2021, Cybercrime, Hacking and Information Security

Russian cybercrime forums launch contests for cryptocurrency hacks

Security Affairs

JUNE 7, 2021

Cybercriminals in Russian underground forums have been invited to take part in competitions for hacking cryptocurrency and NFT. Several Russian underground forums have launched competitions for hacking cryptocurrency schema and Non-fungible token (NFT). SecurityAffairs – hacking, cryptocurrency hack). Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Cybercrime Hacking Technology

Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case

Security Affairs

MARCH 15, 2024

US DoJ sentenced a Moldovan national (31) to 42 months in federal prison for operating the E-Root cybercrime marketplace. Diaconu was operating the E-Root cybercrime marketplace. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime)

Cybercrime

Cybercrime Cryptocurrency Advertising Passwords

Acer Philippines disclosed a data breach after a third-party vendor hack

Security Affairs

MARCH 13, 2024

Acer Philippines disclosed a data breach after employee data was leaked by a threat actor on a hacking forum. In our commitment to full transparency, we wish to inform you of a recent security incident involving a third-party vendor managing employee attendance data.

Data breaches

Data breaches Computers and Electronics Hacking Cybercrime

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware. The HelloKitty gang has been active since January 2021.

Cybercrime

Cybercrime Ransomware DDOS Encryption

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. In May 2021, cybercriminals offered more than 36,000 login credentials for.edu email accounts and advertised the data on an instant messaging platform. To nominate, please visit:?.

Cybercrime

Cybercrime Education Accountability Phishing

TA558 cybercrime group targets hospitality and travel orgs

Security Affairs

AUGUST 20, 2022

TA558 cybercrime group is behind a malware campaign targeting hospitality, hotel, and travel organizations in Latin America. Researchers from Proofpoint are monitoring a malware campaign conducted by a cybercrime group, tracked as TA558, that is targeting hospitality, hotel, and travel organizations in Latin America.

Cybercrime

Cybercrime Malware Phishing Internet

Cybercrime underground flooded with offers for initial access to shipping and logistics orgs

Security Affairs

NOVEMBER 3, 2021

Experts warn of the availability in the cybercrime underground of offers for initial access to networks of players in global supply chains. In August 2021 , an affiliate of the Conti ransomware gang claimed access to corporate networks belonging to a U.S. In October 2021 , a threat actor claimed access to the network of a U.S.-based

Cybercrime

Cybercrime VPN Ransomware Hacking

The newer cybercrime triad: TrickBot-Emotet-Conti

Security Affairs

NOVEMBER 20, 2021

“Most likely because no other groups were able to replicate such capabilities, after leaving cyberspace in January 2021, Emotet left a vacuum that was not filled even with MASSLOADER, also known as Hancitor. “Emotet’s return is not coincidental, it is caused by major shifts in the overall cybercrime domain.

Cybercrime

Cybercrime Ransomware Banking Malware

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime

Cybercrime Malware Backups Manufacturing

HAEICHI-II: Interpol arrested +1,000 suspects linked to various cybercrimes

Security Affairs

NOVEMBER 27, 2021

HAEICHI-II: Interpol arrested 1,003 individuals charged for several cybercrimes, including romance scams, investment frauds, and online money laundering. of), Laos, Malaysia, Maldives, Philippines, Romania, Singapore, Slovenia, Spain, Thailand, and Vietnam) between June and September 2021. ” concludes the announcement.

Cybercrime

Cybercrime Scams Banking Malware

The fire in the OVH datacenter also impacted APTs and cybercrime groups

Security Affairs

MARCH 13, 2021

The fire at the OVH datacenter in Strasbourg also impacted the command and control infrastructure used by several nation-state APT groups and cybercrime gangs. The servers were used by cybercrime gangs and APT groups, including Iran-linked Charming Kitten and APT39 groups, the Bahamut cybercrime group, and the Vietnam-linked OceanLotus APT.

