2017, Cybercrime, Hacking and Information Security

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. Abusewith[.]us

Hacking

Hacking Accountability Data breaches Marketing

Law enforcement seized the Genesis Market cybercrime marketplace

Security Affairs

APRIL 5, 2023

The FBI seized the Genesis Market , a black marketplace for stolen credentials that was launched in 2017. Law enforcement seized the Genesis Market black marketplace, a platform focused on the sale of stolen credentials, as part of Operation Cookie Monster.

Marketing

Marketing Cybercrime Accountability Education

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means. SecurityAffairs – hacking, FBI). To nominate, please visit:?.

Cybercrime

Cybercrime Education Accountability Phishing

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Uber hacked, internal systems and confidential documents were allegedly compromised

Security Affairs

SEPTEMBER 16, 2022

According to the New York Times , the threat actors hacked an employee’s Slack account and used it to inform internal personnel that the company had “suffered a data breach” and provided a list of allegedly hacked internal databases. “I This is not the first time that the company suffered a security breach.

Hacking

Hacking Data breaches Engineering Information Security

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Security Affairs

JUNE 9, 2023

Two Russian nationals have been charged with the hack of the cryptocurrency exchange Mt. Russian nationals Alexey Bilyuchenko (43) and Aleksandr Verner (29) have been charged with the hack of the cryptocurrency exchange Mt. Gox ) The post Russians charged with hacking Mt. Gox in 2011 and money laundering.

Hacking

Hacking Cryptocurrency Advertising Banking

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

Security Affairs

FEBRUARY 6, 2024

“According to the indictment, between 2011 and July 2017, Aliaksandr Klimenka, 42, allegedly controlled BTC-e, a digital currency exchange, with Alexander Vinnik and others.” BTC-e was popular in the cybercrime ecosystem, it was an illegal platform because it was not registered as a money services business with the U.S.

Cryptocurrency

Cryptocurrency Spyware Cybercrime Hacking

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Security Affairs

APRIL 24, 2023

Truebot has been active since 2017 and some researchers linked it to the Russian Silence Group , while a recent investigation linked it to threat actor TA505 (aka Evil Corp). .” The researchers noticed that the domain hosting the tools employed in the attack, windowservicecemter[.]com, com, was registered on April 12, 2023.

Cybercrime

Cybercrime Software Education Ransomware

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

Security Affairs

MAY 6, 2024

Alexander Vinnik , a Russian national, pleaded guilty to conspiracy to commit money laundering for his involvement in operating the cryptocurrency exchange BTC-e from 2011 to 2017. In July 2017 law enforcement shut down the virtual currency exchange.

Cryptocurrency

Cryptocurrency Computers and Electronics Identity Theft Hacking

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. Six days later, on December 19, 2017.

Hacking

Hacking DNS Cryptocurrency Accountability

Source code of Dharma ransomware now surfacing on public hacking forums

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Hacking Advertising Malware

A Ukrainian man is the third FIN7 member sentenced in the United States

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). Iarmak is the third member of the FIN7 cybercrime group to be sentenced in the U.S. in May 2020.

Cybercrime

Cybercrime Hacking Software Phishing

Nissan Oceania data breach impacted roughly 100,000 people

Security Affairs

MARCH 14, 2024

The company did not share details about the attack or its scope, but a few weeks later the Akira ransomware group claimed to have stolen 100 GB of information from the company. Stolen data included corporate files and personal information Nissan refused to pay the ransom and the cybercrime group published the alleged stolen files.

Data breaches

Data breaches Identity Theft Financial Services Cybercrime

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The WannaCry and NotPetya outbreaks in May and June 2017, respectively, were the most devastating in history. In many cases, the crooks hack managed service providers (MSPs) first and then use this access to compromise the partnering organizations. Forward outlook Ransomware is a dynamic and increasingly hybrid segment of cybercrime.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Ticketmaster will pay $10 Million fine over hacking a competitor

Security Affairs

JANUARY 2, 2021

Ticketmaster agreed to pay a $10 million fine for hacking into the computer system of the startup rival CrowdSurge. The attacks aimed at stealing information to gain an advantage over CrowdSurge, which was acquired by Warner Music Group (WMG) in 2017. ” Both Mead and Zaidi were fired by Ticketmaster in 2017.

Hacking

Hacking Passwords Accountability Cybercrime

SEC announces sanctions against entities over email account hacking

Security Affairs

SEPTEMBER 1, 2021

Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. Securities and Exchange Commission (SEC) announced sanctions against eight entities belonging to three companies over email account hacking due to cybersecurity failures. Pierluigi Paganini.

