2017 and Web Fraud - Cyber Security Informer

Pakistani Firm Shipped Fentanyl Analogs, Scams to US

Krebs on Security

MAY 7, 2025

” Launched in 2017, eWorldTrade[.]com Department of Justice said Dallas-based eWorldTrade “operated an online business-to-business marketplace that facilitated the distribution of synthetic opioids such as isotonitazene and carfentanyl, both significantly more potent than fentanyl.”

Scams

Scams Marketing Advertising Technology

This Service Helps Malware Authors Fix Flaws in their Code

Krebs on Security

MAY 18, 2020

His final post on Exploit in May 2017 somewhat jokingly indicated he was joining an upstart ransomware affiliate program. 2016 and July 2017 that sought to corner the increasingly lucrative and competitive market for ransomware-as-a-service offerings. RANSOMWARE DREAMS.

Malware

Malware Cybercrime Ransomware Marketing

Actions Target Russian Govt. Botnet, Hydra Dark Market

Krebs on Security

APRIL 7, 2022

The other indictment named Russians affiliated with a skilled hacking group known as “Triton” or “Trisis,” which infected a Saudi oil refinery with destructive malware in 2017, and then attempted to do the same to U.S. energy facilities. and international companies and entities, including U.S. ” HYDRA. .

Marketing

Marketing Energy and Utilities Malware Ransomware

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

911’s EULA would later change its company name and address in 2017, to International Media Ltd. In a 2017 discussion on fl.l33t[.]su in the British Virgin Islands. That is the same information currently displayed on the 911 website. The EULA attached to 911 software downloaded from browsingguard[.]com

VPN

VPN Computers and Electronics Antivirus Software

Phishing Sites Targeting Scammers and Thieves

Krebs on Security

AUGUST 9, 2021

While it may be hard to believe that authorities would go after crooks stealing from one another, in 2017 a Connecticut man pleaded guilty to charges of phishing several criminal dark web markets in a scheme that eventually netted over $365,000 and more than 10,000 stolen user credentials.

Phishing

Phishing Cybercrime Accountability Advertising

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

26, 2017 on the now-defunct carding site Joker’s Stash has been tied to a breach at Sonic Drive-In. . “Hi, there is work on d+p, unlimited,” Vega wrote in a private message to another user on Verified in Dec. This batch of some five million cards put up for sale Sept.

Cryptocurrency

Cryptocurrency Cybercrime Retail Government

Fake Investor John Bernard Sinks Norwegian Green Shipping Dreams

Krebs on Security

JANUARY 29, 2022

a Norwegian company formed in 2017 that was seeking the equivalent of USD $100 million investment to bring its green fleet of 30 new offshore service vessels to fruition. The scam artist John Bernard (left) in a recent Zoom call, and a photo of John Clifton Davies from 2015. “Bernard appeared to be experienced.

Scams

Scams Technology Web Fraud

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

In July 2018, Google disclosed that it had not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical security keys in place of one-time codes. Thus, the second factor cannot be phished, either over the phone or Internet.

Hacking

Hacking Social Engineering Phishing Scams

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

FEBRUARY 24, 2023

A security firm has discovered that a six-year-old crafty botnet known as Mylobot appears to be powering a residential proxy service called BHProxies , which offers paying customers the ability to route their web traffic anonymously through compromised computers. The BHProxies website.

Accountability

Accountability Advertising Marketing Malware

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

The international police organization INTERPOL said last week it had shuttered the notorious 16Shop, a popular phishing-as-a-service platform launched in 2017 that made it simple for even complete novices to conduct complex and convincing phishing scams. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com.

Phishing

Phishing Passwords Hacking Internet

Tricky Phish Angles for Persistence, Not Passwords

Krebs on Security

JANUARY 7, 2020

Second, this attack is not exactly new: In 2017, for instance, phishers used a similar technique to plunder accounts at Google’s Gmail service. Still, this phishing tactic is worth highlighting because recent examples of it received relatively little press coverage.

Phishing

Phishing Passwords Accountability Authentication

Identity Thieves Bypassed Experian Security to View Credit Reports

Krebs on Security

JANUARY 9, 2023

And as we saw with Equifax’s consolidated class-action settlement in response to letting state-sponsored hackers from China steal data on nearly 150 million Americans back in 2017 , class-actions and more laughable “free credit monitoring” services from the very same companies that created the problem aren’t going to cut it.

Identity Theft

Identity Theft Accountability Authentication Web Fraud

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

More greatest hits from Experian: 2017: Experian Site Can Give Anyone Your Credit Freeze PIN. . “I do think it’s important to point out that their real customers do have a choice, and they should switch to TransUnion and Equifax,” he added. 2015: Experian Breach Affects 15 Million Customers.

Accountability

Accountability Passwords Authentication Password Management

How to Shop Online Like a Security Pro

Krebs on Security

NOVEMBER 23, 2018

Now that anyone can get SSL certificates for free , phishers and other scammers that ply their trade via fake Web sites are starting to up their game. In December 2017, PhishLabs estimated that a quarter of all phishing Web sites were outfitting their scam pages with SSL certificates to make them appear more trustworthy.

