2019, Cybercrime, Hacking and Information Security

DoJ charged 19 individuals in a transnational cybercrime investigation xDedic Marketplace

Security Affairs

JANUARY 8, 2024

19 individuals worldwide were charged in a transnational cybercrime investigation of the now defunct xDedic marketplace. In 2016 the service was offering up to 70,000 hacked servers for as little as $6, and with 416 registered sellers in 173 countries, the platform was operating a highly successful global business model.

Cybercrime

Cybercrime Identity Theft Government Hacking

Safer internet day – Cybercrime facts Infographic

Security Affairs

FEBRUARY 11, 2020

Dear readers, I decided to create a simple Infographic that shows Cybercrime facts in 2019, I’ve done it for Safer Internet Day 2020. SecurityAffairs – cybercrime, hacking). The post Safer internet day – Cybercrime facts Infographic appeared first on Security Affairs. Pierluigi Paganini.

Cybercrime

Cybercrime Internet Internet Advertising

Black Basta ransomware gang hacked Hyundai Motor Europe

Security Affairs

FEBRUARY 9, 2024

Black Basta ransomware gang claims the hack of the car maker Hyundai Motor Europe and the theft of three terabytes of their data. In December 2019, German media reported that hackers suspected to be members of the Vietnam-linked APT Ocean Lotus ( APT32 ) group breached the networks of the car manufacturers BMW and Hyundai.

Hacking

Hacking Ransomware Data breaches Manufacturing

Cybercrime Forum Data Set for 2019 and 2021 – Free Direct Download Technical Collection Copy Available! Grab a Copy Today!

Security Boulevard

MAY 25, 2021

I've decided to make my Cybercrime Forum Data Set for 2019 and 2021 exclusively available online for free in order for me to speed the dissemination process and to possibly empower security researchers and vendors with the necessary information to help them stay on the top of their game in terms of current and emerging cyber threats including U.S

Cybercrime

Cybercrime Cyber threats Hacking Software

Reading the 2019 Internet Crime Complaint Center (IC3) report

Security Affairs

FEBRUARY 12, 2020

The FBI’s Internal Crime Complaint Center (IC3) released the FBI 2019 Internet Crime Report , a document that outlines cybercrime trends over the past year. Here we are to analyze the annual FBI 2019 Internet Crime Complaint Center (IC3) , one of the most interesting documents on the crime trends observed in the last 12 months.

Internet

Internet Internet Scams Cybercrime

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] In 2019, a Canadian company called Defiant Tech Inc. LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals.

Hacking

Hacking Accountability Data breaches Marketing

The newer cybercrime triad: TrickBot-Emotet-Conti

Security Affairs

NOVEMBER 20, 2021

“Emotet’s return is not coincidental, it is caused by major shifts in the overall cybercrime domain. This has been proven by the alliance of TrickBot , Emotet , and Ryuk : the three major players of the pre-2019 cybercrime hierarchy. SecurityAffairs – hacking, Emotet). ” concludes the analysis.

Cybercrime

Cybercrime Ransomware Banking Malware

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

Security Affairs

DECEMBER 15, 2023

The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. The Snatch ransomware group claims to have hacked Kraft Heinz in August and on December 14, it added the company to the list of victims on its leak site.

Hacking

Hacking Ransomware Computers and Electronics Marketing

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. ” The SMOKEDHAM backdoor was associated by FireEye to the activity of the UNC2465 group that dates back to at least April 2019 and is considered a DARKSIDE RaaS affiliate.

Cybercrime

Cybercrime Ransomware Antivirus Software

Ex-Canadian government employee admits to being a member of the Russian cybercrime gang NetWalker

Security Affairs

JUNE 30, 2022

A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. to charges related to his involvement with the Russian cybercrime group NetWalker. The group has been active since 2019, the NetWalker ransomware has been offered with the Ransomware-as-a-Service (RaaS) model.

