Security Affairs

FEBRUARY 3, 2025

Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. “Targeting of Cryptocurrency Users and Influencers: Crazy Evil explicitly victimizes the cryptocurrency space with bespoke spearphishing lures.” Victim losses range from $0.10

Scams

Security Affairs

MARCH 24, 2025

” Fake file converters and download tools may perform advertised tasks but can provide resulting files containing hidden malware, giving criminals access to victims’ devices. They can also steal personal data, banking details, cryptocurrency info, emails, and passwords by scraping the files the users upload.

Malware

SecureList

DECEMBER 16, 2024

In 2024, our expert observations indicate that commercial advertising for these cryptors have indeed gained momentum. Not every data breach advertisement on the dark web is the result of a genuinely serious incident. We at Kaspersky also actively contributed to law enforcement efforts to combat cybercrime.

Marketing

SecureWorld News

FEBRUARY 14, 2025

Last year saw a 110% rise in cybercrime in the lead up to Valentine's Day. And 2025 will be no different, as increasingly sophisticated online hackers seek to take advantage of Valentine's themed email traffic, social media advertisements, or marketing campaigns, and exploit heightened emotions and a desire to connect.

Scams

Malwarebytes

FEBRUARY 19, 2025

Some info stealers dont even require an additional stepthey can take cryptocurrency directly from a victims online accounts. But in the world of cybercrime, malware features only mean so much. Another important piece of cybercrime is getting malware onto a device to begin with. They are wildly adaptable.

Malware

Security Affairs

MARCH 13, 2025

Ransom demands are posted on the site, with direct hyperlinks to Medusa affiliated cryptocurrency wallets. At this stage, Medusa concurrently advertises sale of the data to interested parties before the countdown timer ends. Victims can additionally pay $10,000 USD in cryptocurrency to add a day to the countdown timer.

Ransomware

Penetration Testing

JUNE 9, 2025

These implants exfiltrated sensitive files such as certificates and cryptocurrency keys via a custom PowerShell exfiltration script. Key tactics included: Obfuscation using ScatterBrain and ScatterBee Use of DLL hijacking DNS-over-HTTPS (DoH) for C2 communication Exploitation of vulnerable enterprise infrastructure (e.g.,

Penetration Testing

SecureWorld News

JULY 27, 2025

Wholesalers and so-called fraud shops clean and index those records, advertising credit card dumps or "fullz" (full identity packages) on dozens of multilingual darknet markets. We're facing a new era of cybercrime fueled by malware-as-a-service (MaaS), and ransomware-as-a-service (RaaS).

Phishing

Krebs on Security

NOVEMBER 5, 2024

Judische would repeat that claim in Star Chat on May 13 — the day before Santander publicly disclosed a data breach — and would periodically blurt out the names of other Snowflake victims before their data even went up for sale on the cybercrime forums. prosecutors and federal law enforcement agencies. “Negotiate a deal in Telegram.”

Cybercrime

Digital Shadows

NOVEMBER 26, 2024

The proliferation of cybercrime guides on forums and a 7% rise in insider threat content, driven by significant financial incentives, highlight the growing complexity of cybersecurity challenges. On October 18, 2024, a user on XSS advertised an “Advanced Office 365 Tutorial” for BEC.

Cyber Attacks

Security Affairs

OCTOBER 3, 2023

Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023. Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape.

Advertising

Krebs on Security

FEBRUARY 17, 2021

Secret Service and Department of Homeland Security told reporters on Wednesday the trio’s activities involved extortion, phishing, direct attacks on financial institutions and ATM networks, as well as malicious applications that masqueraded as software tools to help people manage their cryptocurrency holdings.

Cryptocurrency

Krebs on Security

MAY 14, 2021

The crime gang announced it was closing up shop after its servers were seized and someone drained the cryptocurrency from an account the group uses to pay affiliates. The new restrictions came as some Russian cybercrime forums began distancing themselves from ransomware operations altogether. ”

Ransomware

Heimadal Security

JANUARY 16, 2023

Authorities from Bulgaria, Cyprus, Germany, and Serbia, with help from Europol and Eurojust, worked together to break up a cybercrime ring that was involved in online investment fraud. The suspects used advertisements on social networks to lure victims […].

Cybercrime

Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. co showing the site did indeed swap out any cryptocurrency addresses.

Phishing

Security Affairs

JUNE 24, 2020

The CryptoCore hacker group that is believed to be operating out of Eastern Europe has stolen around $200 million from online cryptocurrency exchanges. Experts from ClearSky states that a hacker group tracked as CryptoCore, which is believed to be operating out of Eastern Europe, has stolen around $200 million from cryptocurrency exchanges.

Cryptocurrency

Security Affairs

MARCH 15, 2024

US DoJ sentenced a Moldovan national (31) to 42 months in federal prison for operating the E-Root cybercrime marketplace. Diaconu was operating the E-Root cybercrime marketplace. ” The marketplace allowed buyers to pay using cryptocurrency exchange and online payment system Perfect Money.

Cybercrime

Security Affairs

NOVEMBER 1, 2021

Operators behind the Squid Game cryptocurrency have exit scam making off with an estimated $2.1 Operators behind the Squid Game cryptocurrency have exit scam making off with an estimated $2.1 The following graph shows that the cryptocurrency peaked at a price of $2,861 before dropping to $0 around. ” reported GixModo.