Cybercrime

Cybercrime Malware Hacking Accountability

New ‘Karakurt’ cybercrime gang focuses on data theft and extortion

Security Affairs

DECEMBER 11, 2021

Accenture researchers detailed the activity of a new sophisticated cybercrime group, called Karakurt, behind recent cyberattacks. The activity of the group was first spotted in June 2021, but the group has been more active in Q3 2021. In June 2021 the gang registered the domains hosting its leak sites, karakurt[.]group

Cybercrime

Cybercrime VPN Ransomware Hacking

The worst cyber attacks of 2021

Security Affairs

JANUARY 3, 2022

Which are the cyber attacks of 2021 that had the major impact on organizations worldwide in terms of financial losses and disruption of the operations? The systems at the company were infected with the Phoenix Locker, a variant of ransomware tracked as Hades that was part of the arsenal of the cybercrime group known as Evil Corp.

Cyber Attacks

Cyber Attacks Ransomware Insurance Hacking

Cybercrime Forum Data Set for 2019 and 2021 – Free Direct Download Technical Collection Copy Available! Grab a Copy Today!

Security Boulevard

MAY 25, 2021

I've decided to make my Cybercrime Forum Data Set for 2019 and 2021 exclusively available online for free in order for me to speed the dissemination process and to possibly empower security researchers and vendors with the necessary information to help them stay on the top of their game in terms of current and emerging cyber threats including U.S

Cybercrime

Cybercrime Cyber threats Hacking Software

Reading INTERPOL the African Cyberthreat Assessment Report 2021

Security Affairs

OCTOBER 30, 2021

INTERPOL published the African Cyberthreat Assessment Report 2021, a report that analyzes evolution of cybercrime in Africa. A new report published by INTERPOL, titled the African Cyberthreat Assessment Report 2021 , sheds the light on cybercrime in Africa. of the overall number.

Cybercrime

Cybercrime Scams DDOS Banking

TeamTNT cybercrime gang expands its arsenal to target thousands of orgs worldwide

Security Affairs

SEPTEMBER 9, 2021

The financially motivated TeamTNT hacking group expanded its arsenal with new tools used to target thousands of victims worldwide. Evidence collected by the experts suggests that the campaign began on July 25, 2021, threat actors used a large set of open-source tools in the attacks. SecurityAffairs – hacking, TeamTNT).

Cybercrime

Cybercrime Cryptocurrency Penetration Testing Malware

The Biden administration will work with 30 countries to curb global cybercrime

Security Affairs

OCTOBER 3, 2021

The Biden administration announced it will work with 30 countries, including NATO allies and G7 partners, to curb global cybercrime. President Joe Biden announced that the US will work with 30 countries to curb cybercrime and dismantle ransomware gangs that are targeting organizations worldwide. Pierluigi Paganini.

Cybercrime

Cybercrime Artificial Intelligence Ransomware Cryptocurrency

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. “The intrusion that is detailed in this post began on May 18, 2021, which occurred days after the publicly reported shutdown of the overall DARKSIDE program ( Mandiant Advantage background ).

Cybercrime

Cybercrime Ransomware Antivirus Software

Cyber Security Roundup for April 2021

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. How not to disclosure a Hack. UK fashion retailer FatFace angered customers in its handling of a customer data theft hack. conduct employee phishing tests.

Energy and Utilities

Energy and Utilities Ransomware Banking Hacking

Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha

Security Affairs

FEBRUARY 27, 2021

‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. ?A breach #infosec #deepwebnews @FinanzasEc @EcuCERT_EC pic.twitter.com/WTbXz8EYLx — Security Chronicle (@SecurChronicle) February 23, 2021. Pierluigi Paganini.

Hacking

Hacking Banking Ransomware Passwords

German police seized the darknet marketplace Nemesis Market

Security Affairs

MARCH 23, 2024

An operation conducted by the Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) led to the seizure of the infrastructure of the darknet marketplace Nemesis Market in Germany and Lithuania. Crimemarket was a prominent platform for trading illegal drugs, narcotics, and cybercrime services.

