Security Affairs

NOVEMBER 21, 2024

Justice Department charged five suspects linked to the Scattered Spider cybercrime gang with wire fraud conspiracy. Justice Department charged five alleged members of the cybercrime gang Scattered Spider (also known as UNC3944 , 0ktapus ) with conspiracy to commit wire fraud. ” reads the press release published by DoJ. .

Cybercrime 109

Cybercrime Identity Theft Cryptocurrency Phishing 109

Krebs on Security

JANUARY 7, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. The phishers also abused legitimate Google services to send Tony an email from google.com, and to send a Google account recovery prompt to all of his signed-in devices.

Phishing 350

Phishing Cryptocurrency Accountability Social Engineering 350

Security Affairs

JUNE 11, 2025

After the operation, the authorities alerted over 216,000 victims to help them quickly secure their accounts and prevent further unauthorized access. ” As part of Operation Secure, Vietnamese police arrested 18 suspects and seized cash, SIMs, and documents tied to a scheme selling corporate accounts. .

Cybercrime 109

Cybercrime Data collection Scams Cyber threats 109

SecureWorld News

DECEMBER 3, 2024

In a surprising move related to international cybercrime, Russian authorities have charged Mikhail Matveev, also known as "Wazawaka," with creating ransomware to extort commercial organizations, according to Russian media outlet RIA. Despite U.S.

Cybercrime 104

Cybercrime Ransomware Healthcare Cryptocurrency 104

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. The email address used for those accounts was f.grimpe@gmail.com. “Finndev.” ” Image: Ke-la.com.

eCommerce 237

eCommerce Cybercrime Accountability Hacking 237

Krebs on Security

DECEMBER 4, 2024

Matveev’s hacker identities were remarkably open and talkative on numerous cybercrime forums. image: x.com/vxunderground The golden rule of cybercrime in Russia has always been that as long as you never hack, extort or steal from Russian citizens or companies, you have little to fear of arrest. “Mother Russia will help you.

Cybercrime 266

Cybercrime Ransomware Cryptocurrency Government 266

Malwarebytes

JANUARY 15, 2025

Table of contents Overview Criminals impersonate Google Ads Lures hosted on Google Sites Phishing for Google account credentials Victimology Who is behind these campaigns? The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to fake login pages.

Advertising 127

Advertising Accountability Phishing Scams 127

Security Affairs

FEBRUARY 2, 2025

and Dutch authorities seized 39 domains and servers linked to the HeartSender cybercrime group based in Pakistan. A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools.

Cybercrime 108

Cybercrime Advertising Phishing Hacking 108

The Last Watchdog

MAY 15, 2025

Small businesses make up 90% of all companies worldwide and account for half of global GDP. And thanks to an explosion of inexpensive cybercrime-as-a-service offerings on the dark web, launching an attack is easier and cheaper than ever.

Small Business 113

Small Business Cybercrime Cyber Insurance Phishing 113

Krebs on Security

DECEMBER 11, 2024

A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. wtf, and PQHosting ; -sites selling aged email, financial, or social media accounts, such as verif[.]work

Cryptocurrency 302

Cryptocurrency Banking Cybercrime Advertising 302

Krebs on Security

NOVEMBER 19, 2024

8, a cybercriminal using the nickname “ abyss0 ” posted on the English-language cybercrime community BreachForums that they’d stolen files belonging to some of Finastra’s largest banking clients. The Telegram account that abyss0 listed in their sales thread appears to have been suspended or deleted.

Data breaches 326

Data breaches Banking Cybercrime Advertising 326

Security Affairs

NOVEMBER 24, 2024

seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016. million in revenue. million in revenue.

Cybercrime 129

Cybercrime Cryptocurrency Banking Accountability 129

Security Affairs

FEBRUARY 24, 2025

A botnet of 130,000+ devices is attacking Microsoft 365 accounts via password-spraying, bypassing MFA by exploiting basic authentication. SecurityScorecard researchers discovered a botnet of over 130,000 devices that is conducting password-spray attacks against Microsoft 365 (M365) accounts worldwide.

Passwords 119

Passwords Accountability Authentication Malware 119

Krebs on Security

NOVEMBER 21, 2024

That Joeleoli moniker registered on the cybercrime forum OGusers in 2018 with the email address joelebruh@gmail.com , which also was used to register accounts at several websites for a Joel Evans from North Carolina. Click to enlarge.