Accountability

Accountability Hacking Financial Services Cybersecurity

TheMoon bot infected 40,000 devices in January and February

Security Affairs

MARCH 26, 2024

The activity of the TheMoon botnet was first spotted in 2014, and since 2017 its operators added to the code of the bot at least 6 IoT device exploits. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – Hacking, TheMoon)

IoT

IoT Cybercrime Internet Internet

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. Authorities in the United States, Germany, the Netherlands and the U.K.

Advertising

Advertising Cybercrime System Administration Hacking

North Korea-linked hackers stole $626 million in virtual assets in 2022

Security Affairs

DECEMBER 22, 2022

The Government of Pyongyang focuses on crypto hacking to fund its military program following harsh U.N. “South Korea’s main spy agency, the National Intelligence Service, said North Korea’s capacity to steal digital assets is considered among the best in the world because of the country’s focus on cybercrimes since U.N.

Cryptocurrency

Cryptocurrency Cybercrime Media Government

DarkGate malware campaign abuses Skype and Teams

Security Affairs

OCTOBER 16, 2023

The researchers speculate the originating accounts of the instant messaging applications were compromised through the leaked credentials available on cybercrime forums.

Malware

Malware Cryptocurrency Accountability Cybercrime

Gafgyt botnet is targeting EoL Zyxel routers

Security Affairs

AUGUST 11, 2023

A variant of the Gafgyt botnet is actively attempting to exploit a vulnerability, tracked as CVE-2017-18368 (CVSS v3: 9.8), impacting the end-of-life Zyxel P660HN-T1A router. Zyxel addressed the vulnerability in 2017 with the release of new firmware, however, the vendor warned that a Gafgyt variant was exploiting the flaw in 2019.

Firmware

Firmware Hacking Cybercrime Information Security

Admins of Genesis Market marketplace sold their infrastructure on a hacker forum

Security Affairs

JULY 17, 2023

In April, the FBI seized the Genesis Market , a black marketplace for stolen credentials that was launched in 2017. As reported by BleepingComputer , on June 28, the alleged admin of Genesis Market (GenesisStore) announced on a cybercrime forum that the platform was available for sale.

Marketing

Marketing Accountability Cybercrime Passwords

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Security Affairs

OCTOBER 19, 2020

Alexander Vinnik allegedly headed the Bitcoin exchange BTC-e, he is charged with different hacking crimes in Russia, France, and the United States. In 2017, Greek Police arrested the Russian national Alexander Vinnik and they accused the man of running the BTC-e Bitcoin exchange to launder more than US$4bn worth of the cryptocurrency.

Advertising

Advertising Cybercrime Hacking Cryptocurrency

SynAck ransomware gang releases master decryption keys for old victims

Security Affairs

AUGUST 13, 2021

The news was first reported by TheRecord website, the master decryption keys work for victims that were infected between July 2017 and early 2021. “The keys have been verified as authentic by Michael Gillespie , a malware analyst at security firm Emsisoft and the creator of the ID-Ransomware service.” Pierluigi Paganini.

Ransomware

Ransomware Authentication Malware Hacking

Germany police shut down Hydra Market dark web marketplace

Security Affairs

APRIL 6, 2022

The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership with U.S. “Hydra quickly rose to become the most prominent Russian-language darknet market after the closure of a key competitor in 2017. SecurityAffairs – hacking, Hydra).

Marketing

Marketing Cybercrime Advertising Hacking

Magniber Ransomware operators use PrintNightmare exploits to infect Windows servers

Security Affairs

AUGUST 12, 2021

CrowdStrike recently observed a malicious activity associated with Magniber ransomware , a threat that has been active since 2017. “CrowdStrike recently observed new activity related to a 2017 ransomware family, known as Magniber, using the PrintNighmare vulnerability on victims in South Korea. ” CrowdStrike concludes.

Ransomware

Ransomware Cybercrime Encryption Hacking

U.S. Treasury Department sanctions darkweb marketplace Hydra Market

Security Affairs

APRIL 6, 2022

The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership with U.S. Hydra quickly rose to become the most prominent Russian-language darknet market after the closure of a key competitor in 2017. SecurityAffairs – hacking, cybercrime).

Marketing

Marketing Cybercrime Advertising Hacking

Nigerian National pleads guilty to participating in a millionaire BEC scheme

Security Affairs

SEPTEMBER 24, 2023

The man was extradited from Canada to the United States on April 12, 2023. “According to his plea agreement, from February 2017 until at least July 2017, Simon-Ebo conspired with others to perpetrate a BEC scheme.” According to the US authorities, fraudulent activities caused losses of more than $6 million to the victims.

