Krebs on Security

AUGUST 7, 2024

A partial selfie posted by Puchmade Dev to his Twitter account. In January, KrebsOnSecurity wrote about rapper Punchmade Dev , whose music videos sing the praises of a cybercrime lifestyle. That story showed how Punchmade’s social media profiles promoted Punchmade-themed online stores selling bank account and payment card data.

Banking 307

Banking Cybercrime Accountability Retail 307

Krebs on Security

FEBRUARY 7, 2024

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. Launched in 2001 under the tagline “Network terrorism,” Mazafaka would evolve into one of the most guarded Russian-language cybercrime communities. The Facebook account for Aleksey Safronov. A “Djamix” account on the forum privetsochi[.]ru

Cybercrime 329

Cybercrime Accountability Identity Theft Hacking 329

Krebs on Security

DECEMBER 19, 2024

Silent Push said Araneida is being advertised by an eponymous user on multiple cybercrime forums. Araneida Scanner’s Telegram channel bragging about how customers are using the service for cybercrime. The service’s Telegram channel boasts nearly 500 subscribers and explains how to use the tool for malicious purposes.

Hacking 249

Hacking Cybercrime Advertising Data breaches 249

Security Affairs

FEBRUARY 2, 2025

and Dutch authorities seized 39 domains and servers linked to the HeartSender cybercrime group based in Pakistan. A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools.

Cybercrime 110

Cybercrime Advertising Phishing Hacking 110

Krebs on Security

JANUARY 7, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. The phishers also abused legitimate Google services to send Tony an email from google.com, and to send a Google account recovery prompt to all of his signed-in devices.

Phishing 338

Phishing Cryptocurrency Accountability Social Engineering 338

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. The email address used for those accounts was f.grimpe@gmail.com. “Finndev.” ” Image: Ke-la.com.

eCommerce 218

eCommerce Cybercrime Accountability Hacking 218

SecureWorld News

DECEMBER 3, 2024

In a surprising move related to international cybercrime, Russian authorities have charged Mikhail Matveev, also known as "Wazawaka," with creating ransomware to extort commercial organizations, according to Russian media outlet RIA. Despite U.S.

Cybercrime 103

Cybercrime Ransomware Healthcare Cryptocurrency 103

Malwarebytes

JANUARY 15, 2025

Table of contents Overview Criminals impersonate Google Ads Lures hosted on Google Sites Phishing for Google account credentials Victimology Who is behind these campaigns? The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to fake login pages.

Advertising 133

Advertising Accountability Phishing Scams 133

The Last Watchdog

MAY 15, 2025

Small businesses make up 90% of all companies worldwide and account for half of global GDP. And thanks to an explosion of inexpensive cybercrime-as-a-service offerings on the dark web, launching an attack is easier and cheaper than ever.

Small Business 113

Small Business Cybercrime Cyber Insurance Phishing 113

Graham Cluley

JUNE 25, 2025

A new INTERPOL report has sounded the alarm over a dramatic increase in cybercrime across Africa, with digital crime now accounting for a significant proportional of all criminal activity across the continent. Read more in my article on the Hot for Security blog.

73

73

Krebs on Security

DECEMBER 11, 2024

A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. wtf, and PQHosting ; -sites selling aged email, financial, or social media accounts, such as verif[.]work

Cryptocurrency 288

Cryptocurrency Banking Cybercrime Advertising 288

Krebs on Security

MAY 28, 2025

This wasnt just a scam operation – it was essentially a cybercrime university that empowered fraudsters globally, NCCIA Director Abdul Ghaffar said at a press briefing. Prior to folding their operations behind WeCodeSolutions, Shahzad and others arrested this month operated as a web hosting group calling itself The Manipulaters.

Malware 196

Malware Cybercrime Antivirus Scams 196

Krebs on Security

JANUARY 19, 2023

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. In a filing with federal regulators, T-Mobile said an investigation determined that someone abused its systems to harvest subscriber data tied to approximately 37 million current customer accounts.