Identity Theft 284

Identity Theft Phishing Cryptocurrency Accountability 284

Krebs on Security

MAY 28, 2025

This wasnt just a scam operation – it was essentially a cybercrime university that empowered fraudsters globally, NCCIA Director Abdul Ghaffar said at a press briefing. Prior to folding their operations behind WeCodeSolutions, Shahzad and others arrested this month operated as a web hosting group calling itself The Manipulaters.

Malware 212

Malware Cybercrime Antivirus Scams 212

Krebs on Security

DECEMBER 29, 2024

Maybe it’s indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024’s most engrossing security stories were about bad things happening to bad guys. Image: Shutterstock, Dreamansions. KrebsOnSecurity.com turns 15 years old today!

Scams 254

Scams Cybercrime Cryptocurrency Social Engineering 254

SecureWorld News

JUNE 26, 2025

The suspects, all French nationals, were detained during coordinated raids conducted by the Cybercrime Brigade of the Paris Police headquarters in Hauts-de-Seine, Seine-Maritime, and Réunion. A global threat, a global response The arrests also underscore a shift in the geography of cybercrime.

Cybercrime 96

Cybercrime Identity Theft Social Engineering Data breaches 96

SecureWorld News

MAY 14, 2025

The FBI's Internet Crime Complaint Center (IC3) has released its 2024 Internet Crime Report, marking a record-breaking year in cybercrime. Upon notification, the Recovery Asset Team immediately initiated the process to freeze the fraudulent recipient bank account. The report highlights a staggering $16.6 billion in losses.

Cybercrime 80

Cybercrime Scams Cryptocurrency Internet 80

SecureWorld News

FEBRUARY 3, 2025

In a significant victory against cybercrime, U.S. Cybercrime as a service: an evolving threat As cybercriminals continue to develop more sophisticated and accessible tools, law enforcement agencies worldwide are struggling to keep pace. For every criminal group disrupted, multiple others remain active or emerge to take their place."

Phishing 113

Phishing Cybercrime Scams Authentication 113

Graham Cluley

JUNE 25, 2025

A new INTERPOL report has sounded the alarm over a dramatic increase in cybercrime across Africa, with digital crime now accounting for a significant proportional of all criminal activity across the continent. Read more in my article on the Hot for Security blog.

Cybercrime 83

Cybercrime Accountability Phishing Ransomware 83

Security Affairs

MAY 15, 2025

Kosovar citizen extradited to the US for running the cybercrime marketplace BlackDB.cc Kosovo citizen Liridon Masurica (33) of Gjilan, was extradited to the US for running the cybercrime marketplace BlackDB.cc ” The FBI led the investigation with support from the Kosovo Polices Cybercrime Investigation Directorate. .”

Cybercrime 70

Cybercrime Identity Theft Cryptocurrency Hacking 70

SecureWorld News

MARCH 27, 2025

In today's digital world, cybercrime is a threat to our private data and security. And with Americans owning an average of 24 electronic items in their homes , neglecting to dispose of these items correctly is putting individuals at significant risk of cybercrime. What is cybercrime? It's time to change it.

Cybercrime 80

Cybercrime Computers and Electronics Firewall Hacking 80

Krebs on Security

APRIL 30, 2025

A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. Tyler Buchanan, being escorted by Spanish police at the airport in Palma de Mallorca in June 2024. ” U.S.

Identity Theft 211

Identity Theft Phishing Cryptocurrency Cybercrime 211

Krebs on Security

FEBRUARY 26, 2025

At the end of 2023, malicious hackers learned that many companies had uploaded sensitive customer records to accounts at the cloud data storage service Snowflake that were protected with little more than a username and password (no multi-factor authentication needed).

Hacking 281

Hacking Government Identity Theft Accountability 281

The Last Watchdog

FEBRUARY 4, 2025

Identity security vendors have focused narrowly on securing corporate accounts, leaving organizations vulnerable to cybercriminals exploiting the broader identity exposures of employees, consumers, and suppliers. A shift to an identity-centric perspective is needed, particularly as the scope of identity exposures continues to grow. .

