2017, Cybercrime and Passwords - Cyber Security Informer

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. Compounding the confusion, on Sept.

Hacking

Hacking Identity Theft Government Phishing

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. In 2017, crooks launched a phishing campaign against universities to compromise.edu accounts. ” reads the alert published by the FBI. Pierluigi Paganini.

Cybercrime

Cybercrime Education Accountability Phishing

Who’s Behind the NetWire Remote Access Trojan?

Krebs on Security

MARCH 9, 2023

A Croatian national has been arrested for allegedly operating NetWire , a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. Constella also shows the email address zankomario@gmail.com used the password “dugidox2407.”

DNS

DNS Cybercrime Passwords Accountability

Dell notifies customers about data breach

Malwarebytes

MAY 10, 2024

Dell is warning its customers about a data breach after a cybercriminal offered a 49 million-record database of information about Dell customers on a cybercrime forum. Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else.

Data breaches

Data breaches Passwords Phishing Big data

More on the SolarWinds Breach

Schneier on Security

DECEMBER 17, 2020

One of those offering claimed access over the Exploit forum in 2017 was known as “fxmsp” and is wanted by the FBI “for involvement in several high-profile incidents,” said Mark Arena, chief executive of cybercrime intelligence firm Intel471. Arena informed his company’s clients, which include U.S.

Software

Software Passwords Cybercrime Government

Who Is the Network Access Broker ‘Babam’?

Krebs on Security

DECEMBER 3, 2021

More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials — such as usernames and passwords needed to remotely connect to the target’s network. In early 2017, Babam confided to another Verified user via private message that he is from Lithuania. com (2017).

Ransomware

Ransomware Passwords Accountability Cybercrime

$10M Is Yours If You Can Get This Guy to Leave Russia

Krebs on Security

MAY 4, 2023

government this week put a $10 million bounty on the head of a Russian man who for the past 18 years operated Try2Check , one of the cybercrime underground’s most trusted services for checking the validity of stolen credit card data. In 2017, U.S. This and other “nordia@” emails shared a password: “ anna59.”

Marketing

Marketing Cybercrime Accountability Cryptocurrency

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking

Hacking Cybercrime Ransomware Government

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

The international police organization INTERPOL said last week it had shuttered the notorious 16Shop, a popular phishing-as-a-service platform launched in 2017 that made it simple for even complete novices to conduct complex and convincing phishing scams. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com.

Phishing

Phishing Passwords Internet Internet

Kroll Employee SIM-Swapped for Crypto Investor Data

Krebs on Security

AUGUST 25, 2023

Countless websites and online services use SMS text messages for both password resets and multi-factor authentication. Many online services allow users to reset their passwords just by clicking a link sent via SMS , and this unfortunately widespread practice has turned mobile phone numbers into de facto identity documents.

Mobile

Mobile Cyber Risk Cryptocurrency Data breaches

Decoding Security 109: New Year’s Resolutions

SiteLock

AUGUST 27, 2021

This week on Decoding Security , security analysts Jessica Ortega and Ramuel Gall share their predictions for the top cybercrime trends in 2018. We’ll also catch you up on the latest cybersecurity news, including the 25 Worst Passwords of 2017 and a leaky server that exposed 300,000 email addresses and login credentials from Ancestry.com.

Cybercrime

Cybercrime Passwords Cybersecurity

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Krebs on Security

MARCH 10, 2020

District Court for the Southern District of California allege Firsov was the administrator of deer.io, an online platform that hosted more than 24,000 shops for selling stolen and/or hacked usernames and passwords for a variety of top online destinations. ru , a cybercrime forum in its own right that called itself “ The Antichat Mafia.”

Accountability

Accountability Advertising Hacking Cybercrime

GUEST ESSAY: ‘Initial access brokers’ — IABs — specialize in enabling surreptitious access

The Last Watchdog

DECEMBER 19, 2022

Cybercrime is a big business. Cybersecurity firm Positive Technologies found 88 new IAB sales on dark web marketplaces in the first quarter of 2020, compared to just three in all of 2017. Ransomware is already the fastest-growing type of cybercrime , and IABs make it more accessible to novice criminals.

Cybercrime

Cybercrime Digital transformation Ransomware Cybersecurity

Admins of Genesis Market marketplace sold their infrastructure on a hacker forum

Security Affairs

JULY 17, 2023

In April, the FBI seized the Genesis Market , a black marketplace for stolen credentials that was launched in 2017. As reported by BleepingComputer , on June 28, the alleged admin of Genesis Market (GenesisStore) announced on a cybercrime forum that the platform was available for sale.