Marketing

Marketing Cybercrime DDOS Internet

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

Security Affairs

DECEMBER 15, 2023

The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. The Snatch ransomware group claims to have hacked Kraft Heinz in August and on December 14, it added the company to the list of victims on its leak site.

Hacking

Hacking Ransomware Computers and Electronics Marketing

AT&T confirmed that a data breach impacted 73 million customers

Security Affairs

MARCH 30, 2024

AT&T confirmed that a data breach impacted 73 million current and former customers after its data were leaked on a cybercrime forum. The seller, who goes online with the moniker MajorNelson, claims that the data was obtained from an unnamed AT&T division by @ ShinyHunters in 2021. The archive contains 73.481.539 records. “It

Data breaches

Data breaches Telecommunications Cybercrime Hacking

Rhysida Ransomware gang claims to have hacked three more US hospitals

Security Affairs

SEPTEMBER 10, 2023

Recently the Rhysida ransomware group made the headlines because it announced the hack of Prospect Medical Holdings and the theft of sensitive information from the organization. Margaret’s Health announced it is partly closing operations at its hospitals due to a 2021 ransomware attack that impacted its payment system.

Hacking

Hacking Ransomware Healthcare Cyber Attacks

CVE-2021-44731 Linux privilege escalation bug affects Canonical’s Snap Package Manager

Security Affairs

FEBRUARY 18, 2022

Qualys experts found a new Linux privilege escalation vulnerability, tracked as CVE-2021-44731, in Canonical’s Snap Package Manager. Canonical’s Snap software packaging and deployment system are affected by multiple vulnerabilities, including a privilege escalation flaw tracked as CVE-2021-44731 (CVSS score 7.8).

Software

Software Hacking Cybercrime Information Security

Microsoft warns of attacks exploiting recently patched Windows MSHTML CVE-2021-40444 bug

Security Affairs

SEPTEMBER 16, 2021

Microsoft revealed that multiple threat actors are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444 ). The campaigns observed August 2021 likely employed emails impersonating contracts and legal agreements, the messages used documents that were hosted on file-sharing sites. .

Ransomware

Ransomware Cybercrime Hacking Information Security

Ex-Canadian government employee admits to being a member of the Russian cybercrime gang NetWalker

Security Affairs

JUNE 30, 2022

A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. to charges related to his involvement with the Russian cybercrime group NetWalker. SecurityAffairs – hacking, Ex-Canadian government employee admits to be a member of the Russian cybercrime gang NetWalkerNetWalker).

Cybercrime

Cybercrime Government Ransomware Cryptocurrency

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One

Security Affairs

SEPTEMBER 30, 2023

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Motel One ) The post ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One appeared first on Security Affairs. the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Hacking

Hacking Ransomware Manufacturing Media

Morgan Stanley discloses data breach after the hack of a third-party vendor

Security Affairs

JULY 8, 2021

The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. The security breach was first reported by BleepingComputer that also shared a copy of the data breach notification letter sent to the impacted customers.

Data breaches

Data breaches Hacking Banking Financial Services

Info stealers and how to protect against them

Security Affairs

DECEMBER 18, 2023

“Cashout bank logs” typically refer to a type of cybercrime where individuals gain unauthorized access to banking information, often through phishing attacks or hacking, and then use that information to withdraw money or make unauthorized transactions.

Banking

Banking Cybercrime Malware Accountability

Organizations paid at least $602 million to ransomware gangs in 2021

Security Affairs

FEBRUARY 13, 2022

Organizations have paid more than $600 million in cryptocurrency during 2021, nearly one-third to the Conti ransomware gang. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. Last week, cybersecurity agencies from the U.K., added the company. .”

