinds123” — something that speaks to a lack of security culture.) In 2012, Iran attacked the Saudi national oil company. Russia is almost certainly laying the groundwork for future attack.

Hacking 362

Hacking Government Internet Internet 362

SecureList

NOVEMBER 14, 2022

A recent leak has put it in the hands of cybercrime actors and it is very likely that by the end of the year we will see it involved in APT cases too. CobaltStrike, released in 2012, is a threat emulation tool designed to help red teams understand the methods an attacker can use to penetrate a network.

Firmware 116

Firmware Surveillance Mobile Telecommunications 116