2023, Passwords and Web Fraud - Cyber Security Informer

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

Booking.com said it now requires 2FA , which forces partners to provide a one-time passcode from a mobile authentication app (Pulse) in addition to a username and password. In November 2023, the security firm SecureWorks detailed how scammers targeted booking.com hospitality partners with data-stealing malware.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

Krebs on Security

JANUARY 16, 2025

Those who fall for the scam are asked to provide payment card data, and eventually will be asked to supply a one-time password sent via SMS or a mobile authentication app. In October 2023, KrebsOnSecurity wrote about a massive uptick in SMS phishing scams targeting U.S. Postal Service customers.

Phishing

Phishing Scams Mobile Authentication

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Krebs on Security

MAY 29, 2025

The FBI has released a technical writeup (PDF) of the infrastructure used to manage the malicious Funnull domains between October 2023 and April 2025. vulnerability scanning and password brute force attacks) was being bounced through U.S.-based -based cloud providers before redirecting to malicious or phishous websites.

Scams

Scams Internet Internet Cybercrime

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

.” In a SIM-swapping attack, crooks transfer the target’s phone number to a device they control and intercept any text messages or phone calls sent to the victim — including one-time passcodes for authentication, or password reset links sent via SMS. In January 2024, U.S.

Hacking

Hacking Cybercrime Phishing Passwords

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. 15, 2022, LastPass said an investigation into the August breach determined the attacker did not access any customer data or password vaults.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

How to Lose a Fortune with Just One Bad Click

Krebs on Security

DECEMBER 18, 2024

. “So, the attacker receives the invitation to fill out the form – and when they complete it, they enter their intended victim’s email address into the form, not their own,” Cluely wrote in a December 2023 post. ” The fake Google representative was polite, patient, professional and reassuring.

Cryptocurrency

Cryptocurrency Accountability Authentication Phishing

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

stole at least $800,000 from at least five victims between August 2022 and March 2023. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication. LastPass said criminal hackers had stolen encrypted copies of some password vaults, as well as other personal information.

Social Engineering

Social Engineering Mobile Cybercrime Passwords

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

Krebs on Security

JULY 15, 2024

New York City-based Squarespace purchased roughly 10 million domain names from Google Domains in June 2023, and it has been gradually migrating those domains to its service ever since. “And since there’s no password on the account, it just shoots them to the ‘create password for your new account’ flow.

Accountability

Accountability Cryptocurrency Passwords DNS

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

In January 2023, the Faceless service website said it was willing to pay for information about previously undocumented security vulnerabilities in IoT devices. The password chosen by this user was “ 1232.” relied on the passwords asus666 and 01091987h. also used the password 24587256. account at Klerk.ru).

Malware

Malware Passwords Accountability Advertising

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Krebs on Security

SEPTEMBER 18, 2024

xyz , a domain registered in November 2023. According to DomainTools.com , the organization that registered this domain is called “ apkdownloadweb ,” is based in Rajshahi, Bangladesh, and uses the DNS servers of a Web hosting company in Bangladesh called webhostbd[.]net.

Scams

Scams DNS Internet Internet

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

Unfortunately for us, Doug freaked out after deciding he’d been tricked — backing up his important documents, changing his passwords, and then reinstalling macOS on his computer. While this a perfectly sane response, it means we don’t have the actual malware that was pushed to his Mac by the script.

Malware

Malware Cryptocurrency Software Phishing

Thread Hijacking: Phishes That Prey on Your Curiosity

Krebs on Security

MARCH 28, 2024

2023, the Pennsylvania news outlet LancasterOnline.com published a story about Adam Kidan , a wealthy businessman with a criminal past who is a major donor to Republican causes and candidates, including Rep. But Sholtis said he didn’t enter his Outlook username and password.

Phishing

Phishing Scams Accountability Passwords

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

Throughout 2023, Tornote was hosted with the Russian provider DDoS-Guard , at the Internet address 186.2.163[.]216. In keeping with the overall theme, these phishing domains appear focused on stealing usernames and passwords to some of the cybercrime underground’s busiest shops, including Brian’s Club.

Phishing

Phishing Cryptocurrency DDOS Internet

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

A cyberattack that shut down two of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. POMPOMPURIN In March 2023, U.S.

Cybercrime

Cybercrime Accountability Mobile Hacking

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

Countless websites and online services use SMS text messages for both password resets and multi-factor authentication. All three SIM-swapping entities that were tracked for this story remain active in 2023, and they all conduct business in open channels on the instant messaging platform Telegram.

Mobile

Mobile Phishing Authentication Advertising

Lamborghini Carjackers Lured by $243M Cyberheist

Krebs on Security

OCTOBER 9, 2024

It remains unclear which Chetal family member acquired the 2023 Lamborghini Urus, which has a starting price of around $233,000. From there, the attacker can intercept any password reset links, and any one-time passcodes sent via SMS or automated voice calls.

Cryptocurrency

Cryptocurrency Social Engineering Accountability Mobile

Infrastructure Laundering: Blending in with the Cloud

Krebs on Security

JANUARY 30, 2025

In 2023, Suncity’s CEO was sentenced to 18 years in prison on charges of fraud, illegal gambling, and “ triad offenses,” i.e. working with Chinese transnational organized crime syndicates. vulnerability scanning and password brute force attacks) was being bounced through U.S.-based based cloud providers.

Accountability

Accountability Scams Passwords Data collection

Cyber Security Informer

Booking.com Phishers May Leave You With Reservations

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

Trending Sources

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

How to Lose a Fortune with Just One Bad Click

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks

Giving a Face to the Malware Proxy Service ‘Faceless’

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Calendar Meeting Links Used to Spread Mac Malware

Thread Hijacking: Phishes That Prey on Your Curiosity

Fake Lawsuit Threat Exposes Privnote Phishing Sites

The Dark Nexus Between Harm Groups and ‘The Com’

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Lamborghini Carjackers Lured by $243M Cyberheist

Infrastructure Laundering: Blending in with the Cloud

Stay Connected