2017, Accountability, Cybercrime and Passwords

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. ” A copy of the indictment is available here.

Hacking

Hacking Identity Theft Government Phishing

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Krebs on Security

MARCH 10, 2020

FBI officials last week arrested a Russian computer security researcher on suspicion of operating deer.io , a vast marketplace for buying and selling stolen account credentials for thousands of popular online services and stores. also is a favored marketplace for people involved in selling phony social media accounts.

Accountability

Accountability Advertising Hacking Cybercrime

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. In 2017, crooks launched a phishing campaign against universities to compromise.edu accounts. ” reads the alert published by the FBI.

Cybercrime

Cybercrime Education Accountability Phishing

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Who’s Behind the NetWire Remote Access Trojan?

Krebs on Security

MARCH 9, 2023

A Croatian national has been arrested for allegedly operating NetWire , a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. Constella also shows the email address zankomario@gmail.com used the password “dugidox2407.”

DNS

DNS Cybercrime Passwords Accountability

Dell notifies customers about data breach

Malwarebytes

MAY 10, 2024

Dell is warning its customers about a data breach after a cybercriminal offered a 49 million-record database of information about Dell customers on a cybercrime forum. Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else.

Data breaches

Data breaches Passwords Phishing Big data

$10M Is Yours If You Can Get This Guy to Leave Russia

Krebs on Security

MAY 4, 2023

government this week put a $10 million bounty on the head of a Russian man who for the past 18 years operated Try2Check , one of the cybercrime underground’s most trusted services for checking the validity of stolen credit card data. In 2017, U.S. was used to register an account with the username “Nordex” at bankir[.]com

Marketing

Marketing Cybercrime Accountability Cryptocurrency

Who Is the Network Access Broker ‘Babam’?

Krebs on Security

DECEMBER 3, 2021

More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials — such as usernames and passwords needed to remotely connect to the target’s network. In early 2017, Babam confided to another Verified user via private message that he is from Lithuania. com (2017).

Ransomware

Ransomware Passwords Accountability Cybercrime

Kroll Employee SIM-Swapped for Crypto Investor Data

Krebs on Security

AUGUST 25, 2023

Countless websites and online services use SMS text messages for both password resets and multi-factor authentication. For example, many online services require you to provide a phone number upon registering an account, but that number can often be removed from your profile afterwards. Why do I suggest this?

Mobile

Mobile Cyber Risk Cryptocurrency Data breaches

Crooks offered for sale private messages for 81k Facebook accounts

Security Affairs

NOVEMBER 3, 2018

Cybercriminals offered for sale private messages from at least 81,000 Facebook accounts claiming of being in possession of data from 120 million accounts. Crooks are offering for sale Criminals are selling the private messages of 81,000 hacked Facebook accounts for 10 cents per account. ” states the BBC.

Accountability

Accountability Advertising Cybercrime Hacking

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking

Hacking Cybercrime Ransomware Government

Admins of Genesis Market marketplace sold their infrastructure on a hacker forum

Security Affairs

JULY 17, 2023

In April, the FBI seized the Genesis Market , a black marketplace for stolen credentials that was launched in 2017. The price for a stolen account was very cheap, paying a few dollars crooks were able to use it for a specific period. Accounts on the forums will not be transferred, the new owner will create new accounts if necessary.”

Marketing

Marketing Accountability Cybercrime Passwords

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

But by all accounts, few attacks from those gangs have come close to the amount of firepower wielded by a pro-Russia group calling itself “ NoName057(16).” He also co-runs SURBL , an anti-abuse service that flags domains and Internet address ranges that are strongly associated with spam and cybercrime activity, including DDoS.

DDOS

DDOS Internet Internet Government

MyEquifax.com Bypasses Credit Freeze PIN

Krebs on Security

MARCH 8, 2019

Unfortunately, if you don’t already have an account at the credit bureau’s new myEquifax portal , it may be simple for identity thieves to lift an existing credit freeze at Equifax and bypass the PIN armed with little more than your, name, Social Security number and birthday. Getting an account at myequifax.com was easy.

Accountability

Accountability Identity Theft Authentication Passwords

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

.” New York City-based cyber intelligence firm Flashpoint said the Snatch ransomware group was created in 2018, based on Truniger’s recruitment both on Russian language cybercrime forums and public Russian programming boards. was also used to register an account at the online game stalker[.]so ru account and posted as him.

