2019, Cybercrime, Hacking and Passwords

Breached Data Indexer ‘Data Viper’ Hacked

Krebs on Security

JULY 13, 2020

Data Viper , a security startup that provides access to some 15 billion usernames, passwords and other information exposed in more than 8,000 website breaches, has itself been hacked and its user database posted online. The incident also highlights the often murky area between what’s legal and ethical in combating cybercrime.

Hacking

Hacking Marketing Cybercrime Accountability

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years

Krebs on Security

APRIL 30, 2024

A 26-year-old Finnish man was sentenced to more than six years in prison today after being convicted of hacking into an online psychotherapy clinic, leaking tens of thousands of patient therapy records, and attempting to extort the clinic and patients. After being charged with the attack in October 2022, Kivimäki fled the country.

DDOS

DDOS Cybercrime Hacking Passwords

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] In 2019, a Canadian company called Defiant Tech Inc. com , a service that sold access to billions of passwords and other data exposed in countless data breaches. Abusewith[.]us

Hacking

Hacking Accountability Data breaches Marketing

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. ” The SMOKEDHAM backdoor was associated by FireEye to the activity of the UNC2465 group that dates back to at least April 2019 and is considered a DARKSIDE RaaS affiliate.

Cybercrime

Cybercrime Ransomware Antivirus Software

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

One of Megatraffer’s ads on an English-language cybercrime forum. Megatraffer has continued to offer their code-signing services across more than a half-dozen other Russian-language cybercrime forums, mostly in the form of sporadically available EV and non-EV code-signing certificates from major vendors like Thawte and Comodo.

Malware

Malware Cybercrime Software Antivirus

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Krebs on Security

MARCH 10, 2020

District Court for the Southern District of California allege Firsov was the administrator of deer.io, an online platform that hosted more than 24,000 shops for selling stolen and/or hacked usernames and passwords for a variety of top online destinations. An example seller’s panel at deer.io. Click image to enlarge.

Accountability

Accountability Advertising Hacking Cybercrime

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries. For example, in 2019 McAfee found that for targets in Japan, the 16Shop kit would also collect Web ID and Card Password, while US victims will be asked for their Social Security Number. Image: Akamai.

Phishing

Phishing Passwords Internet Internet

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. In 2019, The Manipulaters failed to renew their core domain name — manipulaters[.]com ” A number of questions, indeed. .

Phishing

Phishing Cybercrime Malware Advertising

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. in 2019 , according to data from S&P Global Market Intelligence.

Hacking

Hacking Identity Theft Government Phishing

US Feds arrested two men involved in the Warzone RAT operation

Security Affairs

FEBRUARY 12, 2024

. “According to court documents authorizing the seizures, the Warzone RAT provided cybercriminals the ability to browse victim file systems, take screenshots, record keystrokes, steal victim usernames and passwords, and watch victims through their web cameras, all without the victims’ knowledge or permission.”

Malware

Malware Hacking Cybercrime Advertising

Raccoon Malware, a success case in the cybercrime ecosystem

Security Affairs

FEBRUARY 24, 2020

Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. The Raccoon stealer was first spotted in April 2019, it was designed to steal victims’ credit card data, email credentials, cryptocurrency wallets, and other sensitive data.

Cybercrime

Cybercrime Malware Cryptocurrency Advertising

TrueFire Guitar tutoring website was hacked, financial data might have been exposed

Security Affairs

MARCH 18, 2020

While we do not store credit card information on our website, it appears that the unauthorized person gained access to the website and could have accessed the data of consumers who made payment card purchases while that data was being entered, between August 3, 2019 and January 14, 2020.” SecurityAffairs – TrueFire, cybercrime).

Hacking

Hacking Data breaches Advertising Accountability

Ticketmaster will pay $10 Million fine over hacking a competitor

Security Affairs

JANUARY 2, 2021

Ticketmaster agreed to pay a $10 million fine for hacking into the computer system of the startup rival CrowdSurge. “Ticketmaster Used Passwords Unlawfully Retained by a Former Employee of a Competitor to Access Computer Systems in Scheme to “Choke Off” the Victim’s Business” wrote the DoJ. Attorney DuCharme.

Hacking

Hacking Passwords Accountability Cybercrime

CVE-2019-1132 Windows Zero-Day exploited by Buhtrap Group in government attack

Security Affairs

JULY 11, 2019

The CVE-2019-1132 flaw addressed by Microsoft this month was exploited by Buhtrap threat actor to target a government organization in Eastern Europe. Microsoft Patch Tuesday updates for July 2019 address a total of 77 vulnerabilities, including two privilege escalation flaws actively exploited in the wild. ” continues the report.

