2023, Internet and Web Fraud - Cyber Security Informer

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Krebs on Security

OCTOBER 17, 2024

Image: FBI Active since at least January 2023, AnonSudan has been described in media reports as a “hacktivist” group motivated by ideological causes. companies, causing a multi-day outage for Microsoft’s cloud services in June 2023. 2023), and OpenAI (Nov. 7, 2023, a wave of rockets was launched into Israel.

DDOS

DDOS Government Internet Internet

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Krebs on Security

MAY 29, 2025

The FBI has released a technical writeup (PDF) of the infrastructure used to manage the malicious Funnull domains between October 2023 and April 2025. A graphic from the FBI explaining how Funnull generated a slew of new domains on a regular basis and mapped them to Internet addresses on U.S. cloud providers.

Scams

Scams Internet Internet Cybercrime

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

According to the market share website statista.com , booking.com is by far the Internet’s busiest travel service, with nearly 550 million visits in September. In November 2023, the security firm SecureWorks detailed how scammers targeted booking.com hospitality partners with data-stealing malware.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

Krebs on Security

JANUARY 16, 2025

In October 2023, KrebsOnSecurity wrote about a massive uptick in SMS phishing scams targeting U.S. The FBI asks that before you bin the missives, consider filing a complaint with the agency’s Internet Crime Complaint Center (IC3), including the phone number where the text originated, and the website listed within the text.

Phishing

Phishing Scams Mobile Authentication

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

In the United States, when federal, state or local law enforcement agencies wish to obtain information about an account at a technology provider — such as the account’s email address, or what Internet addresses a specific cell phone account has used in the past — they must submit an official court-ordered warrant or subpoena.

Hacking

Hacking Accountability Government Social Engineering

How to Lose a Fortune with Just One Bad Click

Krebs on Security

DECEMBER 18, 2024

. “So, the attacker receives the invitation to fill out the form – and when they complete it, they enter their intended victim’s email address into the form, not their own,” Cluely wrote in a December 2023 post. ” The fake Google representative was polite, patient, professional and reassuring. .”

Cryptocurrency

Cryptocurrency Accountability Authentication Phishing

China-based SMS Phishing Triad Pivots to Banks

Krebs on Security

APRIL 10, 2025

The moniker “Smishing Triad” comes from Resecurity , which was among the first to report in August 2023 on the emergence of three distinct mobile phishing groups based in China that appeared to share some infrastructure and innovative phishing techniques. Image: Ford Merrill.

Phishing

Phishing Banking Mobile Retail

Using Google Search to Find Software Can Be Risky

Krebs on Security

JANUARY 25, 2024

19, 2024) of more than 200 domains at the Internet address 93.190.143[.]252 ” In February 2023, Hegel co-authored a report on this same network, which Sentinel One has dubbed MalVirt (a play on “malvertising”). How do we know freecad-us[.]org org is malicious? com , filezillasoft[.]com com , keepermanager[.]com

Software

Software Advertising Malware Accountability

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Krebs on Security

SEPTEMBER 18, 2024

The page listed the correct time and date of the funeral service, which it claimed could be streamed over the Internet by following a link that led to a page requesting credit card information. xyz , a domain registered in November 2023. xyz is currently hosted at a Bangladeshi web hosting provider named cloudswebserver[.]com

Scams

Scams DNS Internet Internet

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

Kilmer said Faceless has emerged as one of the underground’s most reliable malware-based proxy services, mainly because its proxy network has traditionally included a great many compromised “Internet of Things” devices — such as media sharing servers — that are seldom included on malware or spam block lists.

Malware

Malware Passwords Accountability Advertising

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Krebs on Security

JUNE 22, 2023

.” The written notice goes on to say UPS believes the data exposure “affected packages for a small group of shippers and some of their customers from February 1, 2022 to April 24, 2023.” “It seems likely to me that UPS is leaking information somehow about upcoming deliveries.” info , legodelivery[.]info

Phishing

Phishing Retail Mobile Scams

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

Krebs on Security

JULY 15, 2024

New York City-based Squarespace purchased roughly 10 million domain names from Google Domains in June 2023, and it has been gradually migrating those domains to its service ever since. In some cases, the attackers were able to redirect the hijacked domains to phishing sites set up to steal visitors’ cryptocurrency funds.