Marketing

Marketing Accountability Cybercrime Passwords

Breached Data Indexer ‘Data Viper’ Hacked

Krebs on Security

JULY 13, 2020

Data Viper , a security startup that provides access to some 15 billion usernames, passwords and other information exposed in more than 8,000 website breaches, has itself been hacked and its user database posted online. The incident also highlights the often murky area between what’s legal and ethical in combating cybercrime.

Hacking

Hacking Marketing Cybercrime Accountability

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are also massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source. The user dfyz on Searchengines[.]ru

DDOS

DDOS Internet Internet Government

MyEquifax.com Bypasses Credit Freeze PIN

Krebs on Security

MARCH 8, 2019

In the wake of Equifax’s epic 2017 data breach impacting some 148 million Americans, many people did freeze their credit files at the big three in response. The portal asked me for an email address and suggested a longish, randomized password, which I accepted. Consumers in every U.S.

Accountability

Accountability Identity Theft Authentication Passwords

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

com , a service that sold access to billions of passwords and other data exposed in countless data breaches. LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. In 2019, a Canadian company called Defiant Tech Inc.

Hacking

Hacking Accountability Data breaches Marketing

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. It uses a list of hardcoded username/password combinations to login into devices in the attempt to access systems using weak or default credentials. The botnet targets multiple architectures, including arm, bsd, x64, and x86.

Malware

Malware DDOS IoT Cybercrime

Defiant Tech firm who operated LeakedSource pleads guilty

Security Affairs

MAY 20, 2019

The LeakedSource website was launched in late 2015, in January 2017 the popular data breach notification website has been raided by feds. LeakedSource was also cracking the associated passwords when it was possible. “I am immensely proud of this outcome as combatting cybercrime is an operational priority for us.”

Cybercrime

Cybercrime Data breaches Advertising Passwords

Data from Sephora and StreetEasy data breaches added to HIBP

Security Affairs

OCTOBER 7, 2019

The StreetEasy data breach took place in the mid-2016 and exposed 988k records that included names, usernames, email addresses and SHA-1 password hashes. The data has been available for sale in the cybercrime underground since February. Impacted data includes names, usernames, email addresses and SHA-1 password hashes.

Data breaches

Data breaches Passwords Advertising Cybercrime

Ticketmaster will pay $10 Million fine over hacking a competitor

Security Affairs

JANUARY 2, 2021

The attacks aimed at stealing information to gain an advantage over CrowdSurge, which was acquired by Warner Music Group (WMG) in 2017. “Ticketmaster Used Passwords Unlawfully Retained by a Former Employee of a Competitor to Access Computer Systems in Scheme to “Choke Off” the Victim’s Business” wrote the DoJ.

Hacking

Hacking Passwords Accountability Cybercrime

CryptoCore hacker group stole over $200M from cryptocurrency exchanges

Security Affairs

JUNE 24, 2020

The CryptoCore group, aks Crypto-gang, “Dangerous Password”, and “Leery Turtle” has been active since 2018. The spear-phishing messages attempt to trick the victims into installing malware on their computer that allows attacker to steal or obtain access to a password manager account.

Cryptocurrency

Cryptocurrency Phishing Accountability Passwords

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

.” New York City-based cyber intelligence firm Flashpoint said the Snatch ransomware group was created in 2018, based on Truniger’s recruitment both on Russian language cybercrime forums and public Russian programming boards. “The command requires Windows system administrators,” Truniger’s ads explained.

Ransomware

Ransomware Accountability Cybercrime Backups

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Experts observed the bot attempting to gain access to the device by using a combination of eight common usernames and 130 passwords for IoT devices over SSH and telnet on ports 23 and 2323. Ensure secure configurations for devices: Change the default password to a strong one, and block SSH from external access.

IoT

IoT DDOS Malware Firmware

TA547 targets German organizations with Rhadamanthys malware

Security Affairs

APRIL 12, 2024

TA547 is a financially motivated threat actor that has been active since at least November 2017, it was observed conducting multiple campaigns to deliver a variety of Android and Windows malware, including DanaBot , Gootkit , Lumma stealer , NetSupport RAT , Ursnif , and ZLoader.

Malware

Malware Social Engineering Retail Engineering

NightLion hacker is selling details of 142 million MGM Resorts hotel guests

Security Affairs

JULY 14, 2020

“The new finding came to light over the weekend after a hacker put up for sale the hotel’s data in an ad published on a dark web cybercrime marketplace.” According to MGM Resorts, the data was old, none of the customers in the archive stayed at the hotel past 2017. ” reported ZDNet.

