Krebs on Security

DECEMBER 5, 2022

In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba , one of the Internet’s largest and oldest botnets. ” A report from the Polish computer emergency response team (CERT Orange Polksa) found Glupteba was the biggest malware threat in 2021.

Cybercrime 306

Cybercrime Malware Internet Internet 306

Krebs on Security

JUNE 28, 2022

On December 7, 2021, Google announced it was suing two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. But on Dec.

Passwords 319

Passwords Malware Internet Internet 319

Krebs on Security

AUGUST 25, 2021

A copy of the May 2021 complaint is here (PDF). Because plaintiff did not file his lawsuit until May 21, 2021, three years and five months after his injury, his claims should be dismissed.” Met with continued silence from the parents for many months, Schober filed suit against the kids and their parents in a Colorado court.

Cryptocurrency 362

Cryptocurrency Malware Mobile Accountability 362

Krebs on Security

APRIL 3, 2024

A September 2021 story here checked in on The Manipulaters, and found that Saim Raza and company were prospering under their FudCo brands, which they secretly managed from a front company called We Code Solutions. “Please remove this article,” Sam Raza wrote, linking to the 2021 profile. “Why you post us? But on Jan.

Phishing 297

Phishing Cybercrime Malware Advertising 297

Krebs on Security

JANUARY 17, 2024

The profile explains that he launched his own record label in 2021 called Punchmade Records, where he produces his own instrumentals and edits his own music videos. This November 2021 record includes a Certificate of Assumed Name, which shows that Punchmade LLC is the assumed name of OBN Group LLC.

Cybercrime 330

Cybercrime Media Banking Accountability 330

Krebs on Security

FEBRUARY 3, 2022

More recently in late 2021, Jeremy Fuchs of Avanan wrote that the use of a LinkedIn URL may mean that any profession — the market for LinkedIn — could click. Let me be clear that the activity described in this post is not new. “The idea is to create a link that contains a clean page, redirecting to a phishing page.”

Phishing 359

Phishing Marketing Scams Accountability 359

Krebs on Security

OCTOBER 17, 2023

As a result, the government was able to charge Golestan with 20 counts of wire fraud — one for each payment made by the phony companies that bought the IP addresses from ARIN. Golestan initially sought to fight those charges. Prosecutors estimated those addresses were valued at between $10 million and $14 million.

Internet 344

Internet Internet VPN Marketing 344

Krebs on Security

NOVEMBER 6, 2023

January 2021 posts on Verified show that Fearlless and his partner Universalo purchased the SWAT reshipping business from a Verified member named SWAT, who’d been operating the service for years.

Passwords 311

Passwords Cybercrime Accountability Hacking 311

Krebs on Security

DECEMBER 13, 2022

In November 2021, KrebsOnSecurity detailed how Pompompurin abused a vulnerability in an FBI online portal designed to share information with state and local law enforcement authorities, and how that access was used to blast out thousands of hoax email messages — all sent from an FBI email and Internet address.

Hacking 363

Hacking Energy and Utilities Cybercrime Accountability 363

Krebs on Security

JANUARY 9, 2023

In April 2021, KrebsOnSecurity revealed how identity thieves were exploiting lax authentication on Experian’s PIN retrieval page to unfreeze consumer credit files. A few days after that April 2021 story, KrebsOnSecurity broke the news that an Experian API was exposing the credit scores of most Americans.

Identity Theft 351

Identity Theft Accountability Authentication Web Fraud 351

Krebs on Security

JULY 10, 2022

In April 2021, KrebsOnSecurity revealed how identity thieves were exploiting lax authentication on Experian’s PIN retrieval page to unfreeze consumer credit files. A few days after that April 2021 story, KrebsOnSecurity broke the news that an Experian API was exposing the credit scores of most Americans.

Accountability 336

Accountability Passwords Authentication Password Management 336

Krebs on Security

JUNE 6, 2023

The crypto scam affiliate program “Project Impulse,” advertising in 2021. According to the FBI , financial losses from cryptocurrency investment scams dwarfed losses for all other types of cybercrime in 2022 , rising from $907 million in 2021 to $2.57 Image: Trend Micro. billion last year.