Cybercrime 124

Cybercrime Phishing Accountability Malware 124

SecureWorld News

NOVEMBER 22, 2024

The United States Department of Justice (DOJ) has unsealed charges against five individuals accused of orchestrating sophisticated phishing campaigns tied to the notorious Scattered Spider cybercrime group. These types of fraudulent solicitations are ubiquitous and rob American victims of their hard-earned money with the click of a mouse.

Phishing 108

Phishing Identity Theft Cryptocurrency Cybercrime 108

Security Affairs

APRIL 7, 2025

A 20-year-old man linked to the Scattered Spider cybercrime group has pleaded guilty to charges filed in Florida and California. ” Source News4Jax The charges relate to his alleged role in the Scattered Spider cybercrime group (also known as UNC3944 , 0ktapus ). .” ” reported News4Jax.

Cybercrime 65

Cybercrime Identity Theft Social Engineering Hacking 65

eSecurity Planet

JULY 14, 2025

Airlines become top targets Airlines are now a prime focus for cybercrime groups. According to TechRepublic, the FBI said these hackers have been “convincing help desk staff to bypass multi-factor authentication (MFA) protections by registering rogue MFA devices on compromised accounts.”

Insurance 92

Insurance Identity Theft Authentication Artificial Intelligence 92

Security Affairs

MARCH 1, 2025

These individuals are members of a global cybercrime ring tracked as Storm-2139 by Microsoft. The defendants used exposed customer credentials scraped from public sources to unlawfully access accounts with certain generative AI services. The case demonstrates legal actions power in dismantling cybercrime networks.

Cybercrime 76

Cybercrime Technology Hacking Accountability 76

Security Affairs

JUNE 26, 2025

seeking extradition for cybercrimes. Investigators linked crypto payments to accounts tied to West and matched IPs used by both West and IntelBroker. The case is led by the Complex Frauds and Cybercrime Unit, with prosecution by Assistant U.S. Kai West (25), a British national, has been charged in the U.S. Attorney Ryan B.

Cybercrime 89

Cybercrime Hacking Healthcare Accountability 89

Malwarebytes

OCTOBER 15, 2024

Unlike any other season in America, election season might bring the highest volume of advertisements sent directly to people’s homes, phones, and email accounts—and the accuracy and speed at which they come can feel invasive. The reasons could be obvious. When asked who , specifically, they were worried about, 73% said cybercriminals.

Scams 134

Scams Identity Theft Cybercrime Accountability 134

Security Affairs

OCTOBER 29, 2024

Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication. Use a password manager : Simplifies managing strong, unique passwords across accounts. Monitor financial accounts : Check bank statements and report any suspicious transactions promptly.

Identity Theft 124

Identity Theft Malware Passwords Banking 124

Security Affairs

OCTOBER 28, 2024

Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. The seller listed two databases for sale one containing 19,192,948 customer accounts and another including 5.11 million IBAN details. ” wrote the cyber evangelist SaxX.

Cyber Attacks 124

Cyber Attacks Telecommunications Data breaches Banking 124

Krebs on Security

APRIL 10, 2025

But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime infrastructure and support staff. Until recently, the so-called “ Smishing Triad ” mainly impersonated toll road operators and shipping companies. Image: Prodaft.

Banking 269

Banking Phishing Mobile Retail 269

Krebs on Security

JULY 17, 2025

“We are confident, based on our records, this test account was not accessed by any third party other than the security researchers,” the company wrote in a July 9 blog post. developer was stolen by a malware strain known as “ Nexus Stealer ,” a form grabber and password stealer that is sold on cybercrime forums.

Passwords 234

Passwords Authentication Malware Accountability 234

Krebs on Security

NOVEMBER 14, 2024

Shefel claims the true mastermind behind the Target and other retail breaches was Dmitri Golubov , an infamous Ukrainian hacker known as the co-founder of Carderplanet, among the earliest Russian-language cybercrime forums focused on payment card fraud. “I’m also godfather of his second son.” “Hi, how are you?”

Advertising 294

Advertising Retail Cryptocurrency Cybercrime 294

eSecurity Planet

FEBRUARY 10, 2025

Since early 2022, there has been a 49 percent rise in phishing attempts capable of evading filters, with AI-generated threats accounting for nearly 5 percent of these attacks. This surge highlights a broader trend toward automation in cybercrime and signals that no email platform is immune.

Phishing 113

Phishing Artificial Intelligence Password Management Accountability 113