Data breaches

Data breaches Advertising Hacking Cybercrime

Harvard Business Publishing licensee hit by ransomware

Security Affairs

OCTOBER 9, 2022

In total, the database leaked over 152,000 pieces of information pertaining to customers, such as emails, names, links to LinkedIn, Twitter, and Facebook profiles, and hashed passwords. The instance also contained 15 employee emails, names, and passwords protected by a weak SHA1-128bit hash. It also had organizations’ tax numbers.

Ransomware

Ransomware Passwords Encryption Identity Theft

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. It uses a list of hardcoded username/password combinations to login into devices in the attempt to access systems using weak or default credentials. The botnet targets multiple architectures, including arm, bsd, x64, and x86.

DDOS

DDOS Architecture Malware Cybercrime

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source. In a 2017 discussion on fl.l33t[.]su

VPN

VPN Computers and Electronics Antivirus Software

“FudCo” Spam Empire Tied to Pakistani Software Firm

Krebs on Security

SEPTEMBER 6, 2021

In May 2015, KrebsOnSecurity briefly profiled “ The Manipulaters ,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. One of several current Fudtools sites run by The Manipulaters.

Software

Software Phishing Cybercrime Accountability

Cybersecurity CEO: Security Awareness is An Ongoing Commitment

Herjavec Group

OCTOBER 27, 2020

According to Cybersecurity Ventures – cybercrime will cost the world $6 trillion annually by 2021 ! Cybercrime will cost the world $6 trillion annually by 2021 , up from $3 trillion in 2015. Global cybersecurity spending is not keeping up, and is estimated to be $1 trillion cumulatively over the 5 year period from 2017 to 2021.

Security Awareness

Security Awareness Cybersecurity Cybercrime Education

Crooks offer millions to skilled black hats to help them in extortion campaigns

Security Affairs

FEBRUARY 23, 2019

Cybercrime gangs aim at hiring skilled hackers that can help them in extortion campaign against high-worth individuals, in this case they promise $30,000 per month ($360,000 per year). “ Highly competitive salaries and other forms of remuneration are becoming an essential element of attractive in the cybercrime ecosystem.

Cybercrime

Cybercrime Penetration Testing Advertising Hacking

Two PoS Malware used to steal data from more than 167,000 credit cards

Security Affairs

OCTOBER 25, 2022

MajikPOS PoS malware was first spotted by Trend Micro in early 2017, when it was used to target businesses in North America and Canada. On July 18, 2019, the source code for MajikPOS (aka MagicPOS) was offered for sale on the cybercrime forum “exploit[.]in” MajikPOS is written using the “.NET

Malware

Malware Cybercrime Banking Marketing

Creator of multiple IoT botnets, including Satori, pleaded guilty

Security Affairs

SEPTEMBER 4, 2019

Schuchman , Vamp, and Drake created the Satori botnet in between July and August 2017. The first Satori iteration targeted devices running with factory-settings or protected with easy -to-guess passwords, the bot infected over 100,000 devices in its first month. SecurityAffairs – Satori, cybercrime). Pierluigi Paganini.

IoT

IoT DDOS Internet Internet

FBI Warns of ‘Unlimited’ ATM Cashout Blitz

Krebs on Security

AUGUST 12, 2018

” Organized cybercrime gangs that coordinate unlimited attacks typically do so by hacking or phishing their way into a bank or payment card processor. million from accounts at the National Bank of Blacksburg in two separate ATM cashouts between May 2016 and January 2017.

Banking

Banking Accountability Retail Phishing

Developer of DDoS Mirai based botnets sentenced to prison

Security Affairs

JUNE 26, 2020

Schuchman, Vamp, and Drake created the Satori botnet in between July and August 2017. The first Satori iteration targeted devices running with factory-settings or protected with easy-to-guess passwords, the bot infected over 100,000 devices in its first month. the man also claimed that the botnet was capable of DDoS attacks of 1Tbps.

DDOS

DDOS IoT Advertising Internet

Nobel Prize-Winning “Nudge Theory” May Be the Answer to Your Internal Cybersecurity Challenges

Herjavec Group

DECEMBER 9, 2020

Dr. Richard Thaler, 2017 Nobel Economics laureate for his work with the “Nudge Theory”, argues that in general, humans do not make economic decisions based on rational thinking, even for very important decisions like taking measures to secure sensitive information stored on a corporate or personal device.