Government

Government Advertising Passwords Banking

New Version of Meduza Stealer Released in Dark Web

Security Affairs

DECEMBER 29, 2023

On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version (2.2). Presently, Meduza password stealer supports Windows Server 2012/2016/2019/2022 and Windows 10/11.

Password Management

Password Management Cryptocurrency Passwords Authentication

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked. In many cases, the crooks hack managed service providers (MSPs) first and then use this access to compromise the partnering organizations.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Who is Watching You and Why?

Approachable Cyber Threats

OCTOBER 5, 2023

The global pandemic and the increase of remote workers has led to a surge in online video conferencing using tools such as Zoom and Google Meet - Zoom alone has tripled its user base since 2019. Why do hackers want to hack our webcams?”

Passwords

Passwords Identity Theft VPN Authentication

NightLion hacker is selling details of 142 million MGM Resorts hotel guests

Security Affairs

JULY 14, 2020

The MGM Resorts 2019 data breach is much larger than initially thought, a hacker is offering for sale details of 142 million MGM hotel guests on the dark web. Bad news for the guests of the MGM Resorts, the 2019 data breach suffered by the company is much larger than initially reported. SecurityAffairs – hacking, data breach).

Data breaches

Data breaches Advertising Hacking Cybercrime

International law enforcement operation shuts down Imminent Monitor RAT operations

Security Affairs

NOVEMBER 29, 2019

A successful new operation was announced by Europol, it announced to have dismantled the global organized cybercrime ring behind Imminent Monitor RAT. “Search warrants were executed in Australia and Belgium in June 2019 against the developer and one employee of IM-RAT. ” reads the press release published by the Europol.

Cybercrime

Cybercrime Advertising Spyware Hacking

Dutch Police arrests 3 men involved in a massive extortion scheme. One of them is an ethical hacker

Security Affairs

FEBRUARY 27, 2023

The investigation revealed that probably thousands of national and international small and large organizations were hacked by the suspects that also attempted to extort money from the victims. The Dutch police started the investigation in March 2021 following a complaint of data theft and threats from a large Dutch company.

Cybercrime

Cybercrime Identity Theft Hacking Scams

Iranian threat actors attempt to buy stolen data of US organizations, FBI warns

Security Affairs

NOVEMBER 11, 2021

Iranian nation-state actors are attempting to buy info available for sale in the cybercrime underground to launch attacks against US organizations. “ This actor has also demonstrated interest in obtaining unauthorized access to SCADA systems using common default passwords.” SecurityAffairs – hacking, Iran).

VPN

VPN Cybercrime Passwords Firewall

New GoDaddy data breach impacted 1.2 million customers

Security Affairs

NOVEMBER 22, 2021

Using a compromised password, an unauthorized third party accessed the provisioning system in our legacy code base for Managed WordPress.” ” The intruders used a compromised password to access the provisioning system in the company’s legacy code base for Managed WordPress. We reset both passwords.

Data breaches

Data breaches Passwords Accountability Phishing

Security Service of Ukraine arrested the popular hacker Sanix who sold billions of stolen credentials

Security Affairs

MAY 20, 2020

The Ukrainian Secret Service (SSU) has arrested a hacker known as Sanix, who was selling billions of stolen credentials on hacking forums and Telegram channels. The man is known in the cybercrime underground for selling billions of stolen credentials. SecurityAffairs – Sanix, hacking). Pierluigi Paganini.

Cybercrime

Cybercrime Passwords Advertising Hacking

Samsung suffered a new data breach

Security Affairs

NOVEMBER 16, 2023

The security breach was discovered on November 13, 2023, and impacted customers who made purchases from the Samsung UK online store between July 1, 2019, and June 30, 2020. We want to assure you that the issue did not impact your password or financial information.” ” reads the data breach notification sent to the customers.

Data breaches

Data breaches eCommerce Hacking Authentication

A disgruntled developer is the alleged source of the leak of the Lockbit 3.0 builder

Security Affairs

SEPTEMBER 22, 2022

The gang has been active since at least 2019 and today it is one of the most active ransomware gangs. Unknown person @ali_qushji said his team has hacked the LockBit servers and found the possible builder of LockBit Black (3.0) The builder is contained in a password-protected 7z archive, “LockBit3Builder.7z,”

Ransomware

Ransomware Hacking Passwords Accountability

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

GandCrab dissolved in July 2019, and is thought to have become “ REvil ,” one of the most ruthless and rapacious Russian ransomware groups of all time. In April 2020, Truniger was banned from two of the top Russian cybercrime forums, where members from both forums confirmed that Semen7907 was one of Truniger’s known aliases.