Cybercrime

Cybercrime Government Ransomware Cryptocurrency

US dismantled and seized SSNDOB cybercrime marketplace

Security Affairs

JUNE 8, 2022

“Between December 2018 and June 2019, SSNDOB sent over $100,000 worth of Bitcoin to Joker’s Stash, suggesting the two markets may have had some relationship to one another, including possibly shared ownership.” Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Cybercrime

Cybercrime Cryptocurrency Marketing Advertising

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.” Denis Kloster, as posted to his Vkontakte page in 2019. “Thanks to you, we are now developing in the field of information security and anonymity!

Cybercrime

Cybercrime Advertising IoT Malware

AT&T confirmed that a data breach impacted 73 million customers

Security Affairs

MARCH 30, 2024

AT&T confirmed that a data breach impacted 73 million current and former customers after its data were leaked on a cybercrime forum. In August 2021, the ShinyHunters group claimed to have a database containing private information on roughly 70 million AT&T customers, but the company denied that they had been stolen from its systems.

Data breaches

Data breaches Telecommunications Cybercrime Hacking

Nitrokod crypto miner infected systems across 11 countries since 2019

Security Affairs

AUGUST 29, 2022

SecurityAffairs – hacking, Nitrokod ). The post Nitrokod crypto miner infected systems across 11 countries since 2019 appeared first on Security Affairs. Check Point shared Indicators of Compromise (IoCs) for this campaign. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Malware

Malware Software Internet Internet

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Hacking

Hacking VPN Advertising Financial Services

Ukrainian REvil gang member sentenced to 13 years in prison

Security Affairs

MAY 2, 2024

Vasinskyi is a REvil ransomware affiliate since at least March 1st, 2019. victims, and we are disrupting the broader cybercrime ecosystem.” Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, ransomware) Vasinskyi was extradited to the U.S. in March 2022.

Ransomware

Ransomware Cryptocurrency Cybercrime Encryption

Source code of Dharma ransomware now surfacing on public hacking forums

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. ” concluded ZDNet. Pierluigi Paganini.

Ransomware

Ransomware Hacking Advertising Malware

Chinese-speaking cybercrime gang Rocke changes tactics

Security Affairs

OCTOBER 15, 2019

Chinese-speaking cybercrime gang Rocke that carried out several large-scale cryptomining campaigns, has now using news tactics to evade detection. Chinese-speaking cybercrime gang Rocke, that carried out several large-scale cryptomining campaigns in past , has now using news tactics to evade detection. Pierluigi Paganini.

Cybercrime

Cybercrime DNS Malware Advertising

Microsoft fixes CVE-2019-1458 Windows Zero-Day exploited in NK-Linked attacks

Security Affairs

DECEMBER 11, 2019

Microsoft’s December 2019 Patch Tuesday updates fix a total of 36 flaws, including CVE-2019-1458 Windows zero-day exploited in North Korea-linked attacks. Microsoft’s December 2019 Patch Tuesday updates address a total of 36 flaws, including a Windows zero-day, tracked as CVE-2019-1458 exploited in attacks linked to North Korea.

Advertising

Advertising Cybercrime Hacking Accountability

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. A copy of the passport for Denis Kloster, as posted to his Vkontakte page in 2019.

Advertising

Advertising Cybercrime System Administration Hacking

Raccoon Malware, a success case in the cybercrime ecosystem

Security Affairs

FEBRUARY 24, 2020

Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. The Raccoon stealer was first spotted in April 2019, it was designed to steal victims’ credit card data, email credentials, cryptocurrency wallets, and other sensitive data.

Cybercrime

Cybercrime Malware Cryptocurrency Advertising

Grief ransomware gang hit US National Rifle Association (NRA)

Security Affairs

OCTOBER 27, 2021

Grief ransomware operators announced to have hacked US National Rifle Association (NRA) and threaten to leak the stolen data. The NRA was added to the list of compromised organizations on the leak site of the group, that gang also published a set of documents as proof of the hack. In 2019, the U.S. Pierluigi Paganini.

