Krebs on Security

JANUARY 17, 2023

Most people who operate DDoS-for-hire businesses attempt to hide their true identities and location. Proprietors of these so-called “booter” or “stresser” services — designed to knock websites and users offline — have long operated in a legally murky area of cybercrime law. Image: archive.org.

DDOS 299

DDOS Cybercrime Engineering Government 299

Security Affairs

APRIL 17, 2022

Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. Upon installing the threat, the bot drops a file in /tmp/.pwned

DDOS 145

DDOS Architecture Malware Cybercrime 145

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years.

Cybercrime 145

Cybercrime Banking Malware Ransomware 145

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware. The HelloKitty gang has been active since January 2021.

Cybercrime 140

Cybercrime Ransomware DDOS Encryption 140

SecureList

APRIL 25, 2022

The DDoS landscape in Q1 2022 was shaped by the ongoing conflict between Russia and Ukraine: a significant part of all DDoS-related news concerned these countries. In mid-January, the website of Kyiv Mayor Vitali Klitschko was hit by a DDoS attack, and the websites of a number of Ukrainian ministries were defaced. News overview.

DDOS 126

DDOS Cybercrime Internet Internet 126

SecureList

FEBRUARY 16, 2021

In December, Canada’s Laurentian University reported a DDoS attack. Educational institutions are recommended to use anti-DDoS solutions and strong firewall settings, and partner up with ISPs. In early October, a DDoS attack was reported by the PUBG Mobile team. But it dealt with the problem in a matter of minutes.

DDOS 145

DDOS Cryptocurrency Marketing Internet 145

CSO Magazine

NOVEMBER 5, 2021

As NETSCOUT’s 1H 2021 Threat Intelligence Report shows, the long tail of cybercrime innovation swept through the lockdown days of the COVID-19 pandemic to infiltrate the bulk of 2021. The vulnerabilities introduced by the global shift to online work and play are admittedly an outlier event.

Cybercrime 115

Cybercrime Technology DDOS 115

Security Affairs

JANUARY 8, 2025

Gayfemboy, a Mirai botnet variant, has been exploiting a flaw in Four-Faith industrial routers to launch DDoS attacks since November 2024. Operators behind the botnet also launched DDoS attacks against researchers tracking it. With no DDoS protection, the team stopped resolving the domains. Key targets include China, the U.S.,

DDOS 118

DDOS Hacking Government Cybercrime 118

SecureList

NOVEMBER 7, 2022

In Q3 2022, DDoS attacks were, more often than not, it seemed, politically motivated. As before, most news was focused on the conflict between Russia and Ukraine, but other high-profile events also affected the DDoS landscape this quarter. The attackers stated on Telegram that they were “testing a new DDoS method.”

DDOS 136

DDOS Computers and Electronics Internet Internet 136

eSecurity Planet

FEBRUARY 16, 2023

Cloudflare mitigated dozens of hyper-volumetric DDoS attacks last weekend, most of them ranging from 50 to 70 million requests per second (RPS) – and the largest one exceeding 71 million RPS. DDoS attacks, on the other hand, don’t require infiltration to be effective and thus are growing in frequency and intensity.

DDOS 117

DDOS Ransomware Backups Cryptocurrency 117

Security Affairs

NOVEMBER 13, 2021

Qihoo 360’s Netlab detailed a new evolving DDoS botnet called Abcbot with wormable capabilities that targets Linux systems. Researchers from Qihoo 360’s Netlab security team have spotted a new botnet, tracked as Abcbot, that targets Linux systems to launch distributed denial-of-service (DDoS) attacks. Pierluigi Paganini.

DDOS 128

DDOS Malware Passwords Cryptocurrency 128

Security Affairs

OCTOBER 3, 2024

Cloudflare recently mitigated a new record-breaking DDoS attack, peaking at 3.8 Cloudflare reported that starting from early September, it has mitigated over 100 hyper-volumetric L3/4 DDoS attacks, with many exceeding 2 billion Pps and 3 Tbps. The largest DDoS attack peaked at 3.8 The largest DDoS attack peaked at 3.8

DDOS 124

DDOS Internet Internet Authentication 124

Security Affairs

MARCH 7, 2021

The REvil ransomware operators are using DDoS attacks and voice calls to journalists and victim’s business partners to force victims to pay the ransom. Malware #Ransomware #REvil REvil Ransomware launched a service for contact to news media, companies for the best pressure at no cost, and DDoS (L3, L7) as a paid service.

