2018, Accountability, Cybercrime and Web Fraud

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Krebs on Security

FEBRUARY 4, 2021

Facebook, Instagram , TikTok , and Twitter this week all took steps to crack down on users involved in trafficking hijacked user accounts across their platforms. Facebook said it targeted a number of accounts tied to key sellers on OGUsers, as well as those who advertise the ability to broker stolen account sales. THE MIDDLEMEN.

Accountability

Accountability Hacking Media Mobile

Phishing Sites Targeting Scammers and Thieves

Krebs on Security

AUGUST 9, 2021

Also, this greenhorn criminal clearly had bought into BriansClub’s advertising, which uses my name and likeness in a series of ads that run on all the top cybercrime forums. That was right after KrebsOnSecurity broke the news that someone had hacked BriansClub and siphoned information on 26 million stolen debit and credit accounts.

Phishing

Phishing Cybercrime Accountability Advertising

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. Chaput said that at one point last week the volume of bot accounts being registered for the crypto spam campaign started overwhelming the servers that handle new signups at Mastodon.social.

Scams

Scams DDOS Cryptocurrency Accountability

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. biz , a long-running crypting service that is trusted by some of the biggest names in cybercrime.

Malware

Malware Antivirus Cybercrime Hacking

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases.

Hacking

Hacking Government Media Accountability

Hoax Email Blast Abused Poor Coding in FBI Website

Krebs on Security

NOVEMBER 13, 2021

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. Until sometime this morning, the LEEP portal allowed anyone to apply for an account. ” the FBI’s site enthuses.

Internet

Internet Internet Hacking Accountability

US Harbors Prolific Malicious Link Shortening Service

Krebs on Security

OCTOBER 31, 2023

” Infoblox determined that until May 2023, domains ending in.info accounted for the bulk of new registrations tied to the malicious link shortening service, which Infoblox has dubbed “ Prolific Puma.” As far back as 2018, Interisle found.US domains registered daily.US and illicit or harmful content.

Phishing

Phishing Telecommunications Malware Scams

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Brad Marden , superintendent of cybercrime operations for the Australian Federal Police (AFP), said their investigation into who was behind U-Admin began in late 2018, after Australian citizens began getting deluged with phishing attacks via mobile text messages that leveraged the software.

Phishing

Phishing Scams Banking Mobile

That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards

Krebs on Security

NOVEMBER 13, 2018

Randall said she didn’t notice at the time because she was in the middle of switching careers, didn’t have any active photography clients, and had gotten out of the habit of checking that email account. “I still don’t have access to it because I don’t have access to the email account tied to my old domain. .

Accountability

Accountability eCommerce Cybercrime Advertising

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source. su between 2016 and 2019. su between 2016 and 2019.

VPN

VPN Computers and Electronics Antivirus Software

This Service Helps Malware Authors Fix Flaws in their Code

Krebs on Security

MAY 18, 2020

is cybercrime forum. “We can examine your (or not exactly your) PHP code for vulnerabilities and backdoors,” reads his offering on several prominent Russian cybercrime forums. The cybercrime actor “upO” on Exploit[.]in RedBear’s profile on the Russian-language xss[.]is

Malware

Malware Cybercrime Ransomware Marketing

“BriansClub” Hack Rescues 26M Stolen Cards

Krebs on Security

OCTOBER 15, 2019

.” Multiple people who reviewed the database shared by my source confirmed that the same credit card records also could be found in a more redacted form simply by searching the BriansClub Web site with a valid, properly-funded account. million cards added; 2018 brought in 9.2 million card records for sale. million more.

Hacking

Hacking Cybercrime Marketing Banking

Busting SIM Swappers and SIM Swap Myths

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. OG accounts typically can be resold for thousands of dollars. ” FAKE IDs AND PHONY NOTES.

Mobile

Mobile Cryptocurrency Accountability Passwords

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Krebs on Security

OCTOBER 25, 2018

The fraudsters behind the often laughable Nigerian prince email scams have long since branched out into far more serious and lucrative forms of fraud, including account takeovers, phishing, dating scams, and malware deployment. The FBI says BEC scams netted thieves more than $12 billion between 2013 and 2018.

Scams

Scams Accountability Media Banking

Cyber Security Informer

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Phishing Sites Targeting Scammers and Thieves

Trending Sources

Interview With a Crypto Scam Investment Spammer

Why Malware Crypting Services Deserve More Scrutiny

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Hoax Email Blast Abused Poor Coding in FBI Website

US Harbors Prolific Malicious Link Shortening Service

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards

A Deep Dive Into the Residential Proxy Service ‘911’

This Service Helps Malware Authors Fix Flaws in their Code

“BriansClub” Hack Rescues 26M Stolen Cards

Busting SIM Swappers and SIM Swap Myths

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Stay Connected