Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. One of Megatraffer’s ads on an English-language cybercrime forum. WHO IS MEGATRAFFER?

Malware 242

Malware Cybercrime Software Antivirus 242

SecureWorld News

MARCH 29, 2024

The concept of the term "malvertising" (a portmanteau of "malicious advertising") suggests an overlap with ads, albeit dodgy ones, and therefore fuels the fallacy that its impact hardly goes beyond frustration. Malvertising acts as a vessel for malware propagation. How does a malvertising attack unfold?

Cybercrime 88

Cybercrime Advertising Engineering Antivirus 88

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware 203

Malware VPN Internet Internet 203

Security Affairs

JANUARY 18, 2020

I’m preparing the slides for my next speech and I decided to create this post while searching for interesting cybercrime statistics in 2020. Cybercrime will cost as much as $6 trillion annually by 2021. The global expense for organizations to protect their systems from cybercrime attacks will continue to grow.

Cybercrime 124

Cybercrime Small Business Data breaches Mobile 124

Krebs on Security

AUGUST 2, 2022

With the recent demise of several popular “proxy” services that let cybercriminals route their malicious traffic through hacked PCs, there is now something of a supply chain crisis gripping the underbelly of the Internet. com , a malware-based proxy network that has been in existence since at least 2010. Image: Spur.us.

Malware 256

Malware Cybercrime Internet Internet 256

Security Affairs

DECEMBER 26, 2022

The FBI warns of cybercriminals using search engine advertisement services to impersonate brands and defraud users. The FBI is warning of cyber criminals using search engine advertisement services to impersonate brands and direct users to websites that were used to defraud users. ” reads the advisory published by the FBI.

Advertising 89

Advertising Engineering Education Internet 89

SecureList

JUNE 15, 2023

Money is the root of all evil, including cybercrime. Thus, it was inevitable that malware creators would one day begin not only to distribute malicious programs themselves, but also to sell them to less technically proficient attackers, thereby lowering the threshold for entering the cybercriminal community.

Malware 128

Malware Ransomware Cybercrime Hacking 128

Security Affairs

APRIL 29, 2023

Atomic macOS Stealer is a new information stealer targeting macOS that is advertised on Telegram for $1,000 per month. Cyble Research and Intelligence Labs (CRIL) recently discovered a Telegram channel advertising a new information-stealing malware, named Atomic macOS Stealer (AMOS). ” reads the report published by Cyble.

Advertising 80

Advertising Passwords Malware Password Management 80

Security Affairs

MARCH 6, 2021

A suspicious wave of attacks resulted in the hack of four cybercrime forums Verified, Crdclub, Exploit, and Maza since January. Since January, a series of mysterious cyberattacks that resulted in the hack of popular Russian-language cybercrime forums. ” reads the post published by threat intelligence firm Intel 471.

Cybercrime 145

Cybercrime DDOS Hacking Passwords 145

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. ” continues the analysis.

Cybercrime 89

Cybercrime Malware Cryptocurrency Advertising 89

Krebs on Security

JANUARY 24, 2023

Denis Emelyantsev , a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. At that time, RSOCKS was advertising more than 80,000 proxies. Image: archive.org.

Cybercrime 220

Cybercrime Advertising IoT Malware 220

Security Affairs

OCTOBER 10, 2020

Microsoft has uncovered Zerologon attacks that were allegedly conducted by the infamous TA505 Russia-linked cybercrime group. Microsoft spotted a series of Zerologon attacks allegedly launched by the Russian cybercrime group tracked as TA505 , CHIMBORAZO and Evil Corp. SecurityAffairs – hacking, Zerologon). states Microsoft.

Cybercrime 116

Cybercrime Security Intelligence Authentication Banking 116

Security Affairs

MAY 25, 2020

Three hacking forums Nulled.ch, Sinfulsite.com, and suxx.to have been hacked and their databases have been leaked online. Researchers from intelligence firm Cyble made the headlines again, this time they have discovered online the databases of three hacking forums. The databases appear to have been leaking in May 2020.