Ransomware

Ransomware Accountability Cybercrime Backups

Breached Data Indexer ‘Data Viper’ Hacked

Krebs on Security

JULY 13, 2020

Data Viper , a security startup that provides access to some 15 billion usernames, passwords and other information exposed in more than 8,000 website breaches, has itself been hacked and its user database posted online. The incident also highlights the often murky area between what’s legal and ethical in combating cybercrime.

Hacking

Hacking Marketing Cybercrime Accountability

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

com , a service that sold access to billions of passwords and other data exposed in countless data breaches. LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. An administrator account Xerx3s on Abusewithus. Abusewith[.]us

Hacking

Hacking Accountability Data breaches Marketing

GUEST ESSAY: ‘Initial access brokers’ — IABs — specialize in enabling surreptitious access

The Last Watchdog

DECEMBER 19, 2022

Cybercrime is a big business. Cybersecurity firm Positive Technologies found 88 new IAB sales on dark web marketplaces in the first quarter of 2020, compared to just three in all of 2017. Ransomware is already the fastest-growing type of cybercrime , and IABs make it more accessible to novice criminals.

Cybercrime

Cybercrime Digital transformation Ransomware Cybersecurity

CryptoCore hacker group stole over $200M from cryptocurrency exchanges

Security Affairs

JUNE 24, 2020

The CryptoCore group, aks Crypto-gang, “Dangerous Password”, and “Leery Turtle” has been active since 2018. “While the group’s key infiltration vector to the exchange is usually through spear-phishing against the corporate network, the executives’ personal email accounts are the first to be targeted.”

Cryptocurrency

Cryptocurrency Phishing Accountability Passwords

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source. In a 2017 discussion on fl.l33t[.]su

VPN

VPN Computers and Electronics Antivirus Software

FBI Warns of ‘Unlimited’ ATM Cashout Blitz

Krebs on Security

AUGUST 12, 2018

” Organized cybercrime gangs that coordinate unlimited attacks typically do so by hacking or phishing their way into a bank or payment card processor. “At a pre-determined time, the co-conspirators withdraw account funds from ATMs using these cards.”

Banking

Banking Accountability Retail Phishing

“FudCo” Spam Empire Tied to Pakistani Software Firm

Krebs on Security

SEPTEMBER 6, 2021

In May 2015, KrebsOnSecurity briefly profiled “ The Manipulaters ,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. One of several current Fudtools sites run by The Manipulaters.

Software

Software Phishing Cybercrime Accountability

Defiant Tech firm who operated LeakedSource pleads guilty

Security Affairs

MAY 20, 2019

The LeakedSource website was launched in late 2015, in January 2017 the popular data breach notification website has been raided by feds. LeakedSource was also cracking the associated passwords when it was possible. “I am immensely proud of this outcome as combatting cybercrime is an operational priority for us.”

Cybercrime

Cybercrime Data breaches Advertising Passwords

Data from Sephora and StreetEasy data breaches added to HIBP

Security Affairs

OCTOBER 7, 2019

The StreetEasy data breach took place in the mid-2016 and exposed 988k records that included names, usernames, email addresses and SHA-1 password hashes. The data has been available for sale in the cybercrime underground since February. Impacted data includes names, usernames, email addresses and SHA-1 password hashes.

Data breaches

Data breaches Passwords Advertising Cybercrime

Ticketmaster will pay $10 Million fine over hacking a competitor

Security Affairs

JANUARY 2, 2021

The attacks aimed at stealing information to gain an advantage over CrowdSurge, which was acquired by Warner Music Group (WMG) in 2017. “Ticketmaster Used Passwords Unlawfully Retained by a Former Employee of a Competitor to Access Computer Systems in Scheme to “Choke Off” the Victim’s Business” wrote the DoJ.

Hacking

Hacking Passwords Accountability Cybercrime

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. Six days later, on December 19, 2017.

Hacking

Hacking DNS Cryptocurrency Accountability

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Security Affairs

NOVEMBER 22, 2019

Lisov was arrested in January 2017 at the Barcelona airport by the Guardia Civil. The banking trojan is able to record keystrokes, to steal passwords stored on the PC, and take screenshots and videos from the victims’ machine. The arrest is the result of the collaboration between the Spanish law enforcement and the FBI. .”

