Krebs on Security

DECEMBER 16, 2020

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned.

Hacking 362

Hacking Malware Software Cybercrime 362

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking 250

Hacking Cybercrime Ransomware Government 250

Krebs on Security

JULY 22, 2020

The New York Times last week ran an interview with several young men who claimed to have had direct contact with those involved in last week’s epic hack against Twitter. ” Twice in the past year, the OGUsers forum was hacked , and both times its database of usernames, email addresses and private messages was leaked online.

Hacking 348

Hacking Accountability Scams Media 348

Security Affairs

MAY 13, 2025

He is internationally wanted for multiple cybercrime, including ransomware attacks, blackmail, and money laundering, targeting Dutch companies. “He is wanted internationally for committing several cybercrimes (ransomware attacks, blackmail, and money laundering) against companies based in the Netherlands.” million euros.”

Ransomware 108

Ransomware Cybercrime Malware Banking 108

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware. The HelloKitty gang has been active since January 2021.

Cybercrime 141

Cybercrime Ransomware DDOS Encryption 141

Krebs on Security

FEBRUARY 4, 2021

Facebook told KrebsOnSecurity it seized hundreds of accounts — mainly on Instagram — that have been stolen from legitimate users through a variety of intimidation and harassment tactics, including hacking, coercion, extortion, sextortion , SIM swapping , and swatting. THE MIDDLEMEN.

Accountability 329

Accountability Hacking Media Mobile 329

Security Affairs

NOVEMBER 5, 2024

Canadian authorities arrested a suspect linked to multiple hacks following a breach of cloud data platform Snowflake earlier this year. “Canadian authorities have arrested a man suspected of being behind a string of hacks involving as many as 165 customers of Snowflake Inc., Charges remain undisclosed.

Unstructured Data 123

Unstructured Data Media Cybercrime Hacking 123

Krebs on Security

JUNE 29, 2023

Nikita Kislitsin , formerly the head of network security for one of Russia’s top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. ”] Kislitsin was hired by Group-IB in January 2013, nearly six months after the Formspring hack. Department of Justice.

Cybersecurity 303

Cybersecurity Cybercrime Hacking Government 303

Krebs on Security

FEBRUARY 17, 2021

Confirmed thefts attributed to the group include the 2016 hacking of the SWIFT payment system for Bangladesh Bank, which netted thieves $81 million; $6.1 million in August 2020 from a financial services company based in New York. billion from banks and other victims worldwide. Image: CISA.

Cryptocurrency 344

Cryptocurrency Financial Services Banking Government 344

Security Affairs

JANUARY 3, 2021

Data from major cyber security firms revealed that tens of billion records have been exposed in data breaches exposed in 2020. Below a list of top incidents: There were a number of major data breaches that took place in 2020, in many cases stolen records flooded the cybercrime underground and were used credential stuffing attacks.

Data breaches 145

Data breaches Cybercrime Hacking Passwords 145

Krebs on Security

JUNE 30, 2020

The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. The economic laws of supply and demand hold just as true in the business world as they do in the cybercrime space. An ad for a site selling stolen payment card data, circa March 2020.

Banking 347

Banking Retail Hacking Cybercrime 347

Security Affairs

APRIL 30, 2021

UNC2447 cybercrime gang exploited a zero-day in the Secure Mobile Access (SMA), addressed by SonicWall earlier this year, before the vendor released a fix. The malware employed by the group since November 2020, includes Sombrat, FiveHands, the Warprism PowerShell dropper, the Cobalt Strike beacon, and FoxGrabber. Pierluigi Paganini.

Cybercrime 143

Cybercrime Ransomware Malware Mobile 143

Krebs on Security

JANUARY 19, 2021

The release was granted in part due to Ferizi’s 2018 diagnosis if asthma, as well as a COVID outbreak at the facility where he was housed in 2020. In the years leading up to his arrest, Ferizi was the administrator of a cybercrime forum called Pentagon Crew. He admitted to hacking a U.S.-based

Identity Theft 349

Identity Theft Government Accountability Social Engineering 349

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. In late 2020, credentials for US-based universities were found for sale on the dark web. SecurityAffairs – hacking, FBI). To nominate, please visit:?. Pierluigi Paganini.

Cybercrime 145

Cybercrime Education Accountability Phishing 145

Krebs on Security

APRIL 30, 2024

A 26-year-old Finnish man was sentenced to more than six years in prison today after being convicted of hacking into an online psychotherapy clinic, leaking tens of thousands of patient therapy records, and attempting to extort the clinic and patients. After being charged with the attack in October 2022, Kivimäki fled the country.

DDOS 317

DDOS Cybercrime Hacking Passwords 317

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. In early 2020, several cybercriminals groups followed suit.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Krebs on Security

AUGUST 9, 2021

Also, this greenhorn criminal clearly had bought into BriansClub’s advertising, which uses my name and likeness in a series of ads that run on all the top cybercrime forums. That was right after KrebsOnSecurity broke the news that someone had hacked BriansClub and siphoned information on 26 million stolen debit and credit accounts.

Phishing 362

Phishing Cybercrime Accountability Advertising 362

SecureList

FEBRUARY 16, 2021

In Q4 2020, Citrix ADC (application delivery controller) devices became one such tool, when perpetrators abused their DTLS interface. Overall, Q4 remained within the parameters of 2020 trends. Extortionists’ activity regularly made the news throughout 2020. This trend continued in the last months of 2020.

DDOS 145

DDOS Cryptocurrency Marketing Internet 145

SecureWorld News

JUNE 27, 2023

In a significant victory against cybercrime, Joseph James O'Connor, a U.K. citizen known by the moniker "PlugwalkJoe," has been sentenced to five years in prison for his involvement in a wide range of cybercrimes. This sentencing serves as a powerful reminder that cybercriminals will face severe consequences for their actions.

