Krebs on Security

NOVEMBER 19, 2024

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. The Telegram account that abyss0 listed in their sales thread appears to have been suspended or deleted. ” On Nov. abyss0’s Nov.

Data breaches 329

Data breaches Banking Cybercrime Advertising 329

Krebs on Security

JANUARY 7, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. The phishers also abused legitimate Google services to send Tony an email from google.com, and to send a Google account recovery prompt to all of his signed-in devices.

Phishing 352

Phishing Cryptocurrency Accountability Social Engineering 352

Krebs on Security

DECEMBER 4, 2024

government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Matveev’s hacker identities were remarkably open and talkative on numerous cybercrime forums. An FBI wanted poster for Matveev. government’s “Wanted” poster for him.

Cybercrime 269

Cybercrime Ransomware Cryptocurrency Government 269

Krebs on Security

JULY 24, 2025

KrebsOnSecurity recently heard from a reader whose boss’s email account got phished and was used to trick one of the company’s customers into sending a large payment to scammers. JUSTY JOHN DomainTools shows that some of the early domains registered to roomservice801@gmail.com in 2016 include other useful information.

Scams 235

Scams Phishing Cybercrime Accountability 235

Security Affairs

NOVEMBER 24, 2024

seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016. million in revenue. million in revenue.

Cybercrime 135

Cybercrime Cryptocurrency Banking Accountability 135

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. The email address used for those accounts was f.grimpe@gmail.com. “Finndev.” ” Image: Ke-la.com.

eCommerce 241

eCommerce Cybercrime Accountability Hacking 241

SecureWorld News

DECEMBER 3, 2024

In a surprising move related to international cybercrime, Russian authorities have charged Mikhail Matveev, also known as "Wazawaka," with creating ransomware to extort commercial organizations, according to Russian media outlet RIA. law enforcement for years , with the FBI offering a $10 million reward for information leading to his arrest.

Cybercrime 104

Cybercrime Ransomware Healthcare Cryptocurrency 104

Security Affairs

FEBRUARY 2, 2025

and Dutch authorities seized 39 domains and servers linked to the HeartSender cybercrime group based in Pakistan. A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools.

Cybercrime 113

Cybercrime Advertising Phishing Hacking 113

Malwarebytes

JANUARY 15, 2025

Table of contents Overview Criminals impersonate Google Ads Lures hosted on Google Sites Phishing for Google account credentials Victimology Who is behind these campaigns? The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to fake login pages.

Advertising 130

Advertising Accountability Phishing Scams 130

Krebs on Security

DECEMBER 29, 2024

Maybe it’s indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024’s most engrossing security stories were about bad things happening to bad guys. Image: Shutterstock, Dreamansions. KrebsOnSecurity.com turns 15 years old today!

Scams 256

Scams Cybercrime Cryptocurrency Social Engineering 256

Krebs on Security

NOVEMBER 21, 2024

That Joeleoli moniker registered on the cybercrime forum OGusers in 2018 with the email address joelebruh@gmail.com , which also was used to register accounts at several websites for a Joel Evans from North Carolina. Click to enlarge.

Identity Theft 287

Identity Theft Phishing Cryptocurrency Accountability 287

Security Affairs

FEBRUARY 24, 2025

A botnet of 130,000+ devices is attacking Microsoft 365 accounts via password-spraying, bypassing MFA by exploiting basic authentication. SecurityScorecard researchers discovered a botnet of over 130,000 devices that is conducting password-spray attacks against Microsoft 365 (M365) accounts worldwide.

Passwords 126

Passwords Accountability Authentication Malware 126

Krebs on Security

MAY 28, 2025

This wasnt just a scam operation – it was essentially a cybercrime university that empowered fraudsters globally, NCCIA Director Abdul Ghaffar said at a press briefing. Prior to folding their operations behind WeCodeSolutions, Shahzad and others arrested this month operated as a web hosting group calling itself The Manipulaters.

