Krebs on Security

OCTOBER 1, 2019

A Slovenian man convicted of authoring the destructive and once-prolific Mariposa botnet and running the infamous Darkode cybercrime forum has been arrested in Germany on request from prosecutors in the United States, who’ve recently re-indicted him on related charges. issued international arrest warrant for his extradition.

Cybercrime 48

Cybercrime Malware Antivirus Banking 48

Krebs on Security

JULY 18, 2022

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source. su between 2016 and 2019. FORUM ACTIVITY?

VPN 358

VPN Computers and Electronics Antivirus Software 358

Security Affairs

NOVEMBER 22, 2020

“Two Romanian suspects have been arrested yesterday for allegedly running the CyberSeal and Dataprotector crypting services to evade antivirus software detection.” The pair also operated the Cyberscan service which allowed their clients to test their malware against antivirus tools. SecurityAffairs – hacking, cybercrime).

Malware 141

Malware Antivirus Cybercrime Software 141

Security Affairs

OCTOBER 15, 2019

Chinese-speaking cybercrime gang Rocke that carried out several large-scale cryptomining campaigns, has now using news tactics to evade detection. Chinese-speaking cybercrime gang Rocke, that carried out several large-scale cryptomining campaigns in past , has now using news tactics to evade detection. Pierluigi Paganini.

Cybercrime 92

Cybercrime DNS Malware Advertising 92

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. ” The SMOKEDHAM backdoor was associated by FireEye to the activity of the UNC2465 group that dates back to at least April 2019 and is considered a DARKSIDE RaaS affiliate.

Cybercrime 110

Cybercrime Ransomware Antivirus Software 110

Krebs on Security

SEPTEMBER 6, 2021

In May 2015, KrebsOnSecurity briefly profiled “ The Manipulaters ,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. One of several current Fudtools sites run by The Manipulaters. FAIL BY NUMBERS.

Software 317

Software Phishing Cybercrime Accountability 317

Krebs on Security

JULY 8, 2019

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. in , where the group recruited many of its distributors.

Ransomware 279

Ransomware Accountability Cybercrime Passwords 279

Krebs on Security

DECEMBER 29, 2022

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. This bold about-face dumbfounded many longtime Norton users because antivirus firms had spent years broadly classifying all cryptomining programs as malware.

Cryptocurrency 309

Cryptocurrency Cybercrime Computers and Electronics Scams 309

SecureWorld News

JUNE 16, 2021

When it comes to hacking and cybercrime, sometimes all the focus is on the one who launches the attack. DOJ prosecutors say Oleg Koshkin, a 41-year-old Russian national, operated a crypting service used to conceal Kelihos malware from antivirus software. One of those threat actors was just convicted in a United States courtroom.

Antivirus 69

Antivirus Malware Software Cryptocurrency 69

Krebs on Security

SEPTEMBER 30, 2023

GandCrab dissolved in July 2019, and is thought to have become “ REvil ,” one of the most ruthless and rapacious Russian ransomware groups of all time. In April 2020, Truniger was banned from two of the top Russian cybercrime forums, where members from both forums confirmed that Semen7907 was one of Truniger’s known aliases.

Ransomware 294

Ransomware Accountability Cybercrime Backups 294

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. In 2019, The Manipulaters failed to renew their core domain name — manipulaters[.]com

Phishing 299

Phishing Cybercrime Malware Advertising 299

Zero Day

JUNE 6, 2025

The data in question was posted on a Russian cybercrime forum on May 15 and then uploaded again on June 3, apparently garnering attention from other cybercriminals and potential buyers. " Also:  Stop paying for antivirus software. But in this age of cybercrime, these numbers have become vulnerable.

Password Management 128

Password Management Passwords Identity Theft Software 128

Security Affairs

APRIL 27, 2020

The cybercrime gang also apologized for the damages they have caused their victims. The Shade infections increased during October 2018, keeping a constant trend until the second half of December 2018, taking a break around Christmas, and then resuming in mid-January 2019 doubled in size.

Ransomware 145

Ransomware Advertising Antivirus Cybercrime 145

SecureWorld News

JUNE 16, 2021

When it comes to hacking and cybercrime, sometimes all the focus is on the one who launches the attack. DOJ prosecutors say Oleg Koshkin, a 41-year-old Russian national, operated a crypting service used to conceal Kelihos malware from antivirus software. One of those threat actors was just convicted in a United States courtroom.