Ransomware

Ransomware Accountability Cybercrime Backups

A new wave of ech0raix ransomware attacks targets QNAP NAS devices

Security Affairs

DECEMBER 27, 2021

At this time, it is not clear how threat actors compromised the QNAP devices, some users claim that attackers exploited a flaw in the Photo Station software to hack them. “It is important to note that there is a free decryptor for files locked with an older version (before July 17th, 2019) of eCh0raix ransomware. TXTT” extension.

Ransomware

Ransomware Encryption Manufacturing Hacking

Experts detailed a previously undetected VMware ESXi backdoor

Security Affairs

DECEMBER 13, 2022

CVE-2019-5544 and CVE-2020-3992 ) in ESXi’s OpenSLP service. The webserver accepts password-protected POST requests from the attackers, each request can include a base-64 encoded command payload or launch a reverse shell on the host. “The hashed password in vmtools.py SecurityAffairs – hacking, vmware).

Passwords

Passwords Hacking Cybercrime Information Security

Retro video game website Emuparadise suffered a data breach

Security Affairs

JUNE 10, 2019

HIBP received the data from dehashed.com on June 9th, 2019, exposed info includes mail addresses, IP address, usernames and passwords stored as salted MD5 hashes. million email addresses, IP address, usernames and passwords stored as salted MD5 hashes. . SecurityAffairs – Emuparadise, hacking). Pierluigi Paganini.

Data breaches

Data breaches Advertising Cybercrime Passwords

European police arrested tens of members of two SIM Hijacking Gangs

Security Affairs

MARCH 13, 2020

European authorities dismantled two cybercrime organizations responsible for stealing millions through SIM hijacking. European authorities managed to dismantle the operations of two cybercrime gangs responsible for stealing millions through SIM hijacking. SecurityAffairs – SIM Hijacking, cybercrime). million). .

Banking

Banking Cybercrime Mobile Accountability

Back 2 School? Here’s Why Credit Monitoring is a Must-Have for College Students

Identity IQ

AUGUST 20, 2021

Truth be told: cybercrimes against students continue to rise, especially against those who report to university campuses and use university resources. According to BlueVoyant’s Cybersecurity in Higher Education 2021 report , ransomware attacks on colleges increased twofold between 2019 and 2020. Improve Your Password Security.

Identity Theft

Identity Theft Passwords Education Banking

Dariy Pankov, the NLBrute malware author, pleads guilty

Security Affairs

SEPTEMBER 15, 2023

The man listed the credentials of more than 35,000 compromised computers for sale and according to the investigators, he obtained more than $350,000 in illicit proceeds between 2016 and 2019. The powerful malware was capable of compromising protected computers by decrypting login credentials, such as passwords.

Malware

Malware Marketing Passwords Hacking

Who is Watching You and Why?

Approachable Cyber Threats

OCTOBER 5, 2023

The global pandemic and the increase of remote workers has led to a surge in online video conferencing using tools such as Zoom and Google Meet - Zoom alone has tripled its user base since 2019. Why do hackers want to hack our webcams?”

Passwords

Passwords Identity Theft VPN Authentication

Top data breaches of 2020 – Security Affairs

Security Affairs

JANUARY 3, 2021

Below a list of top incidents: There were a number of major data breaches that took place in 2020, in many cases stolen records flooded the cybercrime underground and were used credential stuffing attacks. March 2020 – TOKOPEDIA e-commerce hacked, 91 Million accounts available on the darkweb. Pierluigi Paganini.

Data breaches

Data breaches Cybercrime Hacking Passwords

The Wages of Password Re-Use: Your Money or Your Life

Krebs on Security

MAY 4, 2021

When normal computer users fall into the nasty habit of recycling passwords, the result is most often some type of financial loss. Our passwords can say a lot about us, and much of what they have to say is unflattering. Interestingly, one of the more common connections involves re-using or recycling passwords across multiple accounts.

Passwords

Passwords Cybercrime Accountability Password Management

Silent Night Zeus botnet available for sale in underground forums

Security Affairs

MAY 23, 2020

The source code of the Zeus Trojan is available in the cybercrime underground since 2011 allowing crooks to develop their own release since. On Dec 23 2019, this variant of Zloader was observed being distributed by the RIG Exploit Kit, experts observed small campaigns, likely for testing purposes. Pierluigi Paganini.

Banking

Banking Advertising Malware Cybercrime

Protect your business with security awareness training

SiteLock

AUGUST 27, 2021

Considering the many ways cybercriminals target employees and the costs of cybercrime to employers, it’s a wise investment. Unaware : Password hygiene is a huge problem that puts personal and business data at risk. Many employees are unaware using the same password across multiple personal is a significant security risk.

Security Awareness

Security Awareness Passwords Phishing Scams

Account Takeover: What is it and How to Prevent It?

