Security Affairs

OCTOBER 10, 2020

Microsoft has uncovered Zerologon attacks that were allegedly conducted by the infamous TA505 Russia-linked cybercrime group. Microsoft spotted a series of Zerologon attacks allegedly launched by the Russian cybercrime group tracked as TA505 , CHIMBORAZO and Evil Corp. Pierluigi Paganini. SecurityAffairs – hacking, Zerologon).

Cybercrime 138

Cybercrime Security Intelligence Authentication Banking 138

Krebs on Security

JUNE 1, 2023

One of Megatraffer’s ads on an English-language cybercrime forum. Megatraffer has continued to offer their code-signing services across more than a half-dozen other Russian-language cybercrime forums, mostly in the form of sporadically available EV and non-EV code-signing certificates from major vendors like Thawte and Comodo.

Malware 314

Malware Cybercrime Software Accountability 314

Krebs on Security

APRIL 18, 2023

.'” MRMURZA Faceless is a project from MrMurza , a particularly talkative member of more than a dozen Russian-language cybercrime forums over the past decade. MrMurza’s Faceless advertised on the Russian-language cybercrime forum ProCrd. Image: Darkbeast/Ke-la.com. 2012, from an Internet address in Magnitogorsk, RU.

Malware 305

Malware Passwords Accountability Advertising 305

Krebs on Security

JULY 27, 2022

But a recent review of Ashley Madison mentions across Russian cybercrime forums and far-right websites in the months leading up to the hack revealed some previously unreported details that may deserve further scrutiny. “Full Delete netted ALM $1.7mm in revenue in 2014. In 2014, ALM reported revenues of $115 million.

Cybercrime 65

Cybercrime Hacking Media Advertising 65

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking 250

Hacking Cybercrime Ransomware Government 250

Krebs on Security

JANUARY 18, 2021

Joker’s Stash , by some accounts the largest underground shop for selling stolen credit card and identity data, says it’s closing up shop effective mid-February 2021. The announcement came on the heels of a turbulent year for the major cybercrime store, and just weeks after U.S. 15, 2021. 15 or forfeit those funds.

Marketing 318

Marketing Cybercrime Accountability Cryptocurrency 318

Krebs on Security

APRIL 16, 2024

For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the state’s revenue department in 2012 and stealing tax and bank account information for 3.6 million people. said investigators determined the breach began on Aug. ” On Oct.

Identity Theft 307

Identity Theft Banking Cybercrime Hacking 307

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

Security Affairs

JULY 6, 2020

employee who hacked into the accounts of thousands of users was sentenced to five years of probation. accounts back in 2018. The man accessed the users’ victim accounts, using cracked passwords, but in some cases, he also used internal Yahoo! systems for access to the accounts. A former Yahoo! Pierluigi Paganini.

Accountability 130

Accountability Advertising Hacking Engineering 130

Security Affairs

NOVEMBER 3, 2018

Cybercriminals offered for sale private messages from at least 81,000 Facebook accounts claiming of being in possession of data from 120 million accounts. Crooks are offering for sale Criminals are selling the private messages of 81,000 hacked Facebook accounts for 10 cents per account. ” states the BBC.

Accountability 111

Accountability Advertising Hacking Cybercrime 111

Security Affairs

JANUARY 8, 2024

19 individuals worldwide were charged in a transnational cybercrime investigation of the now defunct xDedic marketplace. The black marketplace has been active since 2014, it was first analyzed by experts at Kaspersky Lab in 2016. At the time, the domain (xdedic[.]biz) ” reads the press release published by DoJ.

Cybercrime 133

Cybercrime Identity Theft Government Hacking 133

Krebs on Security

JULY 23, 2020

As first reported here last year , First American’s website exposed 16 years worth of digitized mortgage title insurance records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images. It employs some 18,000 people and brought in $6.2

Insurance 354

Insurance Financial Services Penetration Testing Scams 354

Krebs on Security

SEPTEMBER 26, 2024

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash , a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. Joker’s sold cards stolen in a steady drip of breaches at U.S.