Antivirus 52

Antivirus Malware Software Cryptocurrency 52

Security Affairs

AUGUST 3, 2020

He had no previous criminal records at the time of the arrest, but it is known to be a member of a cybercrime forum to become an affiliate for the GandCrab ransomware operation. The GandCrab Ransomware-as-a-Service shut down operations in June 2019 and told affiliates to stop distributing the ransomware. million dollars per week.

Ransomware 145

Ransomware Advertising Malware Hacking 145

Security Affairs

DECEMBER 12, 2021

“A Russian national was sentenced today to 48 months in prison for operating a “crypting” service used to conceal the Kelihos malware from antivirus software, which enabled hackers to systematically infect approximately hundreds of thousands of victim computers around the world with malicious software, including ransomware.”

Antivirus 103

Antivirus Malware Cybercrime Cyber threats 103

Security Affairs

DECEMBER 29, 2019

Experts uncovered a new tool dubbed BIOLOAD used by the FIN7 cybercrime group used as a dropper for a new variant of the Carbanak backdoor. The samples of BIOLOAD loader analyzed by the experts were compiled in March and July 2019, while the samples of BOOSTWRITE were compiled in May. ” Fortinet concludes.

Cybercrime 93

Cybercrime Antivirus Identity Theft Advertising 93

Security Affairs

SEPTEMBER 7, 2020

A recently discovered cybercrime gang, tracked as Epic Manchego , is using a new technique to create weaponized Excel files that are able to bypass security checks. ” The library can generate files in multiple spreadsheet formats, it also supports Excel 2019.

Cybercrime 134

Cybercrime Phishing Advertising Antivirus 134

Security Affairs

JULY 8, 2020

Since March 2019, Fxmsp announced in cybercrime forums the availability of information stolen from major antivirus companies located in the U.S. In 2019, Fxmsp confirmed to have breached the networks of some security companies and to have obtained long-term access. Attorney Brian T.

Hacking 112

Hacking Antivirus Advertising Cybercrime 112

Security Affairs

MARCH 19, 2020

” According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. Operators behind the Pysa ransomware, also employed a version of the PowerShell Empire penetration-testing tool, they were able to stop antivirus products. This new version used the.

Government 142

Government Ransomware Encryption Penetration Testing 142

Security Affairs

APRIL 17, 2019

The latest variant appeared in the cybercrime underground in December 2018, it was named HawkEye Reborn v9. Experts at Talos observed threat actors spreading the malware via malicious email campaigns starting with the second half of 2018 and continuing into 2019. ” reads the analysis published by Talos.

Antivirus 108

Antivirus Malware Advertising Passwords 108

Security Affairs

NOVEMBER 28, 2020

The news reported by ZDnet is not surprising, I have discovered several times such kind of offer, but it is important to raise awareness on the cybercrime-as-a-service model that could rapidly enable threat actors to carry out malicious activities. Exploit.in

Accountability 115

Accountability Cybercrime Hacking Data collection 115

Security Affairs

NOVEMBER 19, 2019

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. More than 80% of all malicious files were disguised as .zip rar archive files.

Ransomware 99

Ransomware Antivirus Malware Banking 99

Security Affairs

MARCH 14, 2025

The dual Russian-Israeli national was arrested in Israel in 2024 and faces charges related to his role in the ransomware operation The man is accused of being a LockBit ransomware developer from 2019 through at least February 2024. Panev received over $230,000 in laundered cryptocurrency from Khoroshev between 2022 and 2024.

Ransomware 63

Ransomware Cryptocurrency Small Business Malware 63

Security Affairs

JANUARY 6, 2023

Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware allowing its victims to restore their data for free. Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware , which can allow victims of the group to restore their data for free. The group typically asked ransoms between $20,000 to $5.8

Ransomware 98

Ransomware Antivirus Encryption Backups 98

Krebs on Security

JULY 28, 2022

” Microleaves has long been classified by antivirus companies as adware or as a “potentially unwanted program” (PUP), the euphemism that antivirus companies use to describe executable files that get installed with ambiguous consent at best, and are often part of a bundle of software tied to some “free” download.

