Krebs on Security

FEBRUARY 17, 2021

Confirmed thefts attributed to the group include the 2016 hacking of the SWIFT payment system for Bangladesh Bank, which netted thieves $81 million; $6.1 Other moneymaking and laundering schemes attributed to the North Korean hackers include the development and marketing of an initial coin offering (ICO) in 2017 called Marine Chain Token.

Cryptocurrency 344

Cryptocurrency Financial Services Banking Government 344

Krebs on Security

MARCH 10, 2020

District Court for the Southern District of California allege Firsov was the administrator of deer.io, an online platform that hosted more than 24,000 shops for selling stolen and/or hacked usernames and passwords for a variety of top online destinations. ru , a cybercrime forum in its own right that called itself “ The Antichat Mafia.”

Accountability 355

Accountability Advertising Hacking Cybercrime 355

Security Affairs

MARCH 18, 2025

Trend ZDI researchers discovered 1,000 malicious.lnk files used by nation-state actors and cybercrime groups to execute hidden malicious commands on a victims machine by exploiting the vulnerability ZDI-CAN-25373. Since 2017, the vulnerability has been exploited by APT groups from North Korea, Iran, Russia, and China.

Cybercrime 71

Cybercrime Telecommunications Government Malware 71

Krebs on Security

MAY 18, 2020

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems.

Malware 360

Malware Cybercrime Ransomware Marketing 360

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. Abusewith[.]us

Hacking 242

Hacking Accountability Data breaches Marketing 242

Security Affairs

FEBRUARY 10, 2025

The cybercrime group XE Group exploited a VeraCore zero-day to deploy reverse shells, web shells in recent attacks. The group was also observed exploiting vulnerabilities in Telerik UI such as CVE-2017-9248 and CVE-2019-18935. ” reads the analysis published by Intezer.

Manufacturing 112

Manufacturing Cybercrime Authentication Passwords 112

Krebs on Security

AUGUST 1, 2024

Among the more notable Russian hackers released in the prisoner swap is Roman Seleznev , 40, who was sentenced in 2017 to 27 years in prison for racketeering convictions tied to a lengthy career in stealing and selling payment card data. su , a bustling cybercrime community of which Seleznev was a leading organizer. Marine Paul Whelan.

Penetration Testing 296

Penetration Testing Cybercrime Hacking Government 296

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. In 2017, crooks launched a phishing campaign against universities to compromise.edu accounts. SecurityAffairs – hacking, FBI). ” reads the alert published by the FBI.

Cybercrime 145

Cybercrime Education Accountability Phishing 145

Security Affairs

NOVEMBER 23, 2024

Microsoft announced the disruption of the ONNX phishing service, another success against cybercrime which led to the seizure of 240 sites. Microsoft has tracked Nady, linked to phishing services since 2017. Microsoft disrupted the ONNX phishing service, seizing 240 sites and naming an Egyptian man as the operator behind the operation.

Phishing 74

Phishing Cybercrime Financial Services Media 74

Krebs on Security

AUGUST 9, 2021

Also, this greenhorn criminal clearly had bought into BriansClub’s advertising, which uses my name and likeness in a series of ads that run on all the top cybercrime forums. That was right after KrebsOnSecurity broke the news that someone had hacked BriansClub and siphoned information on 26 million stolen debit and credit accounts.

Phishing 362

Phishing Cybercrime Accountability Advertising 362

Security Affairs

FEBRUARY 25, 2025

The two vulnerabilities are: CVE-2017-3066 Adobe ColdFusion Deserialization Vulnerability CVE-2024-20953 Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability CVE-2017-3066 (CVSS score of 9.8) CVE-2025-24989 (CVSS score: 8.2)

Hacking 100

Hacking Cybersecurity Risk Cybercrime 100

Krebs on Security

AUGUST 1, 2024

Among the more notable Russian hackers released in the prisoner swap is Roman Seleznev , 40, who was sentenced in 2017 to 27 years in prison for racketeering convictions tied to a lengthy career in stealing and selling payment card data. su , a bustling cybercrime community of which Seleznev was a leading organizer. Marine Paul Whelan.