Malware 215

Malware Cybercrime Antivirus Scams 215

Krebs on Security

FEBRUARY 26, 2025

At the end of 2023, malicious hackers learned that many companies had uploaded sensitive customer records to accounts at the cloud data storage service Snowflake that were protected with little more than a username and password (no multi-factor authentication needed). AT&T reportedly paid a hacker $370,000 to delete stolen phone records.

Hacking 285

Hacking Government Identity Theft Accountability 285

SecureWorld News

MAY 14, 2025

The FBI's Internet Crime Complaint Center (IC3) has released its 2024 Internet Crime Report, marking a record-breaking year in cybercrime. This year marks the 25th anniversary of the FBI's Internet Crime Complaint Center, which allows the public to report cyber-enabled crime and is a key source for information on scams and cyber threats.

Cybercrime 83

Cybercrime Scams Cryptocurrency Internet 83

Security Affairs

MAY 15, 2025

Kosovar citizen extradited to the US for running the cybercrime marketplace BlackDB.cc Kosovo citizen Liridon Masurica (33) of Gjilan, was extradited to the US for running the cybercrime marketplace BlackDB.cc ” The FBI led the investigation with support from the Kosovo Polices Cybercrime Investigation Directorate. .”

Cybercrime 76

Cybercrime Identity Theft Cryptocurrency Hacking 76

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. Free S.A.S. million mobile and fixed subscribers.

Cyber Attacks 131

Cyber Attacks Telecommunications Data breaches Banking 131

Malwarebytes

OCTOBER 15, 2024

Broadly, Malwarebytes found that: 74% of people “consider US election season a risky time for personal information.” Distrust in political ads is broad—62% said they “disagree” or “strongly disagree” that the information they receive in US election-related ads is trustworthy. The reasons could be obvious.

Scams 136

Scams Identity Theft Cybercrime Accountability 136

SecureWorld News

MARCH 27, 2025

In today's digital world, cybercrime is a threat to our private data and security. And with Americans owning an average of 24 electronic items in their homes , neglecting to dispose of these items correctly is putting individuals at significant risk of cybercrime. What is cybercrime?

Cybercrime 83

Cybercrime Computers and Electronics Firewall Hacking 83

SecureWorld News

NOVEMBER 22, 2024

The United States Department of Justice (DOJ) has unsealed charges against five individuals accused of orchestrating sophisticated phishing campaigns tied to the notorious Scattered Spider cybercrime group. As this case shows, phishing and hacking has become increasingly sophisticated and can result in enormous losses.

Phishing 108

Phishing Identity Theft Cryptocurrency Cybercrime 108

Krebs on Security

JULY 17, 2025

acknowledged the researchers’ findings but said the company’s other client instances were not affected, and that no sensitive information — such as Social Security numbers — was exposed. “It had not been logged into since 2019 and frankly, should have been decommissioned. The password data from the Paradox.ai

Passwords 241

Passwords Authentication Malware Accountability 241

Krebs on Security

APRIL 30, 2025

A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. Tyler Buchanan, being escorted by Spanish police at the airport in Palma de Mallorca in June 2024. ” U.S.

Identity Theft 214

Identity Theft Phishing Cryptocurrency Cybercrime 214

eSecurity Planet

JULY 14, 2025

Airlines become top targets Airlines are now a prime focus for cybercrime groups. According to TechRepublic, the FBI said these hackers have been “convincing help desk staff to bypass multi-factor authentication (MFA) protections by registering rogue MFA devices on compromised accounts.”

Insurance 96

Insurance Identity Theft Authentication Artificial Intelligence 96

The Last Watchdog

FEBRUARY 4, 2025

Identity security vendors have focused narrowly on securing corporate accounts, leaving organizations vulnerable to cybercriminals exploiting the broader identity exposures of employees, consumers, and suppliers. A shift to an identity-centric perspective is needed, particularly as the scope of identity exposures continues to grow. .