Scams

Scams Wireless Phishing Banking

‘Spam Nation’ Villain Vrublevsky Charged With Fraud

Krebs on Security

MARCH 22, 2022

In February 2017, Horohorin was released after serving four years in a U.S. Russian banks are prohibited from processing payments for online gambling, and as a result many online gaming sites catering to Russian speakers have chosen to process credit card payments through Ukrainian financial institutions.

Banking

Banking Marketing DDOS Risk

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Krebs on Security

JANUARY 22, 2019

Mozilla spokesperson Ellen Canale said Mozilla took ownership of virtualfirefox.com in September 2017 after a trademark dispute, but that the DNS nameserver for the record was not reset until January of 2019. “We’ve reviewed the configuration of both our registrar and nameservers and have found no indication of misuse.

DNS

DNS Internet Internet Computers and Electronics

Karma Catches Up to Global Phishing Service 16Shop

Security Boulevard

AUGUST 17, 2023

Last week, the international police organization INTERPOL said it had shuttered the notorious 16Shop, a popular phishing-as-a-service platform launched in 2017 that made it simple for even complete novices to conduct complex and convincing phishing scams.

Phishing

Phishing Scams Web Fraud

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

CosmoTheGod rocketed to Internet infamy in 2013 when he and a number of other hackers set up the Web site exposed[dot]su , which published the address, Social Security numbers and other personal information of public figures, including the former First Lady Michelle Obama , the then-director of the FBI and the U.S. attorney general.

Cryptocurrency

Cryptocurrency Government Internet Internet

KrebsOnSecurity in New Netflix Series on Cybercrime

Krebs on Security

JUNE 7, 2022

But these dangerous hoaxes can quickly turn deadly: In March 2019, 26-year-old serial swatter Tyler Barriss was sentenced to 20 years in prison for making a phony emergency call to police in late 2017 that resulted in the shooting death of an innocent Kansas resident.

Cybercrime

Cybercrime Internet Internet Web Fraud

‘ValidCC,’ a Major Payment Card Bazaar and Looter of E-Commerce Sites, Shuttered

Krebs on Security

FEBRUARY 2, 2021

ValidCC, circa 2017. The proprietors of the popular store said their servers were seized as part of a coordinated law enforcement operation designed to disconnect and confiscate its infrastructure.

Cybercrime

Cybercrime Media Accountability Hacking

Meet the World’s Biggest ‘Bulletproof’ Hoster

Krebs on Security

JULY 16, 2019

Yalishanda would re-brand and market his pricey bulletproof hosting services under a variety of nicknames and cybercrime forums over the years, including one particularly long-lived abuse-friendly project aptly named abushost[.]ru. “Bulletproof hosting is probably the biggest enabling service that you find in the underground.

Cybercrime

Cybercrime Phishing Banking Malware

Scary Fraud Ensues When ID Theft & Usury Collide

Krebs on Security

JANUARY 25, 2022

” In 2017, the Consumer Financial Protection Bureau sued four tribal online payday lenders in federal court — including Mountain Summit Financial — for allegedly deceiving consumers and collecting debt that was not legally owed in many states.

Financial Services

Financial Services Banking Accountability Identity Theft

“BriansClub” Hack Rescues 26M Stolen Cards

Krebs on Security

OCTOBER 15, 2019

million stolen cards; 2017 saw some 4.9 The leaked data shows that in 2015, BriansClub added just 1.7 million card records for sale. But business would pick up in each of the years that followed: In 2016, BriansClub uploaded 2.89 million cards added; 2018 brought in 9.2 million more. million cards.

Hacking

Hacking Cybercrime Marketing Banking

Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme

Krebs on Security

APRIL 22, 2024

The Russian news outlet Kommersant reports that all four of those who cooperated were released with probation or correctional labor. Zaitsev received a sentence of 3.5 years in prison, and defendant Alexander Kovalev got four years.

Cybercrime

Cybercrime Hacking Software Web Fraud

Cyber Security Informer

Pakistani Firm Shipped Fentanyl Analogs, Scams to US

This Service Helps Malware Authors Fix Flaws in their Code

Trending Sources

Actions Target Russian Govt. Botnet, Hydra Dark Market

A Deep Dive Into the Residential Proxy Service ‘911’

Phishing Sites Targeting Scammers and Thieves

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Fake Investor John Bernard Sinks Norwegian Green Shipping Dreams

When Low-Tech Hacks Cause High-Impact Breaches

Who’s Behind the Botnet-Based Service BHProxies?

Karma Catches Up to Global Phishing Service 16Shop

Tricky Phish Angles for Persistence, Not Passwords

Identity Thieves Bypassed Experian Security to View Credit Reports

Experian, You Have Some Explaining to Do

How to Shop Online Like a Security Pro

‘Spam Nation’ Villain Vrublevsky Charged With Fraud

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Karma Catches Up to Global Phishing Service 16Shop

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

KrebsOnSecurity in New Netflix Series on Cybercrime

‘ValidCC,’ a Major Payment Card Bazaar and Looter of E-Commerce Sites, Shuttered

Meet the World’s Biggest ‘Bulletproof’ Hoster

Scary Fraud Ensues When ID Theft & Usury Collide

“BriansClub” Hack Rescues 26M Stolen Cards

Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme

Stay Connected