Mobile 339

Mobile Accountability Data breaches Identity Theft 339

Krebs on Security

DECEMBER 4, 2024

Matveev’s hacker identities were remarkably open and talkative on numerous cybercrime forums. image: x.com/vxunderground The golden rule of cybercrime in Russia has always been that as long as you never hack, extort or steal from Russian citizens or companies, you have little to fear of arrest. “Mother Russia will help you.

Cybercrime 251

Cybercrime Ransomware Cryptocurrency Government 251

Security Affairs

FEBRUARY 24, 2025

A botnet of 130,000+ devices is attacking Microsoft 365 accounts via password-spraying, bypassing MFA by exploiting basic authentication. SecurityScorecard researchers discovered a botnet of over 130,000 devices that is conducting password-spray attacks against Microsoft 365 (M365) accounts worldwide.

Passwords 121

Passwords Accountability Authentication Malware 121

Krebs on Security

NOVEMBER 19, 2024

8, a cybercriminal using the nickname “ abyss0 ” posted on the English-language cybercrime community BreachForums that they’d stolen files belonging to some of Finastra’s largest banking clients. The Telegram account that abyss0 listed in their sales thread appears to have been suspended or deleted.

Data breaches 308

Data breaches Banking Cybercrime Advertising 308

Security Affairs

NOVEMBER 24, 2024

seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016. million in revenue. million in revenue.

Cybercrime 131

Cybercrime Cryptocurrency Banking Accountability 131

Krebs on Security

JANUARY 21, 2022

Criminals ripping off other crooks is a constant theme in the cybercrime underworld; Accountz Club’s slogan — “the best autoshop for your favorite shops’ accounts” — just normalizes this activity by making logins stolen from users of various cybercrime shops for sale at a fraction of their account balances.

Hacking 351

Hacking Cybercrime Authentication Passwords 351

Krebs on Security

JUNE 6, 2023

One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to constantly create large numbers of new throwaway email accounts. The service in question — kopeechka[.]store ” “Are you working on large volumes and are costs constantly growing? The service in question — kopeechka[.]store

Accountability 262

Accountability Scams Cryptocurrency Advertising 262

Security Affairs

MAY 15, 2025

Kosovar citizen extradited to the US for running the cybercrime marketplace BlackDB.cc Kosovo citizen Liridon Masurica (33) of Gjilan, was extradited to the US for running the cybercrime marketplace BlackDB.cc ” The FBI led the investigation with support from the Kosovo Polices Cybercrime Investigation Directorate. .”

Cybercrime 72

Cybercrime Identity Theft Cryptocurrency Hacking 72

Krebs on Security

NOVEMBER 21, 2024

That Joeleoli moniker registered on the cybercrime forum OGusers in 2018 with the email address joelebruh@gmail.com , which also was used to register accounts at several websites for a Joel Evans from North Carolina. Click to enlarge.

Identity Theft 268

Identity Theft Phishing Cryptocurrency Accountability 268

Krebs on Security

DECEMBER 29, 2024

Maybe it’s indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024’s most engrossing security stories were about bad things happening to bad guys. Image: Shutterstock, Dreamansions. KrebsOnSecurity.com turns 15 years old today!

Scams 241

Scams Cybercrime Cryptocurrency Social Engineering 241

Krebs on Security

APRIL 30, 2025

A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. Tyler Buchanan, being escorted by Spanish police at the airport in Palma de Mallorca in June 2024. ” U.S.

Identity Theft 195

Identity Theft Phishing Cryptocurrency Cybercrime 195

SecureWorld News

FEBRUARY 3, 2025

In a significant victory against cybercrime, U.S. Cybercrime as a service: an evolving threat As cybercriminals continue to develop more sophisticated and accessible tools, law enforcement agencies worldwide are struggling to keep pace. For every criminal group disrupted, multiple others remain active or emerge to take their place."

Phishing 111

Phishing Cybercrime Scams Authentication 111

Security Affairs

MARCH 1, 2025

These individuals are members of a global cybercrime ring tracked as Storm-2139 by Microsoft. The defendants used exposed customer credentials scraped from public sources to unlawfully access accounts with certain generative AI services. The case demonstrates legal actions power in dismantling cybercrime networks.

