Krebs on Security

DECEMBER 5, 2022

The defendants, who initially pursued a strategy of counter suing Google for interfering in their sprawling cybercrime business, later brazenly offered to dismantle the botnet in exchange for payment from Google. 2022 by Google researcher Luca Nagy. Another slide from Google researcher Luca Nagy’s September 2022 talk on Glupteba.

Cybercrime 234

Cybercrime Malware Internet Internet 234

Krebs on Security

AUGUST 16, 2022

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. Such responses generally accomplish nothing, except unnecessarily upping the stakes for everyone involved while displaying a dangerous naiveté about how the cybercrime underground works.

Data breaches 261

Data breaches Banking Cybercrime Marketing 261

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. com — which was created to phish U.S.

Malware 273

Malware Banking Phishing DDOS 273

Krebs on Security

APRIL 4, 2024

info , a website erected after Russia invaded Ukraine in early 2022 that doxed Russians perceived to have helped the Ukrainian cause. In keeping with the overall theme, these phishing domains appear focused on stealing usernames and passwords to some of the cybercrime underground’s busiest shops, including Brian’s Club.

Phishing 216

Phishing Cryptocurrency DDOS Internet 216

Krebs on Security

FEBRUARY 28, 2023

Image: Shutterstock.com Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. But by the time we got to claims made in the middle of May 2022, completing the rest of the year’s timeline seemed unnecessary.

Mobile 312

Mobile Phishing Authentication Advertising 312

Krebs on Security

AUGUST 17, 2023

Constella Intelligence , a data breach and threat actor research platform, now allows users to cross-reference popular cybercrime websites and denizens of these forums with inadvertent malware infections by information-stealing trojans.

Phishing 192

Phishing Passwords Internet Internet 192

Krebs on Security

MAY 22, 2023

This email address is also connected to accounts on several Russian cybercrime forums, including “ __edman__ ,” who had a history of selling “logs” — large amounts of data stolen from many bot-infected computers — as well as giving away access to hacked Internet of Things (IoT) devices.

Scams 243

Scams DDOS Cryptocurrency Accountability 243

Krebs on Security

OCTOBER 31, 2023

Interisle’s newest study examined six million phishing reports between May 1, 2022 and April 30, 2023, and identified approximately 30,000.US As far back as 2018, Interisle found.US domains were the worst in the world for spam, botnet (attack infrastructure for DDOS etc.) and illicit or harmful content. US phishing domains.

Phishing 269

Phishing Telecommunications Malware Scams 269

Krebs on Security

DECEMBER 8, 2022

First spotted in mid-August 2022 , Venus is known for hacking into victims’ publicly-exposed Remote Desktop services to encrypt Windows devices. Last month, the U.S. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S. healthcare organizations.

Healthcare 265

Healthcare Backups Ransomware Insurance 265

Krebs on Security

JULY 18, 2022

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source. FORUM ACTIVITY?

VPN 304

VPN Computers and Electronics Antivirus Software 304

Krebs on Security

JUNE 6, 2023

According to the FBI , financial losses from cryptocurrency investment scams dwarfed losses for all other types of cybercrime in 2022 , rising from $907 million in 2021 to $2.57 The ScamDoc fake reputation websites, which were apparently used to help make fake crypto investment platforms look more trustworthy. Image: Trend Micro.

Accountability 212

Accountability Scams Cryptocurrency Advertising 212

Krebs on Security

JULY 21, 2022

. “The fraud is named for the way scammers feed their victims with promises of romance and riches before cutting them off and taking all their money,” the Federal Bureau of Investigation (FBI) warned in April 2022. “They’re filling out the IC3 form and never hearing back.

Scams 304

Scams Cryptocurrency Marketing Internet 304

Krebs on Security

APRIL 22, 2024

million bribe to ignore the activities of a prolific Russian cybercrime group that hacked thousands of e-commerce websites. The protection scheme was exposed in 2022 when Russian authorities arrested six members of the group, which sold millions of stolen payment cards at flashy online shops like Trump’s Dumps.

Cybercrime 246

Cybercrime Hacking Software Web Fraud 246

Krebs on Security

MARCH 22, 2023

In November 2022, researchers at Google’s Project Zero warned about active attacks on Samsung mobile phones which chained together three security vulnerabilities that Samsung patched in March 2021, and which would have allowed an app to add or read any files on the device.

Malware 263

Malware eCommerce Mobile Media 263