Cryptocurrency 310

Cryptocurrency Cybercrime Retail Government 310

Security Affairs

AUGUST 12, 2019

Researchers discovered a dump containing 6,840,339 records associated with StockX user accounts that surfaced in the cybercrime underground. Now a dump containing 6,840,339 unique StockX user accounts surfaced in the cybercrime underground. How to check if your account has been compromised? Pierluigi Paganini.

Accountability 109

Accountability Data breaches Passwords Cybercrime 109

Security Affairs

SEPTEMBER 2, 2019

Login details of more than 36 million Poshmark accounts are available for sale in the cybercrime underground. “In mid-2018, social commerce marketplace Poshmark suffered a data breach that exposed 36M user accounts. Now Scott told BleepingComputer that a set of one million cracked Poshmark accounts is circulating online.

Accountability 108

Accountability Data breaches Passwords Advertising 108

Krebs on Security

JANUARY 27, 2021

Authorities across Europe on Tuesday said they’d seized control over Emotet , a prolific malware strain and cybercrime-as-service operation. It propagates mainly via malicious links and attachments sent through compromised email accounts, blasting out tens of thousands of malware-laced missives daily.

Malware 313

Malware Cybercrime Ransomware Banking 313

Krebs on Security

AUGUST 1, 2024

But in 2014 Seleznev was captured by U.S. su , a bustling cybercrime community of which Seleznev was a leading organizer. government says four of Klyushin’s alleged co-conspirators remain at large, including Ivan Ermakov , who was among 12 Russians charged in 2018 with hacking into key Democratic Party email accounts.

Penetration Testing 296

Penetration Testing Cybercrime Hacking Government 296

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime 283

Cybercrime Banking Computers and Electronics DDOS 283

SecureWorld News

APRIL 22, 2025

A sophisticated cybercrime campaign, dubbed Elusive Comet , has been uncovered, in which North Korean threat actors are exploiting Zoom's remote control feature to infiltrate the systems of cryptocurrency professionals. Lazarus is also behind significant cryptocurrency heists, such as the $1.5

Cryptocurrency 90

Cryptocurrency Social Engineering Cybercrime Engineering 90

Krebs on Security

APRIL 30, 2024

Finnish prosecutors quickly zeroed in on a suspect: Julius “Zeekill” Kivimäki , a notorious criminal hacker convicted of committing tens of thousands of cybercrimes before he became an adult. After being charged with the attack in October 2022, Kivimäki fled the country.

DDOS 317

DDOS Cybercrime Hacking Passwords 317

Krebs on Security

FEBRUARY 5, 2023

A notorious hacker convicted of perpetrating tens of thousands of cybercrimes, Kivimäki had been in hiding since October 2022, when he failed to show up in court and Finland issued an international warrant for his arrest. Kivimäki was ultimately convicted of orchestrating more than 50,000 cybercrimes.

Cybercrime 280

Cybercrime DDOS Hacking Accountability 280

Krebs on Security

AUGUST 1, 2024

But in 2014 Seleznev was captured by U.S. su , a bustling cybercrime community of which Seleznev was a leading organizer. government says four of Klyushin’s alleged co-conspirators remain at large, including Ivan Ermakov , who was among 12 Russians charged in 2018 with hacking into key Democratic Party email accounts.

Penetration Testing 280

Penetration Testing Cybercrime Hacking Government 280

Security Affairs

NOVEMBER 17, 2022

A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last month arrested in Geneva Vyacheslav Igorevich Penchukov (40), also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. Pierluigi Paganini.

Cybercrime 108

Cybercrime Banking Identity Theft Hacking 108

Security Affairs

OCTOBER 9, 2018

According to the FBI , the number of business email account (BEC) and email account compromise (EAC) scam incidents worldwide reached 78,000 between October 2013 and May 2018. If these passwords have been reused for corporate accounts, this may leave organizations at risk to account takeovers.” Pierluigi Paganini.

Scams 108

Scams Accountability Hacking Passwords 108

Krebs on Security

JUNE 29, 2023

Prosecutors in Northern California indicted Kislitsin in 2014 for his alleged role in stealing account data from Formspring. Kislitsin also was indicted in Nevada in 2013, but the Nevada indictment does not name his alleged victim(s) in that case.

