2017, Accountability, Cybercrime and Information Security

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means. ” reads the alert published by the FBI.

Cybercrime

Cybercrime Education Accountability Phishing

Law enforcement seized the Genesis Market cybercrime marketplace

Security Affairs

APRIL 5, 2023

The FBI seized the Genesis Market , a black marketplace for stolen credentials that was launched in 2017. The price for a stolen account was very cheap, paying a few dollars crooks were able to use it for a specific period. Genesis Market was an invite-only marketplace, but it was not complex to find invite codes online.

Marketing

Marketing Cybercrime Accountability Education

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Security Affairs

APRIL 24, 2023

Truebot has been active since 2017 and some researchers linked it to the Russian Silence Group , while a recent investigation linked it to threat actor TA505 (aka Evil Corp). .” The researchers noticed that the domain hosting the tools employed in the attack, windowservicecemter[.]com, com, was registered on April 12, 2023.

Cybercrime

Cybercrime Software Education Ransomware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

SEC announces sanctions against entities over email account hacking

Security Affairs

SEPTEMBER 1, 2021

Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. Securities and Exchange Commission (SEC) announced sanctions against eight entities belonging to three companies over email account hacking due to cybersecurity failures. Pierluigi Paganini.

Accountability

Accountability Hacking Financial Services Cybersecurity

DarkGate malware campaign abuses Skype and Teams

Security Affairs

OCTOBER 16, 2023

The researchers speculate the originating accounts of the instant messaging applications were compromised through the leaked credentials available on cybercrime forums. The message sent to the victims from a compromised Skype account contains a VBS script with a filename following the following format: <filename.pdf> www.skype[.]vbs.

Malware

Malware Cryptocurrency Accountability Cybercrime

Admins of Genesis Market marketplace sold their infrastructure on a hacker forum

Security Affairs

JULY 17, 2023

In April, the FBI seized the Genesis Market , a black marketplace for stolen credentials that was launched in 2017. The price for a stolen account was very cheap, paying a few dollars crooks were able to use it for a specific period. Accounts on the forums will not be transferred, the new owner will create new accounts if necessary.”

Marketing

Marketing Accountability Cybercrime Passwords

Nigerian National pleads guilty to participating in a millionaire BEC scheme

Security Affairs

SEPTEMBER 24, 2023

. “According to his plea agreement, from February 2017 until at least July 2017, Simon-Ebo conspired with others to perpetrate a BEC scheme.” ” reads the press release published by DoJ. ” During the same period, Simon-Ebo and his co-conspirators conspired to commit money laundering. .

Accountability

Accountability Banking Hacking Cybercrime

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

Security Affairs

MAY 6, 2024

Alexander Vinnik , a Russian national, pleaded guilty to conspiracy to commit money laundering for his involvement in operating the cryptocurrency exchange BTC-e from 2011 to 2017. In July 2017 law enforcement shut down the virtual currency exchange.

Cryptocurrency

Cryptocurrency Computers and Electronics Identity Theft Hacking

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Security Affairs

JUNE 9, 2023

Bilyuchenko is also charged with conspiring with Alexander Vinnik to run the virtual currency exchange BTC-e from 2011 to 2017. The BTC-e virtual currency is popular in the cybercrime underground because it was used by crooks to launder funds for illegal activities. ” reads the DoJ.

Hacking

Hacking Cryptocurrency Advertising Banking

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. An administrator account Xerx3s on Abusewithus.

Hacking

Hacking Accountability Data breaches Marketing

Nissan Oceania data breach impacted roughly 100,000 people

Security Affairs

MARCH 14, 2024

The company did not share details about the attack or its scope, but a few weeks later the Akira ransomware group claimed to have stolen 100 GB of information from the company. Stolen data included corporate files and personal information Nissan refused to pay the ransom and the cybercrime group published the alleged stolen files.

Data breaches

Data breaches Identity Theft Financial Services Cybercrime

A Ukrainian man is the third FIN7 member sentenced in the United States

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). Iarmak is the third member of the FIN7 cybercrime group to be sentenced in the U.S. in May 2020.

Cybercrime

Cybercrime Hacking Software Phishing

Telstra Telecom discloses data breach impacting former and current employees

Security Affairs

OCTOBER 5, 2022

Narelle Devine, the company’s chief information security officer for the Asia Pacific region, added that no customer account information was stored on the third-party platform. It seems that the security breach also impacted other companies. ” reads the statement published by the company.