Cybersecurity

Cybersecurity Passwords Architecture Data breaches

Delaware County, Pennsylvania, opted to pay 500K ransom to DoppelPaymer gang

Security Affairs

NOVEMBER 30, 2020

“BleepingComputer was also told that the ransomware gang advised Delaware County to change all of their passwords and modify their Windows domain configuration to include safeguards from the Mimikatz program.” BleepingComputer was informed that the Delaware County was hit by the DoppelPaymer ransomware gang.

Computers and Electronics

Computers and Electronics Ransomware Insurance Cybercrime

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Krebs on Security

DECEMBER 16, 2019

Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “ Evil Corp ” and stole roughly $100 million from businesses and consumers. LOW FRIENDS IN HIGH PLACES.

Cybercrime

Cybercrime Banking Small Business Accountability

Protecting Against Leakware: 5 Strategies for Vulnerable Executives

SecureWorld News

APRIL 4, 2022

According to a report from McAfee Enterprise and FireEye titled, "Cybercrime in a Pandemic World: The Impact of COVID-19," 81% of global organizations have experienced increased cyberthreats, and 79% experienced downtime from an attack during a peak season. Before leakware came doxware, which was popular in 2016 and 2017.

Ransomware

Ransomware Digital transformation Phishing Small Business

Crooks offered for sale private messages for 81k Facebook accounts

Security Affairs

NOVEMBER 3, 2018

Experts from Digital Shadows traced the advertisement to an IP address in Saint Petersburg, they also linked the IP address to a campaign spreading LokiBot password-stealing. Security Affairs – Facebook accounts, cybercrime). Which is the data source? Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Accountability

Accountability Advertising Cybercrime Hacking

Hacker will compensate victims with $1.1 million Bitcoin illegally earned

Security Affairs

AUGUST 24, 2019

Grant West, aka ‘Courvoisier,’ is a hacker that was arrested by the police on September 2017 as result of a two-year-long investigation code-named ‘Operation Draba.’ SecurityAffairs – cybercrime, Bitcoin). UK authorities have seized over £920,000 ($1.1 The police also seized around £1.6 Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Scams Cybercrime Phishing

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. Six days later, on December 19, 2017.

Hacking

Hacking DNS Cryptocurrency Accountability

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

FBI: Compromised US academic credentials available on various cybercrime forums

Trending Sources

Who’s Behind the NetWire Remote Access Trojan?

Dell notifies customers about data breach

More on the SolarWinds Breach

Who Is the Network Access Broker ‘Babam’?

$10M Is Yours If You Can Get This Guy to Leave Russia

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Karma Catches Up to Global Phishing Service 16Shop

Kroll Employee SIM-Swapped for Crypto Investor Data

Decoding Security 109: New Year’s Resolutions

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

GUEST ESSAY: ‘Initial access brokers’ — IABs — specialize in enabling surreptitious access

Admins of Genesis Market marketplace sold their infrastructure on a hacker forum

Breached Data Indexer ‘Data Viper’ Hacked

Stark Industries Solutions: An Iron Hammer in the Cloud

MyEquifax.com Bypasses Credit Freeze PIN

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

EnemyBot malware adds new exploits to target CMS servers and Android devices

Defiant Tech firm who operated LeakedSource pleads guilty

Data from Sephora and StreetEasy data breaches added to HIBP

Ticketmaster will pay $10 Million fine over hacking a competitor

CryptoCore hacker group stole over $200M from cryptocurrency exchanges

A Closer Look at the Snatch Data Ransom Group

A new Zerobot variant spreads by exploiting Apache flaws

TA547 targets German organizations with Rhadamanthys malware

NightLion hacker is selling details of 142 million MGM Resorts hotel guests

Harvard Business Publishing licensee hit by ransomware

Enemybot, a new DDoS botnet appears in the threat landscape

A Deep Dive Into the Residential Proxy Service ‘911’

“FudCo” Spam Empire Tied to Pakistani Software Firm

Cybersecurity CEO: Security Awareness is An Ongoing Commitment

Crooks offer millions to skilled black hats to help them in extortion campaigns

Two PoS Malware used to steal data from more than 167,000 credit cards

Creator of multiple IoT botnets, including Satori, pleaded guilty

FBI Warns of ‘Unlimited’ ATM Cashout Blitz

Developer of DDoS Mirai based botnets sentenced to prison

Nobel Prize-Winning “Nudge Theory” May Be the Answer to Your Internal Cybersecurity Challenges

Delaware County, Pennsylvania, opted to pay 500K ransom to DoppelPaymer gang

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Protecting Against Leakware: 5 Strategies for Vulnerable Executives

Crooks offered for sale private messages for 81k Facebook accounts

Hacker will compensate victims with $1.1 million Bitcoin illegally earned

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Stay Connected