Cryptocurrency

Security Affairs

MARCH 6, 2021

A suspicious wave of attacks resulted in the hack of four cybercrime forums Verified, Crdclub, Exploit, and Maza since January. Since January, a series of mysterious cyberattacks that resulted in the hack of popular Russian-language cybercrime forums. The hack of the Maza cybercrime forum was also reported by researchers at Flashpoint.

Cybercrime

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. According to Palo Alto Networks, the author of WeSteal, that goes online as “ComplexCodes,” started advertising the cryptocurrency stealer on underground forums in mid-February 2021.

Cryptocurrency

Krebs on Security

MAY 29, 2024

.” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. Cloud Router was previously called 911 S5.

VPN

Krebs on Security

DECEMBER 8, 2021

A search in DomainTools on that email address reveals multiple domains registered to a Matthew Philbert and to the Ottawa phone number 6138999251 [DomainTools is a frequent advertiser on this site]. Perhaps the earliest and most important cybercrime forum DCReavers2 frequented was Darkode , where he was among the first two-dozen members.

Cybercrime

Krebs on Security

OCTOBER 31, 2022

A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon , a popular “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. According to the U.S.

Malware

Security Affairs

FEBRUARY 24, 2020

Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. The malware is cheap compared to similar threats, it is able to steal sensitive data from about 60 applications, including (browsers, cryptocurrency wallets, email and FTP clients).

Cybercrime

Security Affairs

JANUARY 4, 2024

The X account of cybersecurity giant Mandiant was hacked, attackers used it to impersonate the Phantom crypto wallet and push a cryptocurrency scam. Crooks hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam.

Cryptocurrency

SecureWorld News

JANUARY 30, 2025

In a coordinated international effort, law enforcement agencies from the United States, Europe, and Australia have dismantled Cracked and Nulled, two of the world's largest cybercrime marketplaces. The forum had more than 4 million users and listed more than 28 million posts advertising illicit services. He is now facing U.S.

Cybercrime

Krebs on Security

JANUARY 28, 2022

“ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. On the cybercrime forum RAMP , the user Binrs says they are a Rust developer who’s been coding for 6 years. I AM DUCKERMAN.

Ransomware

Krebs on Security

JUNE 6, 2023

In May, KrebsOnSecurity interviewed a Russian spammer named “ Quotpw “ who was mass-registering accounts on the social media network Mastodon in order to conduct a series of huge spam campaigns advertising scam cryptocurrency investment platforms. com site,” the Trend researchers wrote. Image: Trend Micro.

Accountability

Security Affairs

JULY 12, 2019

BITPoint Japan-based cryptocurrency announced that hackers have stolen more than $32 million (3.5 billion yen) worth of cryptocurrency due to a cyber attack. BITPoint Japan-based cryptocurrency was victim of a cyber attack, the Remixpoint’s subsidiary announced that hackers have stolen more than $32 million (3.5

Cryptocurrency

Security Affairs

FEBRUARY 16, 2020

IOTA Foundation behind the IOTA cryptocurrency was forced to shut down its entire network following a cyber attack that resulted in the theft of funds. In response to the incident, the IOTA Foundation, the nonprofit organization behind the IOTA cryptocurrency , has decided to take down its entire network. Pierluigi Paganini.

Cryptocurrency

Heimadal Security

FEBRUARY 2, 2023

1,894 web injects (overlays of phishing windows) are for sale on Russian cybercrime forums. The threat actor that advertises them, called InTheBox, offers affordable deals and prices. How […] The post InTheBox Threat Actor Sells Over 1,800 Web Injects on Cybercrime Forums appeared first on Heimdal Security Blog.

Cybercrime

Security Affairs

JANUARY 15, 2023

An international police operation led by Europol led to the arrest of cryptocurrency scammers targeting users all over the world. “The suspects used advertisements on social networks to lure victims to websites covertly operated by the criminals, which offered seemingly exceptional investment opportunities in cryptocurrencies.”

Cryptocurrency

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. ru , which at one point advertised the sale of wooden staircases. Dmitry Yuryevich Khoroshev. Image: treasury.gov.

Cybercrime

Security Affairs

JUNE 26, 2019

million) cryptocurrency theft. million) cryptocurrency theft. The cyber criminals carried out typosquatting attacks by spoof or setting up a clone of a well-known online cryptocurrency exchange, in an attempt to trick users into providing their login credentials. SecurityAffairs – cryptocurrency theft, hacking).

Cryptocurrency

Security Affairs

SEPTEMBER 17, 2018

Palo Alto Network researchers discovered a new malware, tracked as XBash, that combines features from ransomware, cryptocurrency miners, botnets, and worms. The malicious code combines features from different families of malware such as ransomware, cryptocurrency miners, botnets, and worms. Pierluigi Paganini.

Cryptocurrency

Security Affairs

NOVEMBER 8, 2021

The FBI warns of an increase of fraudulent schemes leveraging cryptocurrency ATMs and QR Codes to facilitate payment. The FBI Internet Crime Complaint Center (IC3) published an alert to warn the public of fraudulent schemes leveraging cryptocurrency ATMs and Quick Response (QR) codes to complete payment transactions.

Cryptocurrency

Security Affairs

SEPTEMBER 20, 2018

billion yen ($60 million) worth of cryptocurrencies from the Japanese digital currency exchange Zaif exchange. a Japanese cryptocurrency firm, hackers have compromised its Zaif exchange and have stolen 6.7 billion yen ($60 million) worth of cryptocurrencies, including Bitcoin, Monacoin, and Bitcoin Cash. Pierluigi Paganini.

Cryptocurrency