Hacking 96

Hacking Cybercrime Cryptocurrency Accountability 96

Krebs on Security

DECEMBER 3, 2021

Since the beginning of 2020, Babam has set up numerous auctions on the Russian-language cybercrime forum Exploit , mainly selling virtual private networking (VPN) credentials stolen from various companies. Verified was hacked at least twice in the past five years, and its user database posted online. com and wwwpexpay[.]com.

Ransomware 354

Ransomware Accountability Passwords Cybercrime 354

Krebs on Security

NOVEMBER 6, 2023

Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. ” But the triploo@mail.ru However, in Sept. and gezze@mail.ru.

Passwords 313

Passwords Cybercrime Accountability Hacking 313

The Last Watchdog

JUNE 12, 2023

The cybersecurity community is waiting for the next shoe to drop in the wake of the audacious MOVEit-Zellis hack orchestrated by the infamous Russian hacking collective, Clop. ” Post SolarWinds This is a prime example of what multi-stage supply chain hacks have morphed into two years after the milestone SolarWinds hack.

Hacking 193

Hacking Risk Cybercrime Cyber threats 193

Krebs on Security

OCTOBER 15, 2020

Q6Cyber CEO Eli Dominitz said the breach appears to extend from May 2019 through September 2020. Gemini puts the exposure window between July 2019 and August 2020. the vast majority of the payment card data for sale in the cybercrime underground is stolen from merchants who are still swiping chip-based cards.

Data breaches 361

Data breaches Cybercrime Retail Banking 361

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years.

Cybercrime 145

Cybercrime Banking Malware Ransomware 145

Krebs on Security

AUGUST 16, 2022

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. This identity has been highly active on Breached and its predecessor RaidForums for more than two years, mostly selling databases from hacked Mexican entities. “Who does it?

Data breaches 328

Data breaches Banking Cybercrime Marketing 328

Security Affairs

OCTOBER 16, 2024

The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec). Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, USDoD) However, the Brazilian national turned into more complex cybercriminal activities by 2022.

Data breaches 128

Data breaches Media Cybercrime Accountability 128

Security Affairs

MAY 5, 2021

A new cybercrime gang, tracked as UNC2529 , has targeted many organizations in the US and other countries using new sophisticated malware. FireEye’s Mandiant unit observed two distinct waves of attacks carried out by the cybercrime group in December 2020. SecurityAffairs – hacking, UNC2529). Pierluigi Paganini.

Cybercrime 137

Cybercrime Malware Manufacturing Phishing 137

Krebs on Security

DECEMBER 8, 2021

” The Ontario Provincial Police (OPP) on Tuesday said the investigation began in January 2020 when the U.S. Perhaps the earliest and most important cybercrime forum DCReavers2 frequented was Darkode , where he was among the first two-dozen members. DCReavers2 was just the 22nd account to register on the Darkode cybercrime forum.

Cybercrime 338

Cybercrime Ransomware Accountability Advertising 338

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime 288

Cybercrime Hacking Data breaches Banking 288

Security Affairs

APRIL 30, 2025

This ransomware deployment, not observed in the team’s pre-2020 attacks, began with their use of Cuba ransomware in January 2020.” ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,RomCom) . ” continues the report.

Encryption 103

Encryption Ransomware Malware Phishing 103

Krebs on Security

NOVEMBER 3, 2022

On October 21, 2020, Vastaamo became the target of blackmail when a tormentor identified as “ ransom_man ” demanded payment of 40 bitcoins (~450,000 euros at the time) in return for a promise not to publish highly sensitive therapy session notes Vastaamo had exposed online. The extortion message targeted Vastaamo patients.

Data breaches 259

Data breaches Cybercrime Telecommunications Accountability 259

Krebs on Security

JULY 29, 2021

Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another. 22, 2020, when cryptocurrency wallet company Ledger acknowledged that someone had released the names, mailing addresses and phone numbers for 272,000 customers. Urgency should be a giant red flag.

Passwords 363

Passwords Password Management Phishing Scams 363

Malwarebytes

OCTOBER 15, 2024

The network of data brokers that political campaigns rely on to target voters with ads is enormous, as one Washington Post reporter found in 2020, with “3,000 data points on every voter.” A focus on cybercrime While people hold a sense of distrust for election-related ads, they also revealed another emotion towards them: Fear.

Scams 140

Scams Identity Theft Cybercrime Accountability 140

Security Affairs

JANUARY 25, 2021

In the mid of 2020, while conducting a routine testing exercise with dummy data, we faced a ‘low impact security incident’ in which non-sensitive, dummy data of only 200 entries were impacted. SecurityAffairs – hacking, data breach). BuyUcoin has yet to confirm the security incident, it only announced the launch of an investigation.

Cryptocurrency 144

Cryptocurrency Hacking InfoSec Data breaches 144

Security Affairs

FEBRUARY 27, 2021

‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. ?A The bank has confirmed the attack in an official statement but states that it was a hacked marketing partner and not their internal systems. SecurityAffairs – hacking, Ecuador).

Hacking 145

Hacking Banking Ransomware InfoSec 145

Krebs on Security

APRIL 30, 2020

In a report published today, the company said since late March 2020 it has observed several crooks complaining about COVID-19 interfering with the daily activities of their various money mules (people hired to help launder the proceeds of cybercrime). ” Alex Holden , founder and CTO of Hold Security , agreed.

Cybercrime 359

Cybercrime Computers and Electronics Marketing Scams 359