Ransomware

Ransomware Banking Cybercrime Hacking

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Krebs on Security

SEPTEMBER 24, 2022

.” A copy of the passport for Denis Kloster, as posted to his Vkontakte page in 2019. Denis Emelyantsev , as the apparent owner of RSOCKS, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer.

Cybercrime

Cybercrime Data breaches Malware Ransomware

A Ukrainian Raccoon Infostealer operator is awaiting trial in the US

Security Affairs

FEBRUARY 19, 2024

The man was held in the Netherlands, and he was charged for his alleged role in the international cybercrime operation known as Raccoon Infostealer. The Raccoon stealer was first spotted in April 2019, it was designed to steal victims’ credit card data, email credentials, cryptocurrency wallets, and other sensitive data.

Identity Theft

Identity Theft Cryptocurrency Cybercrime Hacking

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

On October 2022, Swiss police arrested Penchukov in Geneva, also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. In 2012, the Ukrainian national Vyacheslav Igorevich Penchukov was accused of being a member of a cybercrime gang known as JabberZeus crew.

Malware

Malware Cybercrime Banking Hacking

A Ukrainian man is the third FIN7 member sentenced in the United States

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). The man was arrested in Bangkok, Thailand in November 2019 at the request of U.S. in May 2020.

Cybercrime

Cybercrime Hacking Software Phishing

Evil Corp rebrands their ransomware, this time is the Macaw Locker

Security Affairs

OCTOBER 21, 2021

Evil Corp cybercrime gang is using a new ransomware called Macaw Locker to evade US sanctions that prevent victims from paying the ransom. The Evil Corp cybercrime group (aka the Dridex gang Indrik Spider , the Dridex gang, and TA505 ) has been active in cybercrime activities since 2007. In 2019, the U.S.

Ransomware

Ransomware Cybercrime Banking Encryption

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

This is an important achievement in the fight against cybercrime. The ransomware operation has been active since late December 2019, the FBI published two flash alert to warn of the operation of the group. The police on Thursday seized the Tor negotiation and data leak sites. Both FBI and Europol declined to comment on the events.

Ransomware

Ransomware Financial Services Cybercrime Manufacturing

US Feds arrested two men involved in the Warzone RAT operation

Security Affairs

FEBRUARY 12, 2024

Meli allegedly provided cybercriminals with malware products and services via online hacking forums. Meli offered malware products and services for sale to cybercriminals through online computer-hacking forums. The two individuals are charged with selling and supporting the Warzone RAT and other malware.

Malware

Malware Hacking Cybercrime Advertising

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

In many cases, the crooks hack managed service providers (MSPs) first and then use this access to compromise the partnering organizations. In November 2019, the criminals behind a ransomware species called Maze started a new trend that is currently gaining momentum on the dark web. pharma giant ExecuPharm.

Ransomware

Ransomware Hacking Encryption Penetration Testing

TrueFire Guitar tutoring website was hacked, financial data might have been exposed

Security Affairs

MARCH 18, 2020

While we do not store credit card information on our website, it appears that the unauthorized person gained access to the website and could have accessed the data of consumers who made payment card purchases while that data was being entered, between August 3, 2019 and January 14, 2020.” SecurityAffairs – TrueFire, cybercrime).

Hacking

Hacking Data breaches Advertising Accountability

Kansas Man pleads guilty to hacking the Post Rock Rural Water District

Security Affairs

OCTOBER 25, 2021

Travnichek accessed the computer systems of the Public Water System on about March 27, 2019, without authorization. According to the indictment, the man hacked the system with the intent to harm the Ellsworth Rural Water District No. SecurityAffairs – hacking, cyber security). 1, aka Post Rock Rural Water District.

