Krebs on Security

MARCH 11, 2025

government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Treasury Office of Foreign Assets Control in April 2022 for receiving hundreds of millions in criminal proceeds, including funds used to facilitate hacking, ransomware, terrorism and drug trafficking.

Ransomware 287

Ransomware Cryptocurrency Marketing Government 287

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. The email address used for those accounts was f.grimpe@gmail.com. lol and nulled[.]it.

eCommerce 226

eCommerce Cybercrime Accountability Hacking 226

Security Affairs

JUNE 17, 2025

State-sponsored hackers compromised the email accounts of several journalists working at the Washington Post. A cyberattack, likely carried out by state-sponsored hackers, compromised the Microsoft email accounts of Washington Post journalists, including reporters covering China and national security.

Accountability 104

Accountability Cyber Attacks Media Hacking 104

Krebs on Security

FEBRUARY 26, 2023

Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. GoDaddy has not disclosed the source of the breach in December 2022 that led to malware on some customer websites. A U2F device made by Yubikey.

Hacking 339

Hacking Social Engineering Phishing Scams 339

Schneier on Security

APRIL 9, 2024

US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China. The board was established in early 2022, modeled in spirit after the National Transportation Safety Board. It was a serious attack by the Chinese government that accessed the emails of senior U.S. government officials.

Hacking 329

Hacking Government Accountability Technology 329

Krebs on Security

FEBRUARY 16, 2022

The ICRC said the hacked servers contained data relating to the organization’s Restoring Family Links services, which works to reconnect people separated by war, violence, migration and other causes. .” In their online statement about the hack (updated on Feb. Image: Ke-la.com. and other western audiences. com, sachtimes[.]com,

Hacking 310

Hacking Ransomware Media Accountability 310

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.

Advertising 283

Advertising Retail Cryptocurrency Cybercrime 283

Krebs on Security

AUGUST 29, 2023

According to recent figures from the managed security firm Reliaquest , QakBot is by far the most prevalent malware “loader” — malicious software used to secure access to a hacked network and help drop additional malware payloads. Today’s operation is not the first time the U.S.

Hacking 322

Hacking Malware Ransomware Government 322

Krebs on Security

DECEMBER 13, 2022

Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online — using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself. Department of Defense. USDoD’s InfraGard sales thread on Breached.

Hacking 363

Hacking Cybercrime Energy and Utilities Accountability 363

Schneier on Security

MAY 17, 2024

The seizure messages include ways to contact the FBI about the seizure, including an email, a Telegram account, a TOX account, and a dedicated page hosted on the FBI’s Internet Crime Complaint Center (IC3). co and run by pompompurin) operated a similar hacking forum from March 2022 until March 2023. .

Hacking 312

Hacking Accountability Ransomware Internet 312

Security Affairs

JUNE 5, 2024

A vulnerability in the popular video-sharing platform TikTok allowed threat actors to take over the accounts of celebrities. Threat actors exploited a zero-day vulnerability in the video-sharing platform TikTok to hijack high-profile accounts. The compromised accounts did not post content, and the extent of the impact is unclear.

Accountability 134

Accountability Hacking Malware Information Security 134

Tech Republic Security

JULY 12, 2024

Businesses and individuals with AT&T accounts from May 1, 2022 to October 31, 2022 and on January 2, 2023 will be notified if their data was affected.

Hacking 203

Hacking Accountability Big data Telecommunications 203

Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. ” reads the complaint.

Password Management 87

Password Management Cryptocurrency Passwords Data breaches 87

Security Affairs

NOVEMBER 15, 2024

. “Ilya Lichtenstein was sentenced today to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex, a global cryptocurrency exchange.” Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex.

Cryptocurrency 106

Cryptocurrency Hacking Government Accountability 106

Security Affairs

NOVEMBER 21, 2024

The cybercrime group Scattered Spider is suspected of hacking into hundreds of organizations over the past two years, including Twilio , LastPass , DoorDash , and Mailchimp. Victims included gaming, telecom, and cryptocurrency firms, with losses reaching millions in stolen cryptocurrency and data from hundreds of thousands of accounts.

Cybercrime 110

Cybercrime Identity Theft Cryptocurrency Phishing 110

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking 253

Hacking Cybercrime Ransomware Government 253

Krebs on Security

NOVEMBER 11, 2023

In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address.

Accountability 345

Accountability Authentication Passwords Identity Theft 345

Security Affairs

OCTOBER 15, 2024

In October 2018, the US-CERT released a joint technical alert from the DHS, the FBI, and the Treasury warning about the ATM cash-out scheme, dubbed “FASTCash,” being used by the prolific North Korean APT hacking group known as Hidden Cobra (aka Lazarus Group and Guardians of Peace). post-April 2022. ” continues the analysis.

Malware 132

Malware Banking Hacking Accountability 132

Security Affairs

APRIL 9, 2025

The US Office of the Comptroller of the Currency (OCC) disclosed a major email breach compromising 100 accounts, undetected for over a year. The cybersecurity incident involved unauthorized access to emails via a compromised admin account. Affected accounts were disabled. The breach was confirmed on Feb. OCC on Feb.

Accountability 123

Accountability Banking Information Security Hacking 123

Krebs on Security

OCTOBER 20, 2023

BeyondTrust’s security team detected that someone was trying to use an Okta account assigned to one of their engineers to create an all-powerful administrator account within their Okta environment. The disclosure from Okta comes just weeks after casino giants Caesar’s Entertainment and MGM Resorts were hacked.