Cybersecurity 303

Cybersecurity Cybercrime Hacking Government 303

Security Affairs

APRIL 24, 2020

Nintendo has disconnected the NNID legacy login system from main Nintendo profiles after it has discovered a massive account hijacking campaign. The gaming giant Nintendo announced that hackers gained accessed at least 160,000 user accounts as part of an account hijacking campaign since early April. ” reported ZDNet.

Accountability 119

Accountability Passwords Data breaches Advertising 119

Krebs on Security

DECEMBER 29, 2022

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. Internal Revenue Service website for months: Anyone seeking to create an account to view their tax records online would soon be required to provide biometric data to a private company in Virginia — ID.me.

Cryptocurrency 309

Cryptocurrency Cybercrime Computers and Electronics Scams 309

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. New cybercrime groups are also expected to start operations in Asia and Latin America. million, accounting for only 17% of the overall market value, compared to 19.9

Cybercrime 108

Cybercrime Hacking Banking Phishing 108

Security Affairs

OCTOBER 5, 2020

According to the SonntagsZeitung , the Basel public prosecutor’s office confirmed that hackers compromised the systems at the universities, then the threat actors hijacked the employee salary transfers by changing the beneficiaries’ accounts. It added that part of the misappropriated funds was now in foreign accounts.”

Advertising 145

Advertising Phishing Cybercrime Hacking 145

Krebs on Security

FEBRUARY 26, 2019

The men — a former Russian cyber intelligence official and an executive at Russian security firm Kaspersky Lab — were reportedly prosecuted for their part in an investigation into Pavel Vrublevsky , a convicted cybercriminal who ran one of the world’s biggest spam networks and was a major focus of my 2014 book, Spam Nation.

Cybersecurity 267

Cybersecurity Cybercrime Media Antivirus 267

Security Affairs

OCTOBER 18, 2020

. “Comprised of several layers of members mainly from Latvia, Georgia, Bulgaria, Romania, and Belgium, the QQAAZZ network opened and maintained hundreds of corporate and personal bank accounts at financial institutions throughout the world to receive money from cybercriminals who stole it from accounts of victims.”

Malware 141

Malware Banking Cryptocurrency Cybercrime 141

Security Affairs

MARCH 26, 2020

that is hosting various cybercrime products and services were being sold. which is a Shopify-like platform that has been hosting hundreds of online shops used for the sale of hacked accounts and stolen user data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Feds reviewed approximately 250 DEER.IO

Cybercrime 144

Cybercrime Advertising Hacking Accountability 144

Security Affairs

MARCH 13, 2020

European authorities dismantled two cybercrime organizations responsible for stealing millions through SIM hijacking. European authorities managed to dismantle the operations of two cybercrime gangs responsible for stealing millions through SIM hijacking. The authorities arrested tens of individuals in Spain and Romania. .

Banking 144

Banking Cybercrime Mobile Accountability 144

Security Affairs

FEBRUARY 12, 2020

The FBI’s Internal Crime Complaint Center (IC3) released the FBI 2019 Internet Crime Report , a document that outlines cybercrime trends over the past year. The figure that most of all capture our attention is that victims of cybercrime activities lost $3.5 Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Internet 143

Internet Internet Cybercrime Scams 143

Security Affairs

MARCH 15, 2020

A cybercrime gang focused on Business Email Compromise (BEC) has started using coronavirus-themed scam emails in its attacks. The researchers received a coronavirus-themed scam email that attempted to trick victims into using a different bank account for the payment due to the COVID-19 outbreak. A change of the bank account).

Scams 139

Scams Banking Cybercrime Advertising 139

Krebs on Security

MAY 23, 2024

But by all accounts, few attacks from those gangs have come close to the amount of firepower wielded by a pro-Russia group calling itself “ NoName057(16).” He also co-runs SURBL , an anti-abuse service that flags domains and Internet address ranges that are strongly associated with spam and cybercrime activity, including DDoS.

DDOS 334

DDOS Internet Internet Government 334

Schneier on Security

NOVEMBER 7, 2017

There's a new criminal tactic involving hacking an e-mail account of a company that handles high-value transactions and diverting payments. Criminals hack into an art dealer's email account and monitor incoming and outgoing correspondence. EDITED TO ADD (11/14): Brian Krebs wrote about this in 2014.

Scams 189

Scams Accountability Banking Hacking 189