Data breaches

Data breaches Telecommunications Accountability Information Security

Uber hacked, internal systems and confidential documents were allegedly compromised

Security Affairs

SEPTEMBER 16, 2022

According to the New York Times , the threat actors hacked an employee’s Slack account and used it to inform internal personnel that the company had “suffered a data breach” and provided a list of allegedly hacked internal databases. “I This is not the first time that the company suffered a security breach.

Hacking

Hacking Data breaches Engineering Information Security

Germany police shut down Hydra Market dark web marketplace

Security Affairs

APRIL 6, 2022

The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership with U.S. “Hydra quickly rose to become the most prominent Russian-language darknet market after the closure of a key competitor in 2017. billion euros in 2020 alone.

Marketing

Marketing Cybercrime Advertising Hacking

U.S. Treasury Department sanctions darkweb marketplace Hydra Market

Security Affairs

APRIL 6, 2022

The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership with U.S. Hydra quickly rose to become the most prominent Russian-language darknet market after the closure of a key competitor in 2017. SecurityAffairs – hacking, cybercrime).

Marketing

Marketing Cybercrime Advertising Hacking

Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail

Security Affairs

NOVEMBER 3, 2020

The scripts developed by the cyber criminal were used to parse log data collected from botnet and searched for personally identifiable information (PII) and account credentials. In some cases, the man manually chacked the stolen information. ” reads the press release published by the DoJ.

Accountability

Accountability Banking Advertising Data collection

Iran-linked MERCURY APT behind destructive attacks on hybrid environments

Security Affairs

APRIL 10, 2023

MERCURY (aka MuddyWater , SeedWorm and TEMP.Zagros ) has been active since at least 2017, in January 2022 the USCYBERCOM has officially linked the Iran-linked APT group to Iran’s Ministry of Intelligence and Security (MOIS). Threat actors masqueraded the attacks as a standard ransomware operation.

Ransomware

Ransomware Cybercrime VPN Education

Russian nation sentenced to 48 months in prison for helping Kelihos Botnet to evade detection

Security Affairs

DECEMBER 12, 2021

Koshkin was arrested in California in September 2019 , while Tsurkan was arrested in April 2017. The Kelihos botnet was used to send out a large volume of spam messages, conduct denial of service attacks, harvest account credentials, and distribute malware.

Antivirus

Antivirus Malware Cybercrime Cyber threats

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Security Affairs

OCTOBER 19, 2020

In 2017, Greek Police arrested the Russian national Alexander Vinnik and they accused the man of running the BTC-e Bitcoin exchange to launder more than US$4bn worth of the cryptocurrency. SecurityAffairs – hacking, cybercrime). Vinnik is also accused to be responsible for the failure of the Japanese bitcoin exchange Mt.

Advertising

Advertising Cybercrime Hacking Cryptocurrency

British hacker arraigned for running The Real Deal dark web marketplace

Security Affairs

OCTOBER 26, 2022

“Kaye allegedly operated The Real Deal, a Dark Web market for illicit items, including stolen account login credentials for U.S. Kaye also trafficked login credentials for Twitter and LinkedIn accounts. ’s National Crime Agency (NCA) in February 2017. ” reads the press release published by DoJ.

Marketing

Marketing Government Hacking Accountability

More than 17,000 WordPress websites infected with the Balada Injector in September

Security Affairs

OCTOBER 12, 2023

The Balada injector is a malware family that has been active since 2017. In another wave, the threat actors were observed using a malicious script to create rogue WordPress administrator accounts. Sucuri researchers reported that more than 17,000 WordPress websites have been compromised in September with the Balada Injector.

Malware

Malware Hacking Accountability Cybercrime

Defiant Tech firm who operated LeakedSource pleads guilty

Security Affairs

MAY 20, 2019

The LeakedSource website was launched in late 2015, in January 2017 the popular data breach notification website has been raided by feds. “I am immensely proud of this outcome as combatting cybercrime is an operational priority for us.” SecurityAffairs – cybercrime, LeakedSource). Pierluigi Paganini.

Cybercrime

Cybercrime Data breaches Advertising Passwords

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. Six days later, on December 19, 2017.

Hacking

Hacking DNS Cryptocurrency Accountability

Updated Android spyware GravityRAT steals WhatsApp Backups

Security Affairs

JUNE 16, 2023

“Considering that downloading the app is conditional on having an account and new account registration was not possible for us, we believe that potential victims were specifically targeted.” Therefore, we believe that potential victims are highly targeted.” ” reads the analysis published by ESET.

Backups

Backups Spyware Malware Accountability

Data from Sephora and StreetEasy data breaches added to HIBP

Security Affairs

OCTOBER 7, 2019

The data has been available for sale in the cybercrime underground since February. In February, Gnosticplayers hacker offered a third round of databases containing millions of hacked accounts from unreported data breaches, including Streeteasy (Real estate) with 990,000 records. 78% of addresses were already in @haveibeenpwned.