Ransomware

Ransomware Cryptocurrency Cybercrime Malware

Ukrainian REvil gang member sentenced to 13 years in prison

Security Affairs

MAY 2, 2024

In November 2021, the US Department of Justice charged Vasinskyi, REvil ransomware affiliate, for orchestrating the ransomware attacks on Kaseya MSP platform that took place on July 4, 2021. victims, and we are disrupting the broader cybercrime ecosystem.”

Ransomware

Ransomware Cryptocurrency Cybercrime Encryption

Security Affairs most-read cyber stories of 2021

Security Affairs

JANUARY 1, 2022

Which are the most-read cyber stories of 2021? The development team behind the Linux Mint distro has fixed a security flaw that could have allowed users to bypass the OS screensaver. billion login credentials, has been leaked on a popular hacking forum. Hacking Nespresso machines to have unlimited funds to purchase coffee.

Hacking

Hacking VPN Passwords Ransomware

FIN11 cybercrime group is behind recent wave of attacks on FTA servers

Security Affairs

FEBRUARY 23, 2021

FireEye experts linked a series of attacks targeting Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. Security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11.

Cybercrime

Cybercrime Software Ransomware Cyber Attacks

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Security Affairs

MAY 13, 2024

In December 2021, experts at Check Point Research observed the resurgence of the Phorpiex botnet. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Phorpiex botnet)

Phishing

Phishing Ransomware Security Awareness Authentication

Personal health information of 42M Americans leaked between 2016 and 2021

Security Affairs

DECEMBER 31, 2022

Crooks have had access to the medical records of 42 million Americans since 2016 as the number of hacks on healthcare organizations doubled. Medical records of 42 million Americans are being sold on the dark web since 2016, this information comes from cyberattacks on healthcare providers. million in 2021. Pierluigi Paganini.

Healthcare

Healthcare Ransomware Backups Hacking

Clop ransomware gang was testing MOVEit Transfer bug since 2021

Security Affairs

JUNE 9, 2023

Researchers discovered that the Clop ransomware gang was looking for a zero-day exploit in the MOVEit Transfer since 2021. Kroll security experts discovered that the Clop ransomware gang was looking for a zero-day exploit in the MOVEit Transfer since 2021. ” reads the analysis published by the security firm.

Ransomware

Ransomware Hacking Retail Internet

Crooks bypass a Microsoft Office patch for CVE-2021-40444 to spread Formbook malware

Security Affairs

DECEMBER 23, 2021

Crooks discovered how to bypass the patch for a recent Microsoft Office vulnerability (CVE-2021-40444) and are using it to distribute Formbook malware. Cybercriminals have found a way to bypass the patch for a recent Microsoft Office vulnerability tracked as CVE-2021-40444 (CVSS score of 8.8). Pierluigi Paganini.

Malware

Malware Hacking Ransomware Cybercrime

Energy giant Shell discloses data breach caused by Accellion FTA hack

Security Affairs

MARCH 23, 2021

.” Since the disclosure of the vulnerabilities in Accellion FTA multiple cybercrime groups targeted organizations worldwide. In February, security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11.

Data breaches

Data breaches Hacking Cybercrime Cyber Attacks

Twitter says recently leaked user data are from 2021 breach

Security Affairs

DECEMBER 13, 2022

Twitter confirmed that the recent leak of members’ profile information resulted from the 2021 data breach disclosed in August 2022. Twitter confirmed that the recent data leak of millions of profiles resulted from the 2021 data breach that the company disclosed in August 2022. Source: Twitter account @sonoclaudio.

Data breaches

Data breaches Accountability Media Hacking

Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications

Security Affairs

JANUARY 8, 2024

BlackCat/ALPHV ransomware gang has been active since November 2021, the list of its victims is long and includes industrial explosives manufacturer SOLAR INDUSTRIES INDIA , the US defense contractor NJVC , gas pipeline Creos Luxembourg S.A. , the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Hacking

Hacking Data breaches Ransomware Manufacturing

Phorpiex botnet is back, in 2021 it $500K worth of crypto assets

Security Affairs

DECEMBER 17, 2021

The botnet has been active since at least 2016, but in August the criminal organization behind the Phorpiex botnet have shut down their operations and put the source code of the bot for sale on a cybercrime forum in on a dark web. SecurityAffairs – hacking, Phorpiex botnet). Many wallets have been active for several years.”