Hacking

Hacking Risk Cybercrime Information Security

European police dismantled the DoppelPaymer ransomware gang

Security Affairs

MARCH 6, 2023

German police announced to have dismantled an international cybercrime gang behind the DoppelPaymer ransomware operation. DoppelPaymer ransomware has been active since June 2019 , in November 2020 Microsoft Security Response Center (MSRC) warned customers of the DoppelPaymer ransomware and provided useful information on the threat.

Ransomware

Ransomware Cybercrime Malware Phishing

SEC announces sanctions against entities over email account hacking

Security Affairs

SEPTEMBER 1, 2021

Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. Securities and Exchange Commission (SEC) announced sanctions against eight entities belonging to three companies over email account hacking due to cybersecurity failures. Pierluigi Paganini.

Accountability

Accountability Hacking Financial Services Cybersecurity

Over 23 million stolen payment card data traded on the Dark Web in H1 2019

Security Affairs

JULY 28, 2019

According to a report published by cyber security firm Sixgill data for over 23 million payment card were on offer in underground forums in the first half of 2019. . A report published by cybersecurity firm Sixgill revealed that data for over 23 million payment card were offered for sale in the cybercrime underground.

eCommerce

eCommerce Marketing Advertising Retail

Maze ransomware is going out of the business

Security Affairs

NOVEMBER 1, 2020

The Maze ransomware operators are shutting down their operations for more than one year the appeared on the threat landscape in May 2019. The Maze cybercrime gang is shutting down its operations, it was considered one of the most prominent and active ransomware crew since it began operating in May 2019. Pierluigi Paganini.

Ransomware

Ransomware Cybercrime Advertising Software

TheMoon bot infected 40,000 devices in January and February

Security Affairs

MARCH 26, 2024

In May 2018, researchers from security firm Qihoo 360 Netlab reported that cybercriminals that targeted the Dasan GPON routers were using another new zero-day flaw affecting the same routers and recruit them in their botnet. “ The report includes Indicators of Compromise (IoCs) associated with this campaign.

IoT

IoT Cybercrime Internet Internet

Evil Corp gang starts using LockBit Ransomware to evade sanctions

Security Affairs

JUNE 7, 2022

Mandiant researchers associate multiple LockBit ransomware attacks with the notorious Evil Corp Cybercrime Group. The researchers also noticed that the group shares numerous overlaps with the cybercrime gang Evil Corp. Treasury in December 2019. SecurityAffairs – hacking, Evil Corp). Pierluigi Paganini.

Ransomware

Ransomware Cybercrime Malware Hacking

CVE-2019-1132 Windows Zero-Day exploited by Buhtrap Group in government attack

Security Affairs

JULY 11, 2019

The CVE-2019-1132 flaw addressed by Microsoft this month was exploited by Buhtrap threat actor to target a government organization in Eastern Europe. Microsoft Patch Tuesday updates for July 2019 address a total of 77 vulnerabilities, including two privilege escalation flaws actively exploited in the wild. Pierluigi Paganini.

Government

Government Advertising Passwords Banking

North Korea-linked hackers stole $626 million in virtual assets in 2022

Security Affairs

DECEMBER 22, 2022

The Government of Pyongyang focuses on crypto hacking to fund its military program following harsh U.N. “South Korea’s main spy agency, the National Intelligence Service, said North Korea’s capacity to steal digital assets is considered among the best in the world because of the country’s focus on cybercrimes since U.N.

Cryptocurrency

Cryptocurrency Cybercrime Media Government

North Korea-linked threat actors stole $1.7 billion from cryptocurrency exchanges

Security Affairs

JANUARY 2, 2022

In a classified report cited by Chosun, the US National Intelligence Service (DNI) found that North Korea was financing its ‘priority policies’, such as nuclear and missile development, through cybercrime. SecurityAffairs – hacking, North Korea-linked threat actors). “Citing the U.S. 380 billion. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Cybercrime Media Government

Experts discovered TeslaGun Panel used by TA505 to manage its ServHelper Backdoor

Security Affairs

SEPTEMBER 6, 2022

Researchers discovered a previously undocumented software control panel, named TeslaGun, used by a cybercrime gang known as TA505. Researchers from cybersecurity firm PRODAFT have discovered a previously undocumented software control panel, tracked as TeslaGun, used by a cybercrime group known as TA505. Pierluigi Paganini.