Penetration Testing 280

Penetration Testing Cybercrime Hacking Government 280

Security Affairs

OCTOBER 16, 2024

CrowdStrike’s investigation reveals that USDoD’s leader, Luan BG, has been a hacktivist active since at least 2017. The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec). However, the Brazilian national turned into more complex cybercriminal activities by 2022.

Data breaches 128

Data breaches Media Cybercrime Accountability 128

SecureWorld News

APRIL 22, 2025

A sophisticated cybercrime campaign, dubbed Elusive Comet , has been uncovered, in which North Korean threat actors are exploiting Zoom's remote control feature to infiltrate the systems of cryptocurrency professionals. billion hack of the Bybit exchange in February 2025. billion hack of the Bybit exchange in February 2025.

Cryptocurrency 90

Cryptocurrency Social Engineering Cybercrime Engineering 90

Krebs on Security

MARCH 26, 2020

“Our continuous monitoring of underground activity revealed despite the conviction, Flint24 never left the cybercrime scene,” reads an analysis penned by Intel 471. authorities in 2017. “ Flint had a piece of almost every major hack because in many cases it was his guys doing it. Among them is MrWhite[.]biz

Cybercrime 340

Cybercrime Retail Banking Insurance 340

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. In 2017-2018 hackers’ interest in cryptocurrency exchanges ramped up. New cybercrime groups are also expected to start operations in Asia and Latin America. Attacks on Crypto.

Cybercrime 108

Cybercrime Hacking Banking Phishing 108

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

Krebs on Security

DECEMBER 8, 2021

According to cyber intelligence firm Intel 471 , that dark_cl0ud6@hotmail.com address has been used in conjunction with the handle “ DCReavers2 ” to register user accounts on a half-dozen English-language cybercrime forums since 2008, including Hackforums , Blackhatworld, and Ghostmarket.

Cybercrime 338

Cybercrime Ransomware Accountability Advertising 338

Krebs on Security

DECEMBER 3, 2021

Since the beginning of 2020, Babam has set up numerous auctions on the Russian-language cybercrime forum Exploit , mainly selling virtual private networking (VPN) credentials stolen from various companies. Verified was hacked at least twice in the past five years, and its user database posted online. com (2017).

Ransomware 354

Ransomware Accountability Passwords Cybercrime 354

Krebs on Security

SEPTEMBER 26, 2024

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash , a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. This batch of some five million cards put up for sale Sept.

Cryptocurrency 310

Cryptocurrency Cybercrime Retail Government 310

The Last Watchdog

JUNE 21, 2020

The WannaCry and NotPetya outbreaks in May and June 2017, respectively, were the most devastating in history. In many cases, the crooks hack managed service providers (MSPs) first and then use this access to compromise the partnering organizations. Forward outlook Ransomware is a dynamic and increasingly hybrid segment of cybercrime.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

AUGUST 16, 2024

Many Google Pixel devices shipped since September 2017 have included a vulnerable app that could be exploited for malicious purposes. Many Google Pixel devices shipped since September 2017 have included dormant software that could be exploited by attackers to compromise them. ” reads the report. ” reads the report.

Hacking 144

Hacking Firmware Mobile Penetration Testing 144

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 143

Ransomware Hacking Advertising Malware 143

Security Affairs

MAY 10, 2019

A Russian hacking group Fxmsp is offering for sale the access to the networks of at least three antivirus companies in the US and source code of their software. Fxmsp is a high-profile Russian- and English-speaking hacking group focused on breaching high-profile private corporate and government information. ” continues AdvIntel.

Antivirus 111

Antivirus Hacking Cybercrime Artificial Intelligence 111

Krebs on Security

OCTOBER 1, 2019

A Slovenian man convicted of authoring the destructive and once-prolific Mariposa botnet and running the infamous Darkode cybercrime forum has been arrested in Germany on request from prosecutors in the United States, who’ve recently re-indicted him on related charges. issued international arrest warrant for his extradition.

