article thumbnail

This Service Helps Malware Authors Fix Flaws in their Code

Krebs on Security

Intel 471 says a rumor has been circulating on Exploit and other forums upO frequented that he was the mastermind behind GandCrab , another ransomware-as-a-service affiliate program that first surfaced in January 2018 and later bragged about extorting billions of dollars from hacked businesses when it closed up shop in June 2019.

Malware 361
article thumbnail

Don’t Let Your Domain Name Become a “Sitting Duck”

Krebs on Security

Back in 2019, KrebsOnSecurity wrote about thieves employing this method to seize control over thousands of domains registered at GoDaddy, and using those to send bomb threats and sextortion emails (GoDaddy says they fixed that weakness in their systems not long after that 2019 story).

DNS 331
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Two Charged in SIM Swapping, Vishing Scams

Krebs on Security

Prosecutors say on June 26, 2019, “Bryan called the Baltimore County Police Department and falsely reported that he, purporting to be a resident of the Milleson family residence, had shot his father at the residence.” Interestingly, the conspiracy appears to have unraveled over a business dispute between the two men.

Scams 358
article thumbnail

Pakistani Firm Shipped Fentanyl Analogs, Scams to US

Krebs on Security

” Dozens of top Axact employees were arrested, jailed, held for months, tried and sentenced to seven years for various fraud violations. But a 2019 research brief on Axact’s diploma mills found none of those convicted had started their prison sentence, and that several had fled Pakistan and never returned.

Scams 279
article thumbnail

New Anti Anti-Money Laundering Services for Crooks

Krebs on Security

Nick Bax is an independent expert in tracing cryptocurrency transactions, and he said it appears Antinalysis may be little more than a clone of AMLBot, an anti- anti-money laundering intelligence service that first came online in 2019. ET: Corrected the story to note that AMLBot has been around since 2019. ” Update, 1:42 p.m.

article thumbnail

Does Your Domain Have a Registry Lock?

Krebs on Security

On December 23, 2019, unknown attackers began contacting customer support people at OpenProvider , a popular domain name registrar based in The Netherlands. 23, 2019, the e-hawk.net domain was transferred to a reseller account within OpenProvider. ” Dijkxhoorn shared records obtained from OpenProvider showing that on Dec.

DNS 340
article thumbnail

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

“According to the analysis of foreign law enforcement agencies, more than 50% of all phishing attacks in 2019 in Australia were carried out thanks to the development of the Ternopil hacker,” the attorney general’s office said, noting that investigators had identified hundreds of U-Admin customers. ” U-Admin, a.k.a.

Phishing 347