Data breaches

Data breaches Passwords Advertising Cybercrime

Marcus Hutchins sentenced to supervised release, no jail for the expert

Security Affairs

JULY 27, 2019

In August 2017, he was arrested in Las Vegas after attending the Def Con hacking conference and was detained by the FBI in the state of Nevada. The sentence takes into account the age of the expert and decided to give him and his talent a second opportunity. SecurityAffairs – Marcus Hutchins, cybercrime). Pierluigi Paganini.

Banking

Banking Malware Advertising Cybercrime

Android devices shipped with backdoored firmware as part of the BADBOX network

Security Affairs

OCTOBER 8, 2023

It was not the first time the company discovered pre-installed malware on Android devices, back in July 2017 Dr.Web researchers discovered many smartphone models were shipped with the dreaded Triada trojan such as Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20.

Firmware

Firmware Mobile Malware Retail

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

In Q1 2023, threat actors linked to Russia’s military intelligence service focused their phishing campaigns on Ukraine, with the country accounting for over 60% of observed Russian targeting. The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017.

Phishing

Phishing Education Accountability Telecommunications

Crooks turn victims into money mules via confidence/romance scams

Security Affairs

AUGUST 6, 2019

The advisory explains that victims are used as part of a money-laundering scheme and act as money mules that unwittingly transfer funds obtained from business email compromise (BEC) to the accounts under the control of the crooks. These accounts are used to facilitate criminal activities for a short period of time.”

Scams

Scams Banking Accountability Advertising

US authorities charged Dridex gang members for stealing over $100 Million

Security Affairs

DECEMBER 7, 2019

.” According to the indictment, the criminal duo used the stolen banking credentials to make unauthorized transfers from the victims’ bank accounts to bank accounts owned by “money mules.” Then the criminals moved the money to other accounts or withdraw the funds and transport the funds overseas as smuggled bulk cash. .

Banking

Banking Malware Cybercrime Accountability

Wannacry, the hybrid malware that brought the world to its knees

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware. How did the contagion stop?

Malware

Malware Computers and Electronics Encryption Ransomware

Ticketmaster will pay $10 Million fine over hacking a competitor

Security Affairs

JANUARY 2, 2021

The attacks aimed at stealing information to gain an advantage over CrowdSurge, which was acquired by Warner Music Group (WMG) in 2017. ” Both Mead and Zaidi were fired by Ticketmaster in 2017. On October 18, 2019, Zaidi pled guilty for his participation in the hacking activity.

Hacking

Hacking Passwords Accountability Cybercrime

Hyundai suffered a data breach that impacted customers in France and Italy

Security Affairs

APRIL 12, 2023

In April 2017, security vulnerabilities in the Hyundai Blue Link mobile apps could have allowed hackers to locate, unlock and start vehicles of the carmaker. The intrusion aimed at stealing automotive trade secrets.

Data breaches

Data breaches Media Manufacturing Education

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Security Affairs

NOVEMBER 22, 2019

Lisov was arrested in January 2017 at the Barcelona airport by the Guardia Civil. The Neverquest malware is able to log in to the victim’s online banking account and perform fraudulent transactions. The arrest is the result of the collaboration between the Spanish law enforcement and the FBI. The United States Attorney Geoffrey S.

Banking

Banking Malware Advertising Passwords

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

Security Affairs

JUNE 23, 2020

Fxmsp took his first steps in the cybercrime scene in September 2016 when he registered on an underground forum, fuckav[.]ru. Fxmsp included one of his Jabber accounts, in his contact information on the forum which helped Group-IB researchers to establish his presumed identity. First steps. Proxy seller.

Antivirus

Antivirus Advertising Hacking Banking

Insider Threat Case: FBI Busts a Test Engineer

SecureWorld News

DECEMBER 17, 2021

It was 2017 when John Rowe first popped onto the FBI's radar. The company's Facility Security Officer (FSO) notified the FBI about something unusual. of Defense stalking me on [WEBSITE-1] back in 2017, I have to be real careful on who I talk too. Roe popped onto FBI radar in 2017 but did not get busted. It was not.

Engineering

Engineering Government Wireless Cybercrime

TA544 group behind a spike in Ursnif malware campaigns targeting Italy

Security Affairs

OCTOBER 3, 2021

TA544 is a financially motivated threat actor that is active at least since 2017, it focuses on attacks on banking users, it leverages banking malware and other payloads to target organizations worldwide, mainly in Italy and Japan. When I began studying this threat, Ursnif campaigns were more widespread and less targeted. .