Cybercrime 124

Cybercrime Phishing Accountability Malware 124

Security Affairs

OCTOBER 29, 2024

“Through Eurojust, authorities were able to quickly exchange information and coordinate actions to take down the infostealers.” Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication. payment info) may have been compromised.

Identity Theft 130

Identity Theft Malware Passwords Banking 130

Security Affairs

MARCH 1, 2025

These individuals are members of a global cybercrime ring tracked as Storm-2139 by Microsoft. The defendants used exposed customer credentials scraped from public sources to unlawfully access accounts with certain generative AI services. The case demonstrates legal actions power in dismantling cybercrime networks.

Cybercrime 82

Cybercrime Technology Hacking Accountability 82

Security Affairs

JANUARY 11, 2025

. “On November 20, 2024, we were notified by a vendor of point-of-sale processing services for some of our retail locations that accounts with their organization had been compromised by an organized cybercrime group.” The exposed information varies for each individual case.

Data breaches 117

Data breaches Retail Cybercrime Government 117

SecureWorld News

JUNE 26, 2025

The suspects, all French nationals, were detained during coordinated raids conducted by the Cybercrime Brigade of the Paris Police headquarters in Hauts-de-Seine, Seine-Maritime, and Réunion. A global threat, a global response The arrests also underscore a shift in the geography of cybercrime.

Cybercrime 97

Cybercrime Identity Theft Social Engineering Data breaches 97

Security Affairs

APRIL 7, 2025

A 20-year-old man linked to the Scattered Spider cybercrime group has pleaded guilty to charges filed in Florida and California. ” Source News4Jax The charges relate to his alleged role in the Scattered Spider cybercrime group (also known as UNC3944 , 0ktapus ). .” ” reported News4Jax.

Cybercrime 71

Cybercrime Identity Theft Social Engineering Hacking 71

Krebs on Security

APRIL 10, 2025

But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime infrastructure and support staff. Those who click the promoted link are brought to a website that spoofs the USPS or a local toll road operator and asks for payment card information.

Banking 272

Banking Phishing Mobile Retail 272

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.

Advertising 297

Advertising Retail Cryptocurrency Cybercrime 297

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. billion yen Typically, attackers hijack victim accounts, sell held stocks, and use the proceeds to buy assets like Chinese stocks, which remain in the account post-attack.

Financial Services 124

Financial Services Passwords Antivirus Accountability 124

Security Affairs

DECEMBER 7, 2024

The 8Base ransomware group attacked Croatia’s Port of Rijeka, stealing sensitive data, including contracts and accounting info. The ransomware gang claims to have stolen sensitive data including accounting info and contracts. The Port of Rijeka (Luka Rijeka d.d.),

Ransomware 129

Ransomware Hacking Accountability Cyber Attacks 129

Troy Hunt

FEBRUARY 25, 2025

This is just one of many channels involved in cybercrime, but it's noteworthy due to the huge amount of freely accessible data. It's those credentials that are then sold in the stealer logs and later used to access the victim's accounts, which is the second exploitation. You get the idea.

Passwords 418

Passwords Accountability VPN Malware 418

Security Affairs

MARCH 28, 2025

“Three Saratov residents are suspected of fraud and unauthorized access to computer information. Once a device was infected, the perpetrators could use SMS banking services to transfer money from victims’ bank cards to mobile operator accounts and electronic wallets under their control.”

Banking 120

Banking Computers and Electronics Mobile Malware 120

Security Affairs

DECEMBER 8, 2024

The investigation aimed to determine the extent of the activity, and whether individual personal information, if any, may have been accessed or acquired by an unauthorized third party. As part of the investigation, we engaged leading third-party cybersecurity experts experienced in handling these types of incidents.

Data breaches 121

Data breaches Insurance Healthcare Ransomware 121

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches 123

Data breaches Cybercrime Cyber Insurance Marketing 123