Accountability 262

Accountability Scams Cryptocurrency Advertising 262

Krebs on Security

NOVEMBER 19, 2021

.” Anyone interested in letting the CFPB know about a fraud scam that abused a P2P payment platform like Zelle, Cashapp, or Venmo, for example, should send an email describing the incident to BigTechPaymentsInquiry@cfpb.gov. CFPB-2021-0017 in the subject line of the message. Be sure to include Docket No.

Scams 362

Scams Banking Passwords Authentication 362

Krebs on Security

OCTOBER 9, 2023

A different domain with that same Google Analytics code that was registered in 2021 is peraltansepeda[.]com According to dnslytics.com , that same analytics code has shown up on at least six other nearly identical USPS phishing pages dating back nearly as many years, including onlineuspsexpress[.]com

Phishing 328

Phishing Scams Passwords Web Fraud 328

Krebs on Security

AUGUST 16, 2022

” The administrator of Breached is “ Pompompurin ,” the same individual who alerted this author in November 2021 to a glaring security hole in a U.S. Thank you for your cooperation and prompt attention to this urgent matter.” Justice Department website that was used to spoof security alerts from the FBI.

Data breaches 326

Data breaches Banking Cybercrime Marketing 326

Krebs on Security

DECEMBER 8, 2022

In April, 2021, KrebsOnSecurity detailed how CLOP helped pioneer another innovation aimed at pushing more victims into paying an extortion demand: Emailing the ransomware victim’s customers and partners directly and warning that their data would be leaked to the dark web unless they can convince the victim firm to pay up.

Healthcare 330

Healthcare Backups Ransomware Insurance 330

Krebs on Security

APRIL 12, 2022

11, 2021, an individual using the moniker “ SubVirt ” posted on RaidForums an offer to sell Social Security numbers, dates of birth and other records on more than 120 million people in the United States (SubVirt would later edit the sales thread to say 30 million records).

Government 262

Government Identity Theft Mobile Data breaches 262

Krebs on Security

AUGUST 30, 2022

2021 post about the change. . “Security keys can differentiate legitimate sites from malicious ones and block phishing attempts that SMS 2FA or one-time password (OTP) verification codes would not,” Twitter said in an Oct. ”

Mobile 340

Mobile Phishing Authentication Accountability 340

Krebs on Security

SEPTEMBER 2, 2021

Bill said that in the first week of April 2021, he identified 15,000 compromised Office365 accounts being accessed by this group, spread over 6,500 different organizations that use Office365.

Accountability 347

Accountability Authentication Passwords Hacking 347

Krebs on Security

JULY 18, 2022

In August 2021, 911’s biggest competitor — a 15-year-old proxy network built on malware-compromised PCs called VIP72 — abruptly closed up shop. .” The service charged 20 percent of all “scam wires,” unauthorized wire transfers resulting from bank account takeovers or scams like CEO impersonation schemes.

VPN 357

VPN Computers and Electronics Antivirus Software 357

Krebs on Security

AUGUST 2, 2022

1, 2021: 15-Year-Old Malware Proxy Network VIP72 Goes Dark. July 18, 2022: A Deep Dive Into the Residential Proxy Service ‘911’ June 28, 2022: The Link Between AWM Proxy & the Glupteba Botnet. June 22, 2022: Meet the Administrators of the RSOCKS Proxy Botnet.

Malware 323

Malware Cybercrime Internet Internet 323

Krebs on Security

AUGUST 17, 2023

Nevertheless, Cyberthreat reported that Devilscream was arrested by Indonesian police in late 2021 as part of a collaboration between INTERPOL and the U.S. 16Shop documentation instructing operators on how to deploy the kit. Image: ZeroFox. Federal Bureau of Investigation (FBI).

Phishing 242

Phishing Passwords Hacking Internet 242

Krebs on Security

SEPTEMBER 26, 2024

In January 2021, Joker’s Stash announced it was closing up shop , after European authorities seized a number of servers for the fraud store, and its proprietor came down with the Coronavirus. Joker’s Stash also was unique because it claimed to sell only payment cards that its own hackers had stolen directly from merchants.

Cryptocurrency 308

Cryptocurrency Cybercrime Retail Government 308

Krebs on Security

JULY 21, 2022

Nolan said her nightmare began in late 2021 with a Twitter direct message from someone who was following many of the same cryptocurrency influencers she followed. Nolan’s case may be especially bad because she was already interested in crypto investing when the scammer reached out.