Cryptocurrency

Cryptocurrency Cybercrime Malware Hacking

USCYBERCOM and CISA warn organizations to fix CVE-2021-26084 Confluence flaw

Security Affairs

SEPTEMBER 3, 2021

USCYBERCOM is urging organizations to patch a critical CVE-2021-26084 flaw in Atlassian Confluence Server and Data Center, ahead of the Labor Day weekend. . US Cyber Command (USCYBERCOM) has issued an alert to warn US organizations to address Atlassian Confluence CVE-2021-26084 vulnerability immediately, ahead of the Labor Day weekend.

Authentication

Authentication Cryptocurrency Hacking Government

Glupteba botnet is back after Google disrupted it in December 2021

Security Affairs

DECEMBER 19, 2022

The Glupteba botnet is back, researchers reported a surge in infection worldwide after Google disrupted its operation in 2021. In December 2021, Google announced it has taken down the infrastructure operated by the Glupteba botnet, it also sued Russian nationals Dmitry Starovikov and Alexander Filippov for creating and operating the botnet.

DNS

DNS Antivirus Cryptocurrency Software

Russian cybercrime forums launch contests for cryptocurrency hacks

Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case

Trending Sources

Acer Philippines disclosed a data breach after a third-party vendor hack

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

FBI: Compromised US academic credentials available on various cybercrime forums

TA558 cybercrime group targets hospitality and travel orgs

Cybercrime underground flooded with offers for initial access to shipping and logistics orgs

The newer cybercrime triad: TrickBot-Emotet-Conti

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

HAEICHI-II: Interpol arrested +1,000 suspects linked to various cybercrimes

The fire in the OVH datacenter also impacted APTs and cybercrime groups

New ‘Karakurt’ cybercrime gang focuses on data theft and extortion

The worst cyber attacks of 2021

Cybercrime Forum Data Set for 2019 and 2021 – Free Direct Download Technical Collection Copy Available! Grab a Copy Today!

Reading INTERPOL the African Cyberthreat Assessment Report 2021

TeamTNT cybercrime gang expands its arsenal to target thousands of orgs worldwide

The Biden administration will work with 30 countries to curb global cybercrime

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Cyber Security Roundup for April 2021

Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha

German police seized the darknet marketplace Nemesis Market

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

AT&T confirmed that a data breach impacted 73 million customers

Rhysida Ransomware gang claims to have hacked three more US hospitals

CVE-2021-44731 Linux privilege escalation bug affects Canonical’s Snap Package Manager

Microsoft warns of attacks exploiting recently patched Windows MSHTML CVE-2021-40444 bug

Ex-Canadian government employee admits to being a member of the Russian cybercrime gang NetWalker

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One

Morgan Stanley discloses data breach after the hack of a third-party vendor

Info stealers and how to protect against them

Organizations paid at least $602 million to ransomware gangs in 2021

Ukrainian REvil gang member sentenced to 13 years in prison

Security Affairs most-read cyber stories of 2021

FIN11 cybercrime group is behind recent wave of attacks on FTA servers

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Personal health information of 42M Americans leaked between 2016 and 2021

Clop ransomware gang was testing MOVEit Transfer bug since 2021

Crooks bypass a Microsoft Office patch for CVE-2021-40444 to spread Formbook malware

Energy giant Shell discloses data breach caused by Accellion FTA hack

Twitter says recently leaked user data are from 2021 breach

Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications

Phorpiex botnet is back, in 2021 it $500K worth of crypto assets

USCYBERCOM and CISA warn organizations to fix CVE-2021-26084 Confluence flaw

Glupteba botnet is back after Google disrupted it in December 2021

Stay Connected