Accountability

Accountability Cryptocurrency Passwords DNS

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

Other Privnote phishing domains that also phoned home to the same Internet address as pirwnote[.]com com is currently selling security cameras made by the Chinese manufacturer Hikvision , via an Internet address based in Hong Kong. Searching DomainTools for domains that include both of these terms reveals pirwnote[.]com.

Phishing

Phishing Cryptocurrency DDOS Internet

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

A search in Google for a string of text from that script turns up a December 2023 blog post from cryptocurrency security firm SlowMist about phishing attacks on Telegram from North Korean state-sponsored hackers. “When the project team clicks the link, they encounter a region access restriction,” SlowMist wrote.

Malware

Malware Cryptocurrency Software Phishing

Sued by Meta, Freenom Halts Domain Registrations

Krebs on Security

MARCH 7, 2023

On March 3, 2023, social media giant Meta sued Freenom in a Northern California court, alleging cybersquatting violations and trademark infringement. In June 2015, ICANN suspended Freenom’s ability to create new domain names or initiate inbound transfers of domain names for 90 days.

Phishing

Phishing Media Internet Internet

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

stole at least $800,000 from at least five victims between August 2022 and March 2023. In February 2023, LastPass disclosed that the intrusion involved a highly complex, targeted attack against a DevOps engineer who was one of only four LastPass employees with access to the corporate vault. . Image credit: Amitai Cohen of Wiz.

Social Engineering

Social Engineering Mobile Cybercrime Passwords

Thread Hijacking: Phishes That Prey on Your Curiosity

Krebs on Security

MARCH 28, 2024

2023, the Pennsylvania news outlet LancasterOnline.com published a story about Adam Kidan , a wealthy businessman with a criminal past who is a major donor to Republican causes and candidates, including Rep. Kidan having his Microsoft Outlook account compromised and used to send malicious email to people in his contacts list.

Phishing

Phishing Scams Accountability Passwords

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

” Monahan has been documenting the crypto thefts via Twitter/X since March 2023, frequently expressing frustration in the search for a common cause among the victims. The Internet is swimming with con artists masquerading as legitimate cryptocurrency recovery experts. Then on Aug. But on Nov.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

How Phished Data Turns into Apple & Google Wallets

Krebs on Security

FEBRUARY 18, 2025

But they also offer a more cutting-edge mobile fraud technology: Merrill found that at least one of the Chinese phishing groups sells an Android app called “ ZNFC ” that can relay a valid NFC transaction to anywhere in the world. “The software can work from anywhere in the world,” Merrill said.

Phishing

Phishing Mobile Scams Banking

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Chaput said that on May 4, 2023, someone unleashed a spam torrent targeting users on these Mastodon communities via “private mentions,” a kind of direct messaging on the platform. that were created from different Internet addresses in Vienna, Austria.

Scams

Scams DDOS Cryptocurrency Accountability

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

A cyberattack that shut down two of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. POMPOMPURIN In March 2023, U.S.

Cybercrime

Cybercrime Accountability Mobile Hacking

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

All three SIM-swapping entities that were tracked for this story remain active in 2023, and they all conduct business in open channels on the instant messaging platform Telegram. Thus, the second factor cannot be phished, either over the phone or Internet.

Mobile

Mobile Phishing Authentication Advertising

Infrastructure Laundering: Blending in with the Cloud

Krebs on Security

JANUARY 30, 2025

In 2023, Suncity’s CEO was sentenced to 18 years in prison on charges of fraud, illegal gambling, and “ triad offenses,” i.e. working with Chinese transnational organized crime syndicates. cloud providers. ” A Suncity gambling site promoted via Funnull.

Accountability

Accountability Scams Passwords Data collection

Cyber Security Informer

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Trending Sources

Booking.com Phishers May Leave You With Reservations

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

FBI: Spike in Hacked Police Emails, Fake Subpoenas

How to Lose a Fortune with Just One Bad Click

China-based SMS Phishing Triad Pivots to Banks

Using Google Search to Find Software Can Be Risky

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Giving a Face to the Malware Proxy Service ‘Faceless’

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Calendar Meeting Links Used to Spread Mac Malware

Sued by Meta, Freenom Halts Domain Registrations

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Thread Hijacking: Phishes That Prey on Your Curiosity

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

How Phished Data Turns into Apple & Google Wallets

Interview With a Crypto Scam Investment Spammer

The Dark Nexus Between Harm Groups and ‘The Com’

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Infrastructure Laundering: Blending in with the Cloud

Stay Connected