2021, Authentication, Cybercrime and Web Fraud

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. 2021 piece, when one of Saim Raza’s known email addresses — bluebtcus@gmail.com — pleaded to have the story taken down.

Phishing

Phishing Cybercrime Malware Advertising

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. “Because I used the person[‘s] phone that I’m impersonating.”

Hacking

Hacking Energy and Utilities Cybercrime Accountability

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Krebs on Security

MARCH 31, 2022

That was in March 2021, but there are similar fake EDR services on offer today. 30, Bug posted a sales thread to the cybercrime forum Breached[.]co In July 2021, Sen. And it tracked the activities of a teenage hacker from the United Kingdom who was reportedly arrested multiple times for sending fake EDRs.

Government

Government Accountability Education Media

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

Nevertheless, Cyberthreat reported that Devilscream was arrested by Indonesian police in late 2021 as part of a collaboration between INTERPOL and the U.S. 16Shop documentation instructing operators on how to deploy the kit. Image: ZeroFox. Federal Bureau of Investigation (FBI).

Phishing

Phishing Passwords Internet Internet

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

.” While CLOP as a money making collective is a fairly young organization, security experts say CLOP members hail from a group of Threat Actors (TA) known as “TA505,” which MITRE’s ATT&CK database says is a financially motivated cybercrime group that has been active since at least 2014.

Healthcare

Healthcare Backups Ransomware Insurance

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device. ” TMO UP! .”

Mobile

Mobile Phishing Authentication Advertising

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

Krebs on Security

MARCH 29, 2022

” On April 5, 2021, Everlynn posted a new sales thread to the cybercrime forum cracked[.]to In these attacks, the hackers will identify email addresses associated with law enforcement personnel, and then attempt to authenticate using passwords those individuals have used at other websites that have been breached previously.

Accountability

Accountability Government Hacking Social Engineering

Service Rents Email Addresses for Account Signups

Krebs on Security

JUNE 6, 2023

The crypto scam affiliate program “Project Impulse,” advertising in 2021. com, a website that mimics the legitimate Scamdoc.com site for measuring the trustworthiness and authenticity of various sites. com site,” the Trend researchers wrote. Image: Trend Micro. billion last year.

Accountability

Accountability Scams Cryptocurrency Advertising

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Krebs on Security

APRIL 27, 2022

Donahue is co-founder of Kodex , a company formed in February 2021 that builds security portals designed to help tech companies “manage information requests from government agencies who contact them, and to securely transfer data & collaborate against abuses on their platform.” A sample Kodex dashboard. Image: Kodex.us.

Mobile

Mobile Government Media Technology

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Krebs on Security

SEPTEMBER 2, 2021

Here’s the story of a cybercrime group that compromises up to 100,000 email inboxes per day, and apparently does little else with this access except siphon gift card and customer loyalty program data that can be resold online. mail server responds “OK” = successful access).

Accountability

Accountability Authentication Passwords Hacking

Cyber Security Informer

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Trending Sources

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Karma Catches Up to Global Phishing Service 16Shop

New Ransom Payment Schemes Target Executives, Telemedicine

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

Service Rents Email Addresses for Account Signups

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Stay Connected