Cybercrime 78

Cybercrime Technology Hacking Accountability 78

Security Affairs

APRIL 7, 2025

A 20-year-old man linked to the Scattered Spider cybercrime group has pleaded guilty to charges filed in Florida and California. ” Source News4Jax The charges relate to his alleged role in the Scattered Spider cybercrime group (also known as UNC3944 , 0ktapus ). .” ” reported News4Jax.

Cybercrime 67

Cybercrime Identity Theft Social Engineering Hacking 67

The Last Watchdog

FEBRUARY 4, 2025

Identity security vendors have focused narrowly on securing corporate accounts, leaving organizations vulnerable to cybercriminals exploiting the broader identity exposures of employees, consumers, and suppliers. A shift to an identity-centric perspective is needed, particularly as the scope of identity exposures continues to grow. .

Cybercrime 124

Cybercrime Phishing Accountability Malware 124

Krebs on Security

FEBRUARY 26, 2025

At the end of 2023, malicious hackers learned that many companies had uploaded sensitive customer records to accounts at the cloud data storage service Snowflake that were protected with little more than a username and password (no multi-factor authentication needed).

Hacking 259

Hacking Government Identity Theft Accountability 259

SecureWorld News

MARCH 27, 2025

In today's digital world, cybercrime is a threat to our private data and security. And with Americans owning an average of 24 electronic items in their homes , neglecting to dispose of these items correctly is putting individuals at significant risk of cybercrime. What is cybercrime? It's time to change it.

Cybercrime 70

Cybercrime Computers and Electronics Firewall Hacking 70

SecureWorld News

MAY 14, 2025

The FBI's Internet Crime Complaint Center (IC3) has released its 2024 Internet Crime Report, marking a record-breaking year in cybercrime. Upon notification, the Recovery Asset Team immediately initiated the process to freeze the fraudulent recipient bank account. The report highlights a staggering $16.6 billion in losses.

Cybercrime 70

Cybercrime Scams Cryptocurrency Internet 70

Security Boulevard

JANUARY 28, 2025

FunkSec, a newly identified group combining hacktivism and cybercrime, accounted for over 100 attacks (18% of the total), making it the most active group that month, ahead of Cl0p, Akira and RansomHub. Ransomware attacks surged to a record high in December 2024, with 574 incidents reported, according to an NCC Group report.

Ransomware 118

Ransomware Cybercrime Accountability Cybersecurity 118

Krebs on Security

SEPTEMBER 13, 2023

The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold. In a post on the English language cybercrime forum BreachForums , USDoD leaked information on roughly 3,200 Airbus vendors, including names, addresses, phone numbers, and email addresses. But on Sept. But on Sept.

Cybercrime 344

Cybercrime Passwords Authentication Malware 344

Krebs on Security

NOVEMBER 14, 2024

Shefel claims the true mastermind behind the Target and other retail breaches was Dmitri Golubov , an infamous Ukrainian hacker known as the co-founder of Carderplanet, among the earliest Russian-language cybercrime forums focused on payment card fraud. “I’m also godfather of his second son.” “Hi, how are you?”

Advertising 274

Advertising Retail Cryptocurrency Cybercrime 274

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. According to the U.S. Image: USDOJ.

Malware 341

Malware Identity Theft Cybercrime Accountability 341

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Department of Defense. USDoD’s InfraGard sales thread on Breached.

Hacking 363

Hacking Cybercrime Energy and Utilities Accountability 363

Security Affairs

OCTOBER 28, 2024

Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. The seller listed two databases for sale one containing 19,192,948 customer accounts and another including 5.11 million IBAN details. ” wrote the cyber evangelist SaxX.

Cyber Attacks 126

Cyber Attacks Telecommunications Data breaches Banking 126

Security Affairs

OCTOBER 29, 2024

Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication. Use a password manager : Simplifies managing strong, unique passwords across accounts. Monitor financial accounts : Check bank statements and report any suspicious transactions promptly.

Identity Theft 126

Identity Theft Malware Passwords Banking 126