Malware

Malware Banking Social Engineering Retail

Two Estonian citizens arrested in $575M cryptocurrency fraud scheme

Security Affairs

NOVEMBER 22, 2022

HashFlare shut down its operations in 2019, but since May 2017, the duo started offering investments in a company called Polybius, which they claimed to form a bank specializing in virtual currency. . “They promised to pay investors dividends from Polybius’s profits.

Cryptocurrency

Cryptocurrency Banking Marketing Hacking

GravityRAT returns disguised as an end-to-end encrypted chat app

Security Affairs

NOVEMBER 13, 2021

GravityRAT was first spotted by Cisco Talos researchers in 2017 who speculate it remained under the radar for the at least a couple of years [since 2015], In October 2020, researchers from Kaspersky Lab spotted new variants of the GravityRAT malware that was able to infect both Android and macOS devices. Gets connected network information.

Encryption

Encryption Malware Media Authentication

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

Security Affairs

AUGUST 7, 2018

Security experts from Group-IB, an international company specializing in preventing cyberattacks and developing information security solutions, has investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. In 2017, their number increased by 369% compared to 2016.

Cryptocurrency

Cryptocurrency Passwords Authentication Accountability

Gulf countries came under hackers’ spotlight in 2018, with more than 130 000 payment cards compromised

Security Affairs

APRIL 8, 2019

According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8 Hence, the task of preventing information security incidents for critical information infrastructures should be addressed at the legislative level. Map of Middle-Eastern Countries.

Artificial Intelligence

Artificial Intelligence Government Banking Advertising

Four years after its takedown, AlphaBay marketplace revamped

Security Affairs

AUGUST 14, 2021

AlphaBay was active between 2014 and June 2017, law enforcement seized the marketplace and arrested the administrator Alexandre Cazes (aka “Alpha02/Admin”), who died by suicide in prison in Thailand. The darknet marketplace AlphaBay resurfaced four years after an international operation conducted by law enforcement agencies took down it.

Marketing

Marketing Ransomware Hacking Banking

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. Carey | @marcusjcarey.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

FBI: Compromised US academic credentials available on various cybercrime forums

Law enforcement seized the Genesis Market cybercrime marketplace

Webinars

Trending Sources

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Webinars

SEC announces sanctions against entities over email account hacking

DarkGate malware campaign abuses Skype and Teams

Admins of Genesis Market marketplace sold their infrastructure on a hacker forum

Nigerian National pleads guilty to participating in a millionaire BEC scheme

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

Russians charged with hacking Mt. Gox exchange and operating BTC-e

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Nissan Oceania data breach impacted roughly 100,000 people

A Ukrainian man is the third FIN7 member sentenced in the United States

Telstra Telecom discloses data breach impacting former and current employees

Uber hacked, internal systems and confidential documents were allegedly compromised

Germany police shut down Hydra Market dark web marketplace

U.S. Treasury Department sanctions darkweb marketplace Hydra Market

Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail

Iran-linked MERCURY APT behind destructive attacks on hybrid environments

Russian nation sentenced to 48 months in prison for helping Kelihos Botnet to evade detection

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

British hacker arraigned for running The Real Deal dark web marketplace

More than 17,000 WordPress websites infected with the Balada Injector in September

Defiant Tech firm who operated LeakedSource pleads guilty

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Updated Android spyware GravityRAT steals WhatsApp Backups

Data from Sephora and StreetEasy data breaches added to HIBP

Marcus Hutchins sentenced to supervised release, no jail for the expert

Android devices shipped with backdoored firmware as part of the BADBOX network

Google TAG warns of Russia-linked APT groups targeting Ukraine

Crooks turn victims into money mules via confidence/romance scams

US authorities charged Dridex gang members for stealing over $100 Million

Wannacry, the hybrid malware that brought the world to its knees

Ticketmaster will pay $10 Million fine over hacking a competitor

Hyundai suffered a data breach that impacted customers in France and Italy

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

Insider Threat Case: FBI Busts a Test Engineer

TA544 group behind a spike in Ursnif malware campaigns targeting Italy

Two Estonian citizens arrested in $575M cryptocurrency fraud scheme

GravityRAT returns disguised as an end-to-end encrypted chat app

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

Gulf countries came under hackers’ spotlight in 2018, with more than 130 000 payment cards compromised

Four years after its takedown, AlphaBay marketplace revamped

Top Cybersecurity Accounts to Follow on Twitter

Stay Connected