Banking

Banking Malware Advertising Passwords

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. used the password 225948. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc.

Ransomware

Ransomware Cybercrime Accountability Malware

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

According to interviews with several sources, this hybrid phishing gang has a remarkably high success rate, and operates primarily through paid requests or “bounties,” where customers seeking access to specific companies or accounts can hire them to target employees working remotely at home.

Phishing

Phishing VPN Social Engineering Media

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Krebs on Security

DECEMBER 16, 2019

Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “ Evil Corp ” and stole roughly $100 million from businesses and consumers. LOW FRIENDS IN HIGH PLACES.

Cybercrime

Cybercrime Banking Small Business Accountability

Protecting Against Leakware: 5 Strategies for Vulnerable Executives

SecureWorld News

APRIL 4, 2022

According to a report from McAfee Enterprise and FireEye titled, "Cybercrime in a Pandemic World: The Impact of COVID-19," 81% of global organizations have experienced increased cyberthreats, and 79% experienced downtime from an attack during a peak season. Before leakware came doxware, which was popular in 2016 and 2017.

Digital transformation

Digital transformation Ransomware Phishing Small Business

What Website Owners Need to Know About Cyberattacks In 2018

SiteLock

AUGUST 27, 2021

In Q3 2017, SiteLock discovered alarming cybercrime trends that will likely affect websites for months to come. That’s not all: cybercriminals attempted to compromise more websites in Q3 2017 than in the previous quarter, increasing their attempted attacks by 16 percent. Backdoor Files.

Malware

Malware Engineering Phishing Accountability

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

The Last Watchdog

MAY 11, 2020

These developments would have, over the next decade or so, steadily and materially reduced society’s general exposure to cybercrime and online privacy abuses. So as of a few months ago, the US now requires data containerization along much the same lines as Saudi Arabia and the UAE first mandated in 2017.

Computers and Electronics

Computers and Electronics Data privacy Encryption Media

Hacker will compensate victims with $1.1 million Bitcoin illegally earned

Security Affairs

AUGUST 24, 2019

Grant West, aka ‘Courvoisier,’ is a hacker that was arrested by the police on September 2017 as result of a two-year-long investigation code-named ‘Operation Draba.’ “He would then convert the profit made from selling financial details online into cryptocurrency , and store these in multiple accounts.”

Cryptocurrency

Cryptocurrency Scams Cybercrime Phishing

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

Security Affairs

JUNE 23, 2020

Fxmsp took his first steps in the cybercrime scene in September 2016 when he registered on an underground forum, fuckav[.]ru. Fxmsp included one of his Jabber accounts, in his contact information on the forum which helped Group-IB researchers to establish his presumed identity. First steps. Proxy seller.

Antivirus

Antivirus Advertising Hacking Banking

Homebuyers Being Targeted by Money Transfer Scam

Security Affairs

SEPTEMBER 21, 2018

Money Transfer Scam – Scammers hack the victims’s email accounts, monitor conversations between the buyers and title agents, send instructions on where to wire the money. Scammers hack the email accounts of their victims and monitor conversations between the buyers and title agents. No security is 100 percent reliable.

Scams

Scams Advertising Accountability Surveillance

Author of NeverQuest botnet pleads guilty to bank fraud

Security Affairs

FEBRUARY 26, 2019

“ NeverQuest has been responsible for millions of dollars’ worth of attempts by hackers to steal money out of victims’ bank accounts. “ Lisov was arrested in January 2017 by the Spanish police, he was arrested at the Barcelona airport by the Guardia Civil. Sweeney Jr., ” reads the press release published by the DoJ.

Banking

Banking Malware Advertising Accountability

Hacker that hit UK National Lottery in 2016 was sentenced to prison

Security Affairs

JANUARY 13, 2020

The alleged hacker behind the credential stuffing attacks on UK National Lottery accounts has been sentenced to nine months in prison. The sentence was announced by the UK’s National Crime Agency on Friday, the authorities arrested Batson in May 2017. ” reads the press release published by the NCA.

Accountability

Accountability Advertising Banking Passwords

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. The first half of 2019 saw a 10-fold increase in the number of password-protected objects, such as documents and archive files, being used to deliver malware. The revival of ransomware.