Hacking 127

Hacking Data breaches Advertising Cybercrime 127

Security Affairs

AUGUST 27, 2020

Microsoft warned of a recently uncovered piece of malware, tracked as Anubis that was designed to steal information from infected systems. This week, Microsoft warned of a recently uncovered piece of malware, tracked as Anubis, that was distributed in the wild to steal information from infected systems. Pierluigi Paganini.

Malware 127

Malware Advertising Cryptocurrency Cybercrime 127

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. Experts reported that brute-force cracking tools and account checkers are available on cybercrime marketplaces and forums for an average of $4. ” continues the report.

Cybercrime 118

Cybercrime Antivirus Marketing Accountability 118

Security Affairs

APRIL 14, 2024

The Australian man developed and sold Firebird to customers on a dedicated hacking forum. The RAT allowed customers to access and control their victims’ computers remotely, its author advertised its stealing capabilities. The Australian man faces twelve counts of computer offenses. ” reported the DoJ. ” continues DoJ.

Computers and Electronics 107

Computers and Electronics Advertising Cryptocurrency Malware 107

Security Affairs

AUGUST 13, 2020

A threat actor has released the databases of Utah-based gun exchange and hunting sites for free on a cybercrime forum. On August 10th, a hacker has leaked online the databases of Utah-based gun exchange for free on a cybercrime forum. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking 138

Hacking Data breaches Cybercrime Passwords 138

Security Affairs

MARCH 15, 2019

A new piece of PoS malware appeared in the threat landscape, the malicious code dubbed GlitchPOS has been found on a crimeware forum. The GlitchPOS malware is able to steal credit card numbers (Track1 and Track2) from the memory of the infected system, it uses a regular expression to perform this task. ” concludes Talos.

Cybercrime 79

Cybercrime Malware Advertising Cybersecurity 79

Security Affairs

AUGUST 10, 2023

Zscaler ThreatLabz researchers discovered a new information stealer malware, called Statc Stealer, that can steal a broad range of info from Windows devices. The malware can steal sensitive information from various web browsers, including login data, cookies, web data, and preferences.

Malware 85

Malware Encryption Advertising Cryptocurrency 85

Security Affairs

DECEMBER 10, 2021

Malware researchers from Recorded Future and MalwareHunterTeam discovered ALPHV (aka BlackCat), the first professional ransomware strain that was written in the Rust programming language. Unlike other malware, ALPHV (BlackCat) is the first Rust ransomware that was used in attacks in the wild by a cybercrime organization.

Ransomware 96

Ransomware Malware Cybercrime Encryption 96

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. Authorities in the United States, Germany, the Netherlands and the U.K.

Advertising 267

Advertising Cybercrime System Administration Hacking 267

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. Manipulaters advertisement for “Office 365 Private Page with Antibot” phishing kit sold on the domain heartsender,com.

Phishing 221

Phishing Cybercrime Malware Advertising 221

Security Affairs

APRIL 21, 2024

PoC publicly available Linux variant of Cerber ransomware targets Atlassian servers Ivanti fixed two critical flaws in its Avalanche MDM Researchers released exploit code for actively exploited Palo Alto PAN-OS bug Cisco warns of large-scale brute-force attacks against VPN and SSH services PuTTY SSH Client flaw allows of private keys recovery A renewed (..)

Data breaches 96

Data breaches Phishing Ransomware Malware 96

Security Affairs

FEBRUARY 12, 2024

The seizure is the result of an international law enforcement operation, federal authorities in Atlanta and Boston charged individuals in Malta and Nigeria, for their involvement in selling the malware. The two individuals are charged with selling and supporting the Warzone RAT and other malware. ” concludes DoJ.