Scams 328

Scams Cryptocurrency Marketing Internet 328

Krebs on Security

APRIL 18, 2023

” Russian corporate records indicate this entity was liquidated in 2021. More recent records for IP Pankov Denis Viktorovich show a microenterprise with this name in Omsk that described its main activity as “retail sale by mail or via the Internet.”

Malware 303

Malware Passwords Accountability Advertising 303

Krebs on Security

MARCH 22, 2022

The latest document in the hacked archive is dated April 2021. Incredibly, Vrublevsky himself appears to have used ChronoPay’s Confluence wiki to document his entire 20+ years of personal and professional history in the high-risk payments space, including the company’s most recent forays with HPay.

Banking 243

Banking Marketing DDOS Risk 243

Krebs on Security

JULY 25, 2023

In a report released July 12, researchers at Lumen’s Black Lotus Labs called the AVrecon botnet “one of the largest botnets targeting small-office/home-office (SOHO) routers seen in recent history,” and a crime machine that has largely evaded public attention since first being spotted in mid-2021.

Malware 244

Malware VPN Internet Internet 244

Malwarebytes

JUNE 8, 2022

Chainalysis also notes a potential connection between SSNDOB and another dark web market trading in credit cards which called it quits in 2021. We’ve noted the gradual emergence of Bitcoin ATMs in scams previously; here, cryptocurrency ATMs are more popular as a payment method to SSNDOB than other dubious online services.

DDOS 120

DDOS Cryptocurrency Data breaches Scams 120

Security Boulevard

DECEMBER 5, 2022

In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba, one of the Internet's largest and oldest botnets.

Cybercrime 52

Cybercrime Internet Internet Web Fraud 52

Security Boulevard

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites.

Hacking 52

Hacking Phishing Media Malware 52

Krebs on Security

APRIL 27, 2022

Donahue is co-founder of Kodex , a company formed in February 2021 that builds security portals designed to help tech companies “manage information requests from government agencies who contact them, and to securely transfer data & collaborate against abuses on their platform.” A sample Kodex dashboard. Image: Kodex.us.

Mobile 239

Mobile Government Media Technology 239

Krebs on Security

MARCH 31, 2022

That was in March 2021, but there are similar fake EDR services on offer today. In July 2021, Sen. .” Tuesday’s story showed how fraudulently obtained EDRs were a tool used by members of LAPSUS$ , the data extortion group that recently hacked Microsoft , NVIDIA , Okta and Samsung.

Government 317

Government Accountability Education Media 317

Krebs on Security

APRIL 11, 2022

2021, the Bitcoin Foundation (bitcoin.org) was hacked, with the intruders placing a pop-up message on the site asking visitors to send money. Federal Trade Commission , nearly 7,000 people lost more than $80 million in crypto scams from October 2020 through March 2021 based on consumer fraud reports.

Scams 245

Scams Cryptocurrency Media Hacking 245

Krebs on Security

MARCH 22, 2023

In November 2022, researchers at Google’s Project Zero warned about active attacks on Samsung mobile phones which chained together three security vulnerabilities that Samsung patched in March 2021, and which would have allowed an app to add or read any files on the device.

Malware 327

Malware eCommerce Mobile Media 327

Krebs on Security

SEPTEMBER 30, 2024

The complaint references a November 2021 incident wherein Iza and E.Z. They’re active-duty.” ” The FBI alleges LASD officers had on several previous occasions tried to kidnap and extort E.Z. at Iza’s behest. were in a car together when Iza asked to stop and get snacks at a convenience store. to hand over his phone.

Cryptocurrency 323

Cryptocurrency Government Internet Internet 323

Krebs on Security

FEBRUARY 28, 2023

In August 2021, T-Mobile acknowledged that hackers made off with the names, dates of birth, Social Security numbers and driver’s license/ID information on more than 40 million current, former or prospective customers who applied for credit with the company.

Mobile 338

Mobile Phishing Authentication Advertising 338

Krebs on Security

AUGUST 4, 2022

” In 2021, more than 92,000 victims over the age of 60 reported losses of $1.7 . “They might also be concerned that their relatives will lose confidence in their abilities to manage their own financial affairs. And when an elderly victim does report a crime, they may be unable to supply detailed information to investigators.”

Banking 307

Banking Scams Accountability Passwords 307