Ransomware

Ransomware Antivirus Malware Banking

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

Security Affairs

AUGUST 7, 2018

In 2017, when cryptocurrencies were gaining momentum, their record-breaking capitalization and a spike in Bitcoin’s exchange rate led to dozens of attacks on cryptocurrency services. User Accounts Leaks Analysis» shows a steady increase in the number of compromised user accounts on cryptocurrency exchanges.

Cryptocurrency

Cryptocurrency Passwords Authentication Accountability

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Security Affairs

MARCH 19, 2019

Group-IB Threat Intelligence team identified hundreds of compromised credentials from Singaporean government agencies and educational institutions over the course of 2017 and 2018. Users’ logins and passwords from the Government Technology Agency ( [link] [.] So in case of Lazarus a stitch in time saves nine.

Banking

Banking Government Passwords Marketing

The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

eSecurity Planet

SEPTEMBER 14, 2022

Cybercrime is a growth industry like no other. According to statistics from the FBI’s 2021 Internet Crime Report , complaints to the Internet Crime Complaint Center (IC3) have been rising since 2017. In 2021 alone, IC3 received 847,376 complaints which amounted to $6.9 billion in reported losses.

Social Engineering

Social Engineering Energy and Utilities Phishing Scams

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. Bruce Schneier | @schneierblog.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Cybercriminal greeners from Iran attack companies worldwide for financial gain

Security Affairs

AUGUST 24, 2020

In some attacks, they attempted to elevate privileges using exploit for CVE-2017-0213. As the attackers usually need several attempts to brute force passwords and gain access to the RDP, it is important to enable account lockout policies by limiting the number of failed login attempts per user.

Threat Detection

Threat Detection Ransomware Advertising Cybercrime

Industrial Sector targeted in surgical spear-phishing attacks

Security Affairs

AUGUST 3, 2018

“According to the data available, the attackers’ main goal is to steal money from victim organizations’ accounts,”. Once the attackers have gained access to the victim’s system they will search for any purchase documents, as well as the financial and accounting software. states the researchers. ” continues the analysis.

Phishing

Phishing VPN Passwords Software

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Webinars

Trending Sources

FBI: Compromised US academic credentials available on various cybercrime forums

Webinars

Who’s Behind the NetWire Remote Access Trojan?

Dell notifies customers about data breach

$10M Is Yours If You Can Get This Guy to Leave Russia

Who Is the Network Access Broker ‘Babam’?

Kroll Employee SIM-Swapped for Crypto Investor Data

Crooks offered for sale private messages for 81k Facebook accounts

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Admins of Genesis Market marketplace sold their infrastructure on a hacker forum

Stark Industries Solutions: An Iron Hammer in the Cloud

MyEquifax.com Bypasses Credit Freeze PIN

A Closer Look at the Snatch Data Ransom Group

Breached Data Indexer ‘Data Viper’ Hacked

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

GUEST ESSAY: ‘Initial access brokers’ — IABs — specialize in enabling surreptitious access

CryptoCore hacker group stole over $200M from cryptocurrency exchanges

A Deep Dive Into the Residential Proxy Service ‘911’

FBI Warns of ‘Unlimited’ ATM Cashout Blitz

“FudCo” Spam Empire Tied to Pakistani Software Firm

Defiant Tech firm who operated LeakedSource pleads guilty

Data from Sephora and StreetEasy data breaches added to HIBP

Ticketmaster will pay $10 Million fine over hacking a competitor

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

How Did Authorities Identify the Alleged Lockbit Boss?

Voice Phishers Targeting Corporate VPNs

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Protecting Against Leakware: 5 Strategies for Vulnerable Executives

What Website Owners Need to Know About Cyberattacks In 2018

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

Hacker will compensate victims with $1.1 million Bitcoin illegally earned

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

Homebuyers Being Targeted by Money Transfer Scam

Author of NeverQuest botnet pleads guilty to bank fraud

Hacker that hit UK National Lottery in 2016 was sentenced to prison

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

Experts observed the growth of hi-tech crime landscape in Asia in 2018

The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

Top Cybersecurity Accounts to Follow on Twitter

Cybercriminal greeners from Iran attack companies worldwide for financial gain

Industrial Sector targeted in surgical spear-phishing attacks

Stay Connected