Cybercrime 48

Cybercrime Malware Antivirus Banking 48

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. The year 2016 saw banks in Russia hacked one after another.

Cybercrime 145

Cybercrime Banking Malware Ransomware 145

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. Authorities in the United States, Germany, the Netherlands and the U.K.

Advertising 320

Advertising Cybercrime System Administration Hacking 320

Security Affairs

APRIL 2, 2025

In July 2017, Dr.Web researchers discovered many smartphonemodels were shipped with the dreaded Triada trojan such as Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,malware)

Cryptocurrency 123

Cryptocurrency Malware Mobile Firmware 123

Krebs on Security

FEBRUARY 26, 2019

Sergei Mikhailov , formerly deputy chief of Russia’s top anti-cybercrime unit, was sentenced today to 22 years in prison. In a telephone interview with this author in 2011, Vrublevsky said he was convinced that Mikhailov was taking information gathered by Russian government cybercrime investigators and feeding it to U.S.

Cybersecurity 267

Cybersecurity Cybercrime Media Antivirus 267

Security Affairs

SEPTEMBER 16, 2022

According to the New York Times , the threat actors hacked an employee’s Slack account and used it to inform internal personnel that the company had “suffered a data breach” and provided a list of allegedly hacked internal databases. “I SecurityAffairs – hacking, Uber). states the message. Pierluigi Paganini.

Hacking 144

Hacking Data breaches Information Security Engineering 144

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. Six days later, on December 19, 2017.

Hacking 104

Hacking DNS Cryptocurrency Accountability 104

Security Affairs

APRIL 5, 2023

The FBI seized the Genesis Market , a black marketplace for stolen credentials that was launched in 2017. Law enforcement seized the Genesis Market black marketplace, a platform focused on the sale of stolen credentials, as part of Operation Cookie Monster.

Marketing 98

Marketing Cybercrime Accountability Education 98

Security Affairs

JULY 8, 2020

The US Department of Justice has indicted a hacker named Fxmsp for hacking over three hundred organizations worldwide and selling access to their networks. The US Department of Justice has indicted a hacker that goes online with the moniker Fxmsp for hacking over three hundred organizations worldwide and selling access to their networks.

Hacking 115

Hacking Antivirus Advertising Cybercrime 115

Security Affairs

JANUARY 2, 2021

Ticketmaster agreed to pay a $10 million fine for hacking into the computer system of the startup rival CrowdSurge. The attacks aimed at stealing information to gain an advantage over CrowdSurge, which was acquired by Warner Music Group (WMG) in 2017. ” Both Mead and Zaidi were fired by Ticketmaster in 2017.

Hacking 121

Hacking Passwords Accountability Cybercrime 121

Schneier on Security

DECEMBER 7, 2018

Kaspersky is reporting on a series of bank hacks -- called DarkVishnya -- perpetrated through malicious hardware being surreptitiously installed into the target network: In 2017-2018, Kaspersky Lab specialists were invited to research a series of cybertheft incidents.

Banking 252

Banking Hacking Cybercrime Malware 252

Security Affairs

DECEMBER 17, 2024

The threat actors attempted to exploit multiple vulnerabilities in DVRs, including CVE-2017-7921, CVE-2018-9995 , CVE-2020-25078, CVE-2021-33044 , and CVE-2021-36260. Follow me on Twitter: @securityaffairs and Facebook and Mastodon PierluigiPaganini ( SecurityAffairs hacking,HiatusRAT)

Architecture 109

Architecture Internet Internet Malware 109

Krebs on Security

MARCH 8, 2019

In the wake of Equifax’s epic 2017 data breach impacting some 148 million Americans, many people did freeze their credit files at the big three in response. SSN and DOB data is widely available for sale in the cybercrime underground on almost all U.S. Data Broker Giants Hacked by ID Theft Service. Consumers in every U.S.

Accountability 278

Accountability Identity Theft Authentication Passwords 278