Accountability

Accountability Banking Hacking Cybercrime

TA505 Cybercrime targets system integrator companies

Security Affairs

NOVEMBER 12, 2019

The analysis of a malicious email revealed a possible raising interest of the TA505 cybercrime gang in system integrator companies. The domain validtree.com is registered through namecheap.com on 2017-12-07T15:55:27Z but recently renewed on 2019-10-16T05:35:18Z. I am a computer security scientist with an intensive hacking background.

Cybercrime

Cybercrime Computers and Electronics Penetration Testing Malware

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Security Affairs

OCTOBER 29, 2020

The government agencies receive information about imminent attacks, threat actors are using the TrickBot botnet to deliver the infamous ransomware to the infected systems. “CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to U.S. SecurityAffairs – hacking, ransomware).

Healthcare

Healthcare Ransomware Cybercrime Advertising

Telstra Telecom discloses data breach impacting former and current employees

Security Affairs

OCTOBER 5, 2022

Narelle Devine, the company’s chief information security officer for the Asia Pacific region, added that no customer account information was stored on the third-party platform. It seems that the security breach also impacted other companies. SecurityAffairs – hacking, Telstra Telecom). Pierluigi Paganini.

Data breaches

Data breaches Telecommunications Accountability Information Security

Russian nation sentenced to 48 months in prison for helping Kelihos Botnet to evade detection

Security Affairs

DECEMBER 12, 2021

Koshkin was arrested in California in September 2019 , while Tsurkan was arrested in April 2017. At the time the FBI dismantled the Kelihos botnet, in 2017, the malicious infrastructure was composed of at least 50,000 compromised devices around the world. SecurityAffairs – hacking, Kelihos Botnet). Pierluigi Paganini.

Antivirus

Antivirus Malware Cybercrime Cyber threats

NightLion hacker is selling details of 142 million MGM Resorts hotel guests

Security Affairs

JULY 14, 2020

million users who stayed at MGM Resorts hotels have been published on a hacking forum this week. “The new finding came to light over the weekend after a hacker put up for sale the hotel’s data in an ad published on a dark web cybercrime marketplace.” SecurityAffairs – hacking, data breach). Pierluigi Paganini.

Data breaches

Data breaches Advertising Hacking Cybercrime

German BKA arrested the alleged operator of Deutschland im Deep Web darknet market

Security Affairs

OCTOBER 30, 2022

The Darknet marketplace was a crucial service for drug trafficking in the cybercrime underground for several years. . As a result, the darkweb marketplace was shut down in 2017 by the BKA also arrested its operator and sentenced him to seven years in prison in 2018. SecurityAffairs – hacking, Deutschland im Deep Web).

Marketing

Marketing Cybercrime Mobile Internet

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”).

Malware

Malware DDOS IoT Cybercrime

TA547 targets German organizations with Rhadamanthys malware

Security Affairs

APRIL 12, 2024

TA547 is a financially motivated threat actor that has been active since at least November 2017, it was observed conducting multiple campaigns to deliver a variety of Android and Windows malware, including DanaBot , Gootkit , Lumma stealer , NetSupport RAT , Ursnif , and ZLoader. ” The report includes Indicators of compromise (IoCs).

Malware

Malware Social Engineering Retail Engineering

British hacker arraigned for running The Real Deal dark web marketplace

Security Affairs

OCTOBER 26, 2022

government computers; stolen account login credentials for social media accounts and bank accounts; stolen credit card information; stolen personally identifiable information; illegal drugs; botnets; and computer hacking tools.” ’s National Crime Agency (NCA) in February 2017. government agencies,” said U.S.

Marketing

Marketing Government Hacking Accountability

Iran-linked MERCURY APT behind destructive attacks on hybrid environments

Security Affairs

APRIL 10, 2023

MERCURY (aka MuddyWater , SeedWorm and TEMP.Zagros ) has been active since at least 2017, in January 2022 the USCYBERCOM has officially linked the Iran-linked APT group to Iran’s Ministry of Intelligence and Security (MOIS). Threat actors masqueraded the attacks as a standard ransomware operation.

Ransomware

Ransomware Cybercrime VPN Education

Security Affairs newsletter Round 318

Security Affairs

JUNE 13, 2021

SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 318 appeared first on Security Affairs. If you want to also receive for free the international press subscribe here. million customers impacted. million customers impacted. million customers impacted. Pierluigi Paganini.