Cybercrime

Cybercrime Banking Malware Retail

Threat actors offer for sale data for 50 millions of Moscow drivers

Security Affairs

OCTOBER 24, 2021

Threat actors are offering for sale a database containing 50 million records belonging to Moscow drivers on a hacking forum for $800. Bad news for Russian drivers, threat actors are selling a database containing 50 million records belonging to Moscow drivers on a hacking forum for only $800. SecurityAffairs – hacking, Moscow drivers).

Insurance

Insurance Hacking Cybercrime Media

Operation Cyclone targets Clop Ransomware affiliates

Security Affairs

NOVEMBER 8, 2021

Clop ransomware gang has been active since February 2019, it targeted many organizations and universities over the years. SecurityAffairs – hacking, Operation Cyclone). The post Operation Cyclone targets Clop Ransomware affiliates appeared first on Security Affairs. ” reads the press release published by Interpol.

Ransomware

Ransomware Cybercrime Malware Hacking

DoJ charged 19 individuals in a transnational cybercrime investigation xDedic Marketplace

Safer internet day – Cybercrime facts Infographic

Trending Sources

Black Basta ransomware gang hacked Hyundai Motor Europe

Cybercrime Forum Data Set for 2019 and 2021 – Free Direct Download Technical Collection Copy Available! Grab a Copy Today!

Reading the 2019 Internet Crime Complaint Center (IC3) report

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

The newer cybercrime triad: TrickBot-Emotet-Conti

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Ex-Canadian government employee admits to being a member of the Russian cybercrime gang NetWalker

US dismantled and seized SSNDOB cybercrime marketplace

Administrator of RSOCKS Proxy Botnet Pleads Guilty

AT&T confirmed that a data breach impacted 73 million customers

Nitrokod crypto miner infected systems across 11 countries since 2019

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Ukrainian REvil gang member sentenced to 13 years in prison

Source code of Dharma ransomware now surfacing on public hacking forums

Chinese-speaking cybercrime gang Rocke changes tactics

Microsoft fixes CVE-2019-1458 Windows Zero-Day exploited in NK-Linked attacks

Meet the Administrators of the RSOCKS Proxy Botnet

Raccoon Malware, a success case in the cybercrime ecosystem

Grief ransomware gang hit US National Rifle Association (NRA)

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

A Ukrainian Raccoon Infostealer operator is awaiting trial in the US

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

A Ukrainian man is the third FIN7 member sentenced in the United States

Evil Corp rebrands their ransomware, this time is the Macaw Locker

Law enforcement operation seized Ragnar Locker group’s infrastructure

US Feds arrested two men involved in the Warzone RAT operation

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

TrueFire Guitar tutoring website was hacked, financial data might have been exposed

Kansas Man pleads guilty to hacking the Post Rock Rural Water District

European police dismantled the DoppelPaymer ransomware gang

SEC announces sanctions against entities over email account hacking

Over 23 million stolen payment card data traded on the Dark Web in H1 2019

Maze ransomware is going out of the business

TheMoon bot infected 40,000 devices in January and February

Evil Corp gang starts using LockBit Ransomware to evade sanctions

CVE-2019-1132 Windows Zero-Day exploited by Buhtrap Group in government attack

North Korea-linked hackers stole $626 million in virtual assets in 2022

North Korea-linked threat actors stole $1.7 billion from cryptocurrency exchanges

Experts discovered TeslaGun Panel used by TA505 to manage its ServHelper Backdoor

Threat actors offer for sale data for 50 millions of Moscow drivers

Operation Cyclone targets Clop Ransomware affiliates

Stay Connected