Identity IQ

MAY 7, 2021

It’s one of the fastest-growing cybersecurity threats today, growing a staggering 300% since 2019 and leading to consumer losses of $3.5 Given that 52% of people use the same password for multiple accounts, compromising one account can give a criminal access to a vast range of personal data. Selling Stolen Data.

Accountability

Accountability Data breaches Passwords Social Engineering

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Security Affairs

AUGUST 10, 2021

The eCh0raix ransomware has been active since at least 2019, when eExperts from security firms Intezer and Anomali separately discovered sample of the ransomware targeting Network Attached Storage (NAS) devices. The Taiwanese vendor was informed of ongoing eCh0raix ransomware attacks that infected QNAP NAS devices using weak passwords.

Ransomware

Ransomware Encryption Firmware Passwords

Data from Sephora and StreetEasy data breaches added to HIBP

Security Affairs

OCTOBER 7, 2019

The StreetEasy data breach took place in the mid-2016 and exposed 988k records that included names, usernames, email addresses and SHA-1 password hashes. The data has been available for sale in the cybercrime underground since February. Impacted data includes names, usernames, email addresses and SHA-1 password hashes.

Data breaches

Data breaches Passwords Advertising Cybercrime

Law enforcement agencies dismantled the illegal botnet proxy service IPStorm

Security Affairs

NOVEMBER 15, 2023

The IPStorm botnet was first uncovered in May 2019 while targeting Windows systems, not experts from Intezer reported that the bot evolved to infect other platforms, including Android, Linux, and Mac devices. Makinin controlled these infected devices as part of an extensive botnet, which is a network of compromised devices.”

Hacking

Hacking Cryptocurrency Cyber Attacks Advertising

Alleged China-Tied Hackers Are Targeting Telecommunications Sector

SecureWorld News

OCTOBER 21, 2021

CrowdStrike recently posted a blog about its investigation into a malicious hacking group known as LightBasin, or UNC1945. Since 2016, this cybercrime organization has been building customized tools to invade the world's telecommunications sector. LightBasin hacks critical infrastructure with intention and competence.

Telecommunications

Telecommunications Energy and Utilities Passwords Hacking

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

FBI recommends using passphrases instead of complex passwords. FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019. Raccoon Malware, a success case in the cybercrime ecosystem. Hacking campaign targets sites running popular Duplicator WordPress plugin. SecurityAffairs – hacking, newsletter).

Banking

Banking Malware Advertising Ransomware

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Security Affairs

AUGUST 20, 2021

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks. SecurityAffairs – hacking, Mozi botnet). Pierluigi Paganini.

IoT

IoT DNS Manufacturing Firmware

Breached Data Indexer ‘Data Viper’ Hacked

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years

Webinars

Trending Sources

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Webinars

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Ask Fitis, the Bear: Real Crooks Sign Their Malware

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Karma Catches Up to Global Phishing Service 16Shop

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

US Feds arrested two men involved in the Warzone RAT operation

Raccoon Malware, a success case in the cybercrime ecosystem

TrueFire Guitar tutoring website was hacked, financial data might have been exposed

Ticketmaster will pay $10 Million fine over hacking a competitor

CVE-2019-1132 Windows Zero-Day exploited by Buhtrap Group in government attack

New Version of Meduza Stealer Released in Dark Web

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Who is Watching You and Why?

NightLion hacker is selling details of 142 million MGM Resorts hotel guests

International law enforcement operation shuts down Imminent Monitor RAT operations

Dutch Police arrests 3 men involved in a massive extortion scheme. One of them is an ethical hacker

Iranian threat actors attempt to buy stolen data of US organizations, FBI warns

New GoDaddy data breach impacted 1.2 million customers

Security Service of Ukraine arrested the popular hacker Sanix who sold billions of stolen credentials

Samsung suffered a new data breach

A disgruntled developer is the alleged source of the leak of the Lockbit 3.0 builder

A Closer Look at the Snatch Data Ransom Group

A new wave of ech0raix ransomware attacks targets QNAP NAS devices

Experts detailed a previously undetected VMware ESXi backdoor

Retro video game website Emuparadise suffered a data breach

European police arrested tens of members of two SIM Hijacking Gangs

Back 2 School? Here’s Why Credit Monitoring is a Must-Have for College Students

Dariy Pankov, the NLBrute malware author, pleads guilty

Who is Watching You and Why?

Top data breaches of 2020 – Security Affairs

The Wages of Password Re-Use: Your Money or Your Life

Silent Night Zeus botnet available for sale in underground forums

Protect your business with security awareness training

Account Takeover: What is it and How to Prevent It?

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Data from Sephora and StreetEasy data breaches added to HIBP

Law enforcement agencies dismantled the illegal botnet proxy service IPStorm

Alleged China-Tied Hackers Are Targeting Telecommunications Sector

Security Affairs newsletter Round 253

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Stay Connected