Data breaches

Data breaches Hacking Cryptocurrency Scams

Russian Alexander Vinnik sentenced in Paris to five years in prison for money laundering

Security Affairs

DECEMBER 8, 2020

Alexander Vinnik allegedly headed the Bitcoin exchange BTC-e, he is charged with different hacking crimes in Russia, France, and the United States. The French court acquitted Vinnik of charges of extortion and association with a cybercrime organization. SecurityAffairs – hacking, Alexander Vinnik). Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Hacking Ransomware Cybercrime

More than 17,000 WordPress websites infected with the Balada Injector in September

Security Affairs

OCTOBER 12, 2023

The Balada injector is a malware family that has been active since 2017. “Doctor Web has discovered a malicious Linux program that hacks websites based on a WordPress CMS. The malware supports multiple attack vectors and persistence mechanisms. The malicious code was first discovered in December 2022 by AV firm Doctor Web.

Malware

Malware Hacking Accountability Cybercrime

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. SecurityAffairs – hacking, Enemybot). The post Enemybot, a new DDoS botnet appears in the threat landscape appeared first on Security Affairs. The botnet targets multiple architectures, including arm, bsd, x64, and x86.

DDOS

DDOS Architecture Malware Cybercrime

DOJ arrested the founders of crypto mixer Samourai for facilitating $2 Billion in illegal transactions

Security Affairs

APRIL 25, 2024

Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, mixer) million in fees for Whirlpool transactions and $1.1 million for Ricochet transactions.

Cryptocurrency

Cryptocurrency Marketing Mobile Hacking

Defiant Tech firm who operated LeakedSource pleads guilty

Security Affairs

MAY 20, 2019

The LeakedSource website was launched in late 2015, in January 2017 the popular data breach notification website has been raided by feds. “I am immensely proud of this outcome as combatting cybercrime is an operational priority for us.” SecurityAffairs – cybercrime, LeakedSource). Pierluigi Paganini.

Cybercrime

Cybercrime Data breaches Advertising Passwords

Developer of DDoS Mirai based botnets sentenced to prison

Security Affairs

JUNE 26, 2020

On August 2018, Schuchman has been indicted on federal computer hacking charges after rival hackers fingered him as the creator of a Mirai variant dubbed Satori that infected at least 500,000 internet routers around the word. Schuchman, Vamp, and Drake created the Satori botnet in between July and August 2017. Pierluigi Paganini.

DDOS

DDOS IoT Advertising Internet

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Law enforcement seized the Genesis Market cybercrime marketplace

Webinars

Trending Sources

FBI: Compromised US academic credentials available on various cybercrime forums

Webinars

Uber hacked, internal systems and confidential documents were allegedly compromised

Russians charged with hacking Mt. Gox exchange and operating BTC-e

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Source code of Dharma ransomware now surfacing on public hacking forums

A Ukrainian man is the third FIN7 member sentenced in the United States

Nissan Oceania data breach impacted roughly 100,000 people

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Ticketmaster will pay $10 Million fine over hacking a competitor

SEC announces sanctions against entities over email account hacking

TheMoon bot infected 40,000 devices in January and February

Meet the Administrators of the RSOCKS Proxy Botnet

North Korea-linked hackers stole $626 million in virtual assets in 2022

DarkGate malware campaign abuses Skype and Teams

Gafgyt botnet is targeting EoL Zyxel routers

Admins of Genesis Market marketplace sold their infrastructure on a hacker forum

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

SynAck ransomware gang releases master decryption keys for old victims

Germany police shut down Hydra Market dark web marketplace

Magniber Ransomware operators use PrintNightmare exploits to infect Windows servers

U.S. Treasury Department sanctions darkweb marketplace Hydra Market

Nigerian National pleads guilty to participating in a millionaire BEC scheme

TA505 Cybercrime targets system integrator companies

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Telstra Telecom discloses data breach impacting former and current employees

Russian nation sentenced to 48 months in prison for helping Kelihos Botnet to evade detection

NightLion hacker is selling details of 142 million MGM Resorts hotel guests

German BKA arrested the alleged operator of Deutschland im Deep Web darknet market

EnemyBot malware adds new exploits to target CMS servers and Android devices

TA547 targets German organizations with Rhadamanthys malware

British hacker arraigned for running The Real Deal dark web marketplace

Iran-linked MERCURY APT behind destructive attacks on hybrid environments

Security Affairs newsletter Round 318

Russian Alexander Vinnik sentenced in Paris to five years in prison for money laundering

More than 17,000 WordPress websites infected with the Balada Injector in September

Enemybot, a new DDoS botnet appears in the threat landscape

DOJ arrested the founders of crypto mixer Samourai for facilitating $2 Billion in illegal transactions

Defiant Tech firm who operated LeakedSource pleads guilty

Developer of DDoS Mirai based botnets sentenced to prison

Stay Connected