DDOS 143

DDOS Ransomware Media Malware 143

Security Affairs

APRIL 1, 2021

Akamai has recently involved in the mitigation of two of the largest known ransom DDoS attacks, one of them peaked at 800Gbps. CDN and cybersecurity firm Akamai warns of a worrying escalation in ransom DDoS attacks since the beginning of the year. ” Likely DDoS extortion attacks. reads the analysis published by Akamai.

DDOS 130

DDOS Security Intelligence Hacking Cybersecurity 130

Krebs on Security

MARCH 7, 2022

” Stern apparently believed in his crypto dreams so much that he sponsored a $100,000 article writing contest on the Russian language cybercrime forum Exploit, asking interested applicants to put forth various ideas for crypto platforms. We release ddos. From the main problem points, this is the implementation of Ipv6 DDoS.”

Ransomware 279

Ransomware Cryptocurrency DDOS Scams 279

Security Affairs

OCTOBER 11, 2023

A Mirai-based DDoS botnet tracked as IZ1H9 has added thirteen new exploits to target routers from different vendors, including D-Link, Zyxel, and TP-Link. Below is the list of exploit payloads added to the bot: D-Link: CVE-2015-1187 , CVE-2016-20017 , CVE-2020-25506 , and CVE-2021-45382. ” concludes the analysis.

DDOS 135

DDOS Wireless Architecture IoT 135

Security Affairs

AUGUST 20, 2021

Web infrastructure and website security company Cloudflare announced to have mitigated the largest ever volumetric DDoS attack to date. Cloudflare, the web infrastructure and website security company, announced that it has mitigated the largest ever volumetric distributed denial of service (DDoS) attack to date. So peaking at 17.2

DDOS 132

DDOS Telecommunications Internet Internet 132

Security Affairs

DECEMBER 8, 2021

The Mirai -based Moobot botnet is rapidly spreading by exploiting a critical command injection flaw, tracked as CVE-2021-36260 , in the webserver of several Hikvision products. The Moobot was first documented by Palo Alto Unit 42 researchers in February 2021, the recent attacks demonstrated that its authors are enhancing their malware.

Firmware 144

Firmware DDOS Malware IoT 144

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

Security Affairs

OCTOBER 30, 2021

INTERPOL published the African Cyberthreat Assessment Report 2021, a report that analyzes evolution of cybercrime in Africa. A new report published by INTERPOL, titled the African Cyberthreat Assessment Report 2021 , sheds the light on cybercrime in Africa. of the overall number.

Cybercrime 89

Cybercrime Scams DDOS Banking 89

Security Affairs

JUNE 2, 2021

Group-IB discovered a database allegedly belonging to a bulletproof hosting provider DDoS-Guard posted for sale on a cybercrime forum. The database supposedly contains information about DDoS-Guard’s customers, including their names, IP-addresses, and payment information. The seller registered this account on exploit[.]in

DDOS 115

DDOS Cybercrime Authentication Accountability 115

SecureList

MAY 12, 2021

Botnet owners (botmasters) sell access to the victim machines in bulk as a resource that can be monetized in many ways, such as organizing DDoS attacks, distributing spam or, in the case of ransomware, by piggybacking on this initial infection to get a foothold in a potential target. REvil operators have demanded the highest ransoms in 2021.

Ransomware 145

Ransomware Encryption Malware Cybercrime 145

Security Affairs

OCTOBER 16, 2021

TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The gang support other cybercrime groups such as known Hive0105, Hive0106 (aka TA551 or Shathak), and Hive0107, supporting them in expanding their malware campaigns. ” reads the post published by IBM X-Force.

Malware 133

Malware Cybercrime DDOS Social Engineering 133

SecureList

NOVEMBER 26, 2021

IT threat evolution Q3 2021. IT threat evolution in Q3 2021. IT threat evolution in Q3 2021. While tracking this threat actor in spring 2021, we discovered a newer version. Targeted attacks exploiting CVE-2021-40444. PC statistics. Mobile statistics. Targeted attacks. WildPressure targets macOS.

Malware 135

Malware Banking Energy and Utilities Accountability 135

Security Affairs

MARCH 10, 2022

Cisco Talos researchers have uncovered a malware campaign targeting Ukraine’s IT Army , threat actors are using infostealer malware mimicking a DDoS tool called the “Liberator.” Liberator is advertised as a DDoS tool to launch attacks against “Russian propaganda websites.” 35) on port 6666. Pierluigi Paganini.