Malware 98

Malware Hacking Cybercrime Advertising 98

Security Affairs

JULY 31, 2023

Threat actors behind the campaign aimed at building a botnet to use for a range of criminal activities from password spraying to digital advertising fraud. The AVrecon malware was written in C to ensure portability and designed to target ARM-embedded devices. The popular investigator Brian Krebs and Spur.us “ SocksEscort[.]com

Malware 90

Malware Small Business Advertising Passwords 90

Security Affairs

JULY 26, 2023

FraudGPT is another cybercrime generative artificial intelligence (AI) tool that is advertised in the hacking underground. The author claims that FraudGPT can develop undetectable malware and find vulnerabilities in targeted platforms.

Artificial Intelligence 93

Artificial Intelligence Cybercrime Phishing Advertising 93

Security Affairs

OCTOBER 31, 2020

The REvil ransomware operators made the headlines again, this time the gang claims to have hacked the Gaming Partners International (GPI). The cybercrime gang published some screenshots showing directories and files from the systems of the breached company. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking 126

Hacking Ransomware Advertising Encryption 126

Security Affairs

OCTOBER 18, 2020

Multiple members of QQAAZZ multinational cybercriminal gang were charged for providing money-laundering services to high-profile malware operations. According to law enforcement bodies, the gang provides services to multiple malware operations, including Dridex , GozNym , and Trickbot. ” . Pierluigi Paganini.

Malware 106

Malware Banking Cryptocurrency Cybercrime 106

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime 209

Cybercrime Banking Computers and Electronics DDOS 209

Security Affairs

FEBRUARY 10, 2023

The TA886 hacking group targets organizations in the United States and Germany with new spyware tracked as Screenshotter. A recently discovered threat actor, tracked as TA886 by security firm Proofpoint, is targeting organizations in the United States and Germany with new malware dubbed Screenshotter.

Malware 82

Malware Phishing Spyware Cybercrime 82

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 109

Ransomware Hacking Advertising Malware 109

Security Affairs

FEBRUARY 25, 2024

Apple created post-quantum cryptographic protocol PQ3 for iMessage Russian hacker is set to face trial for the hack of a local power grid Microsoft released red teaming tool PyRIT for Generative AI CISA orders federal agencies to fix ConnectWise ScreenConnect bug in a week FTC charged Avast with selling users’ browsing data to advertising companies (..)

Spyware 94

Spyware Cyber Insurance Hacking Advertising 94

Security Affairs

JULY 11, 2020

A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces. The data stolen by Nikulin were available on the cybercrime underground between 2015 and 2016, they were offered for sale by multiple traders.

Hacking 77

Hacking Cybercrime Data breaches Advertising 77

Security Affairs

JUNE 28, 2020

Asian media firm E27 has been hacked by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick”that asked for a “donation” to provide information on the vulnerabilities they have exploited in the attack. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Media 141

Media Hacking Passwords Data breaches 141

Security Affairs

NOVEMBER 3, 2022

Threat actors compromised a media company to deliver FakeUpdates malware through the websites of hundreds of newspapers in the US. The media company serves The media company provides video content and advertising via Javascript to its partners. SecurityAffairs – hacking, malware). zip, Chrome.Updater.zip, Firefo?.U?dat?.zip,

Malware 93

Malware Media Advertising Hacking 93

Security Affairs

SEPTEMBER 27, 2021

Researchers spotted a new malware, dubbed BloodyStealer, that could allow stealing accounts for multiple gaming platforms. Stolen data are later sold by the operators in underground marketplaces, gaming accounts are in demand in the cybercrime ecosystem. ” reads the analysis published by Kaspersky.

Malware 78

Malware Banking Passwords Accountability 78

Security Affairs

OCTOBER 8, 2023

Belgian intelligence service VSSE accused Alibaba of ‘possible espionage’ at European hub in Liege A WhatsApp zero-day exploit can cost several million dollars CISA adds JetBrains TeamCity and Windows flaws to its Known Exploited Vulnerabilities catalog NATO is investigating a new cyber attack claimed by the SiegedSec group Global CRM Provider Exposed (..)

Data breaches 100

Data breaches Cybercrime Ransomware Hacking 100