Social Engineering 362

Social Engineering Engineering Accountability Hacking 362

Krebs on Security

JANUARY 30, 2024

Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 9, 2024, U.S.

Social Engineering 361

Social Engineering Mobile Cybercrime Passwords 361

Troy Hunt

APRIL 14, 2022

I'd filed the (alleged) Avvo breach away in the "too hard" basket a long time ago and it was only after seeing this tweet last week that a distant bell rang in my head: @troyhunt Looks like @avvo has had a breach of their user list -- I'm getting those "you've been hacked" scam emails on my Avvo-specific address.

Data breaches 361

Data breaches Scams Passwords Accountability 361

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. “If you have my seed phrase, you can copy and paste that into your wallet, and then you can see all my accounts.

Cryptocurrency 362

Cryptocurrency Passwords Encryption Accountability 362

Krebs on Security

SEPTEMBER 13, 2023

In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle “ USDoD ” had infiltrated the FBI ‘s vetted information sharing network InfraGard , and was selling the contact information for all 80,000 members. Microsoft Corp. government inboxes.

Cybercrime 349

Cybercrime Passwords Authentication Malware 349

Krebs on Security

AUGUST 2, 2022

With the recent demise of several popular “proxy” services that let cybercriminals route their malicious traffic through hacked PCs, there is now something of a supply chain crisis gripping the underbelly of the Internet. The various “iboss” email accounts appear to have been shared by multiple parties.

Malware 331

Malware Cybercrime Internet Internet 331

Krebs on Security

MAY 28, 2024

KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later. The 911 S5 botnet-powered proxy service, circa July 2022. dollars using over-the-counter vendors who wired and deposited funds into bank accounts held by Liu.

VPN 307

VPN Banking Cybercrime Internet 307

Krebs on Security

MAY 29, 2024

” From 2015 to July 2022, 911 S5 sold access to hundreds of thousands of Microsoft Windows computers daily, as “proxies” that allowed customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States. The prices page for 911 S5, circa July 2022. $28

VPN 359

VPN Government Cybercrime Internet 359

Security Affairs

OCTOBER 16, 2024

Among them, it was possible to identify tax registration, email addresses, registered domains, IP addresses, social media accounts, telephone number and city. However, the Brazilian national turned into more complex cybercriminal activities by 2022. The man used of the same email and phrases across social media and forums.

Data breaches 127

Data breaches Media Cybercrime Accountability 127

Krebs on Security

SEPTEMBER 22, 2023

But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass. KrebsOnSecurity last month interviewed a victim who recently saw more than three million dollars worth of cryptocurrency siphoned from his account.

Passwords 336

Passwords Encryption Password Management Cryptocurrency 336

Security Affairs

JULY 17, 2022

Threat actors hacked the popular NFT platform, Premint NFT and stole 314 NFTs. The popular NFT platform, Premint NFT, was hacked, the threat actors compromised its official website and stole 314 NFTs. According to the experts from blockchain security firm CertiK, this is one of the biggest NFT hacks on record.

Hacking 145

Hacking Accountability Media Technology 145

Krebs on Security

JULY 10, 2022

Twice in the past month KrebsOnSecurity has heard from readers who’ve had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts.

Accountability 343

Accountability Passwords Authentication Password Management 343

Krebs on Security

APRIL 16, 2024

For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the state’s revenue department in 2012 and stealing tax and bank account information for 3.6 million people. said investigators determined the breach began on Aug.

Identity Theft 316

Identity Theft Banking Cybercrime Hacking 316

Security Affairs

MAY 21, 2024

The Blackbasta extortion group claims to have hacked Atlas, one of the largest national distributors of fuel in the United States. The gang published a series of documents as proof of the hack, including people’s ID cards, data sheets, payroll payment requesters and a picture of the folder exfiltrated from the victim’s systems.

Hacking 143

Hacking Ransomware Phishing Malware 143

Security Affairs

SEPTEMBER 16, 2022

— Uber Comms (@Uber_Comms) September 16, 2022. According to the New York Times , the threat actors hacked an employee’s Slack account and used it to inform internal personnel that the company had “suffered a data breach” and provided a list of allegedly hacked internal databases. “I

Hacking 144

Hacking Data breaches Information Security Engineering 144

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. Lured in by similar color schemes, company logos, and familiar layouts, victims log in to their account by entering their username and password.

Small Business 94

Small Business Cybersecurity Scams Passwords 94

Security Affairs

JUNE 6, 2025

.” Maxim Rudometov has been closely involved with the RedLine infostealer operation, regularly managing its technical infrastructure and handling cryptocurrency accounts used to receive and launder payments. After Russia’s invasion of Ukraine in February 2022, Rudometov reportedly fled to Krasnodar, Russia.

Malware 87

Malware Passwords Identity Theft Government 87

Krebs on Security

FEBRUARY 24, 2023

BHProxies has authored 129 posts on Black Hat World since 2012, and their last post on the forum was in December 2022. The account didn’t resume posting on the forum until April 2014. Reached via LinkedIn, Mr. Shotliff said he sold his BHProxies account to another Black Hat World forum user from Egypt back in 2014.

Accountability 316

Accountability Advertising Marketing Malware 316