DDOS 102

DDOS Malware Digital transformation Advertising 102

Security Affairs

MARCH 23, 2024

An operation conducted by the Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) led to the seizure of the infrastructure of the darknet marketplace Nemesis Market in Germany and Lithuania. Crimemarket was a prominent platform for trading illegal drugs, narcotics, and cybercrime services.

Marketing 131

Marketing Cybercrime DDOS Internet 131

Security Affairs

NOVEMBER 10, 2023

After ChatGPT, Anonymous Sudan took down the Cloudflare website with a distributed denial-of-service (DDoS) attack. The hacktivist group Anonymous Sudan claimed responsibility for the massive distributed denial-of-service (DDoS) attack that took down the website of Cloudflare. “ To be clear, there was no Cloudflare breach.

DDOS 142

DDOS Cryptocurrency Accountability Media 142

Security Affairs

MAY 30, 2022

The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Upon installing the threat, the bot drops a file in /tmp/.pwned

Malware 145

Malware DDOS IoT Cybercrime 145

Krebs on Security

JUNE 28, 2022

On December 7, 2021, Google announced it was suing two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. But on Dec.

Passwords 321

Passwords Malware Internet Internet 321

Security Affairs

JANUARY 14, 2022

The group was also carrying out DDoS attacks to paralyze the networks of the victims and force them to pay the ransom. The gang was targeting organizations via spam campaigns to spread ransomware, however, the police did not disclose the malware family used by the group in its attacks.

Ransomware 138

Ransomware DDOS Telecommunications Malware 138

Security Affairs

MARCH 8, 2025

Authorities recovered $31 Million Related to 2021 Uranium Finance cyber heist Serbian student activists phone hacked using Cellebrite zero-day exploit Qilin ransomware gang claimed responsibility for the Lee Enterprises attack Meta fired 20 employees for leaking information, more firings expected International Press Newsletter Cybercrime U.S.

Data breaches 68

Data breaches Hacking Cybercrime Artificial Intelligence 68

Security Affairs

SEPTEMBER 27, 2021

Researchers from vpnMentor recently published a report that sheds the light on the use of Telegram in the cybercrime ecosystem. vpnMentor researchers joined several cybercrime-focused Telegram groups and discovered a vast network of more 1,000s individuals sharing data leaks and dumps and discussing how to exploit them in illegal activities.

Cybercrime 139

Cybercrime Hacking Mobile DDOS 139

Krebs on Security

JULY 25, 2023

In a report released July 12, researchers at Lumen’s Black Lotus Labs called the AVrecon botnet “one of the largest botnets targeting small-office/home-office (SOHO) routers seen in recent history,” and a crime machine that has largely evaded public attention since first being spotted in mid-2021. com, super-socks[.]com,

Malware 244

Malware VPN Internet Internet 244

Security Affairs

NOVEMBER 4, 2022

This is the 10 th edition of the annual report and analyzes events that took place between July 2021 and July 2022. Malware: 66 disclosures of zero-day vulnerabilities observed in 2021. Supply chain targeting : Third-party incidents account for 17% of the intrusions in 2021 compared to less than 1% in 2020. Cybercrime actors.

Cyber threats 142

Cyber threats Phishing Social Engineering Ransomware 142

Security Affairs

JUNE 25, 2023

Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix recently disclosed flaws in Apple devices VMware fixed five memory corruption issues in vCenter Server Fortinet fixes critical FortiNAC RCE, install updates asap More than a million GitHub repositories potentially vulnerable to RepoJacking New Mirai (..)

DDOS 98

DDOS Cybercrime Spyware Malware 98

Security Affairs

OCTOBER 12, 2021

The POC exploit code for this vulnerability is publicly available since July 2021. The botnet appeared on the threat landscape in November 2020, the attacks aimed at compromising the target systems to create an IRC botnet, which can later be used to conduct several malicious activities, including DDoS attacks and crypto-mining campaigns.

DDOS 118

DDOS Surveillance Hacking Internet 118

The Last Watchdog

NOVEMBER 1, 2021

Related: Enlisting ‘human sensors’ Unfortunately, with crime-as-a-service, the same is true for people interested in trying their hand at cybercrime. What makes CaaS especially problematic is that it brings cybercrime to the masses. Aquilai was acquired by Egress in 2021. Mounting a strong defense.

Phishing 150

Phishing Cybercrime Technology Hacking 150