Advertising 284

Advertising Software Computers and Electronics Internet 284

Security Affairs

SEPTEMBER 20, 2019

Experts revealed that the botnet was used by the TA505 cybercrime gang to distribute the FlawedAmmy RAT and some email stealers. “Amadey is a relatively new botnet , first noted late in Q1 of 2019. . “Amadey is a relatively new botnet , first noted late in Q1 of 2019.

Phishing 108

Phishing Social Engineering Malware Advertising 108

Security Affairs

APRIL 21, 2019

Locked Shields 2019 – Chapeau, France wins Cyber Defence Exercise. CVE-2019-0803 Windows flaw exploited to deliver PowerShell Backdoor. Operator of Codeshop Cybercrime Marketplace Sentenced to 90 months in prison. Avast, Avira, Sophos and other antivirus solutions show problems after.

Computers and Electronics 94

Computers and Electronics Data breaches Spyware DNS 94

Security Affairs

MARCH 17, 2021

According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. New #Mespinoza #Ransomware [link] Ext: locked R/n: Readme.README Affected users, contact the support forum of @BleepinComputer pic.twitter.com/SbKxVEIXUd — Amigo-A (@Amigo_A_) October 25, 2019.

Education 121

Education Ransomware Encryption Antivirus 121

Security Affairs

JUNE 23, 2020

Fxmsp gained worldwide fame in May 2019, after it was reported that the networks belonging to leading antivirus software companies had been compromised. Fxmsp took his first steps in the cybercrime scene in September 2016 when he registered on an underground forum, fuckav[.]ru. Fxmsp’s public activity culminated in April 2019.

Antivirus 103

Antivirus Advertising Hacking Banking 103

The Last Watchdog

JUNE 21, 2020

In November 2019, the criminals behind a ransomware species called Maze started a new trend that is currently gaining momentum on the dark web. Forward outlook Ransomware is a dynamic and increasingly hybrid segment of cybercrime. Depending on the number of infected computers, ransoms can reach millions of dollars. About the essayist.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

JANUARY 6, 2023

“The attack is similar to the one in the summer of 2019, when four other hospitals in Romania were targeted. In 2019 other four hospitals in Romania suffered ransomware attacks that were attributed to the PHOBOS extortion group. ” reported the website Romania Insider. I cannot say more at the moment.

Ransomware 98

Ransomware Antivirus Media Encryption 98

Security Affairs

JANUARY 26, 2020

Citrix releases permanent fixes for CVE-2019-19781 flaw in ADC 11.1 Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack. Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online. Hackers patch Citrix servers to deploy their own backdoor. Govn Agency.

Data breaches 112

Data breaches Advertising Antivirus DDOS 112

Security Affairs

SEPTEMBER 16, 2019

The researchers provided evidence that the threat actors sold the purchased certificates to a cybercrime gang that used them to spread malware. The verification is done using a public antivirus scanning service, then the threat actors use the file scan record as “a clean bill of health” for potential buyers.

Adware 105

Adware Advertising Marketing Antivirus 105

Security Affairs

JUNE 12, 2019

“During the period of March to May 2019, Morphisec Labs observed a new, highly sophisticated variant of the ShellTea / PunchBuggy backdoor malware that attempted to infiltrate a number of machines within the network of a customer in the hotel-entertainment industry.” ” reads the analysis published by Morphisec.

Hacking 106

Hacking Malware Advertising Cybercrime 106

Identity IQ

AUGUST 20, 2021

Truth be told: cybercrimes against students continue to rise, especially against those who report to university campuses and use university resources. According to BlueVoyant’s Cybersecurity in Higher Education 2021 report , ransomware attacks on colleges increased twofold between 2019 and 2020. Digital Security and Online Privacy.

Identity Theft 98

Identity Theft Passwords Education Banking 98

Security Affairs

JUNE 20, 2022

The malware was first spotted in 2019 by security experts at Kaspersky, the name BRAT comes from ‘Brazilian RAT Android,’ because at the time it was used to spy on Brazilian users. The developers behind the BRATA Android malware have implemented additional features to avoid detection. ” concludes the report.

Malware 131

Malware Banking Antivirus Phishing 131