2024, Passwords and Web Fraud - Cyber Security Informer

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

This domain was featured in a writeup from February 2024 by the security firm Lookout , which found it was one of dozens being used by a prolific and audacious voice phishing group it dubbed “ Crypto Chameleon.” “Yeah, that’s definitely not me trying to reset my password.”

Phishing

Phishing Cryptocurrency Accountability Social Engineering

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Krebs on Security

MAY 29, 2025

“Americans lose billions of dollars annually to these cyber scams, with revenues generated from these crimes rising to record levels in 2024,” reads a statement from the U.S. In May 2024, KrebsOnSecurity published a deep dive on Stark Industries Solutions that found much of the malicious traffic traversing Starks network (e.g.

Scams

Scams Internet Internet Cybercrime

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

Booking.com said it now requires 2FA , which forces partners to provide a one-time passcode from a mobile authentication app (Pulse) in addition to a username and password. .” The phony booking.com website generated by visiting the link in the text message.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

How to Lose a Fortune with Just One Bad Click

Krebs on Security

DECEMBER 18, 2024

On the evening of May 15, 2024, Tony was putting his three- and one-year-old boys to bed when he received a message from Google about an account security issue, followed by a phone call from a “Daniel Alexander” at Google who said his account was compromised by hackers. Nevertheless, Soundcloud removed the audio file.

Cryptocurrency

Cryptocurrency Accountability Authentication Phishing

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

.” In a SIM-swapping attack, crooks transfer the target’s phone number to a device they control and intercept any text messages or phone calls sent to the victim — including one-time passcodes for authentication, or password reset links sent via SMS. In January 2024, U.S.

Hacking

Hacking Cybercrime Phishing Passwords

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication. According to an Aug.

Social Engineering

Social Engineering Mobile Cybercrime Passwords

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. 14, 2024, KrebsOnSecurity heard from the same bluebtcus@gmail.com address, apropos of nothing. Why you destroy our lifes? Please remove it.”

Phishing

Phishing Cybercrime Malware Advertising

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

In keeping with the overall theme, these phishing domains appear focused on stealing usernames and passwords to some of the cybercrime underground’s busiest shops, including Brian’s Club. Among those is rustraitor[.]info An archive.org copy of Rustraitor. What do all the phished sites have in common?

Phishing

Phishing Cryptocurrency DDOS Internet

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

Unfortunately for us, Doug freaked out after deciding he’d been tricked — backing up his important documents, changing his passwords, and then reinstalling macOS on his computer. While this a perfectly sane response, it means we don’t have the actual malware that was pushed to his Mac by the script.

Malware

Malware Cryptocurrency Software Phishing

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

One account of the hack came from a 17-year-old in the United Kingdom, who told reporters the intrusion began when one of the English-speaking hackers phoned a tech support person at MGM and tricked them into resetting the password for an employee account. Others sell the explicit CSAM content produced by extortion on the dark web.”

Cybercrime

Cybercrime Accountability Mobile Hacking

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

The complaint against Iza says the FBI interviewed Woody in Manilla where he is currently incarcerated, and learned that Iza has been harassing him about passwords that would unlock access to cryptocurrencies. Au was featured on the July 2024 cover of “Womenpreneur Middle East.” Meanwhile, the U.K.

Cryptocurrency

Cryptocurrency Government Internet Internet

Lamborghini Carjackers Lured by $243M Cyberheist

Krebs on Security

OCTOBER 9, 2024

25, 2024 in Danbury, Ct., ” A November 2022 story at patch.com quoted Veer Chetal (class of 2024) crediting the Harvard program with his decision to pursue a career in law. From there, the attacker can intercept any password reset links, and any one-time passcodes sent via SMS or automated voice calls. Image: ABC7NY.

Cryptocurrency

Cryptocurrency Social Engineering Accountability Mobile

Infrastructure Laundering: Blending in with the Cloud

Krebs on Security

JANUARY 30, 2025

In October 2024, the security firm Silent Push published a lengthy analysis of how Amazon AWS and Microsoft Azure were providing services to Funnull, a two-year-old Chinese content delivery network that hosts a wide variety of fake trading apps, pig butchering scams , gambling websites, and retail phishing pages. based cloud providers.

Accountability

Accountability Scams Passwords Data collection

Cyber Security Informer

A Day in the Life of a Prolific Voice Phishing Crew

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Trending Sources

Booking.com Phishers May Leave You With Reservations

How to Lose a Fortune with Just One Bad Click

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Calendar Meeting Links Used to Spread Mac Malware

The Dark Nexus Between Harm Groups and ‘The Com’

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Lamborghini Carjackers Lured by $243M Cyberheist

Infrastructure Laundering: Blending in with the Cloud

Stay Connected