Advertising, Cybercrime and System Administration

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

.” The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums. Even today, the RUSdot Mailer is advertised for sale at the top of the RUSdot community forum.

Advertising

Advertising Cybercrime System Administration Hacking

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. ru , which at one point advertised the sale of wooden staircases. 2011 said he was a system administrator and C++ coder.

Cybercrime

Cybercrime Ransomware Accountability Government

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort began in 2009 as “ super-socks[.]com SocksEscort began in 2009 as “ super-socks[.]com com, super-socks[.]com,

Malware

Malware VPN Internet Internet

Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

Security Affairs

MARCH 10, 2020

Microsoft is warning of human-operated ransomware, this kind of attack against businesses is becoming popular in the cybercrime ecosystem. Human-operated ransomware is a technique usually employed in nation-state attacks that is becoming very popular in the cybercrime ecosystem. ” reads the post published by Microsoft.

Ransomware

Ransomware Cybercrime Social Engineering Banking

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

Security Affairs

OCTOBER 14, 2018

Alexey is a Russian-speaking cyber vigilante that decided to fix the MikroTik routers and he claims to be e system administrator. Just to be clear, despite Alexey has broken into the infected routers to sanitize them, this action is technically considered a cybercrime.

Cryptocurrency

Cryptocurrency System Administration Advertising Hacking

FBI and CISA published a new advisory on AvosLocker ransomware

Security Affairs

OCTOBER 13, 2023

AvosLocker operators already advertised in the past a Linux variant, dubbed AvosLinux, of their malware claiming it was able to support Linux and ESXi servers. AvosLocker affiliates use legitimate software and open-source remote system administration tools to compromise the victims’ networks.

Ransomware

Ransomware System Administration Antivirus Malware

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Security Affairs

MAY 2, 2021

A new cryptocurrency stealer dubbed WeSteal is available on the cybercrime underground, unlike other commodity cryptocurrency stealers, its author doesn’t masquerade its purpose and promises “the leading way to make money in 2021.”. Experts pointed out that ComplexCodes had been selling a “WeSupply Crypto Stealer” since May 2020.,

Cryptocurrency

Cryptocurrency Malware Advertising System Administration

FireEye experts found source code for CARBANAK malware on VirusTotal?

Security Affairs

APRIL 23, 2019

CARBANAK cybercrime gang was first uncovered in 2014 by Kaspersky Lab that dated its activity back to 2013 when the group leveraged the Anunak malware in targeted attacks on financial institutions and ATM networks. Hladyr is suspected to be a system administrator for the group. Pierluigi Paganini.

Malware

Malware Penetration Testing System Administration Banking

Three members of FIN7 (Carbanak) gang charged with stealing 15 million credit cards

Security Affairs

AUGUST 2, 2018

Three members of the cybercrime group tracked as FIN7 and Carbanak have been indicted and charged with 26 felony counts. Three members of the notorious cybercrime gang known as FIN7 and Carbanak have been indicted and charged with 26 felony counts of conspiracy, wire fraud, computer hacking, access device fraud and aggravated identity theft.

Banking

Banking Cybercrime Identity Theft Penetration Testing

FireEye experts found source code for CARBANAK malware on VirusTotal?

Security Affairs

APRIL 23, 2019

CARBANAK cybercrime gang was first uncovered in 2014 by Kaspersky Lab that dated its activity back to 2013 when the group leveraged the Anunak malware in targeted attacks on financial institutions and ATM networks. Hladyr is suspected to be a system administrator for the group. Pierluigi Paganini.

Malware

Malware Penetration Testing System Administration Banking

US authorities charged Dridex gang members for stealing over $100 Million

Security Affairs

DECEMBER 7, 2019

For over a decade, Maksim Yakubets and Igor Turashev led one of the most sophisticated transnational cybercrime syndicates in the world,” said U.S. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Attorney Brady.

Banking

Banking Malware Cybercrime Accountability

BatLoader campaign impersonates ChatGPT and Midjourney to deliver Redline Stealer

Security Affairs

MAY 21, 2023

The experts also detailed a separate case, that was observed on May 2023, using a similar infection scheme to advertise a rogue page for Midjourney. Unfortunately, as system administrators seek ways to control access to these platforms, users may seek out alternative ways to gain access.” ” concludes the report.

System Administration

System Administration Advertising Hacking Malware

New Linux/DDosMan threat emerged from an evolution of the older Elknot

Security Affairs

APRIL 1, 2019

But let’s see what are the execution binaries and what an administrator will see because this analysis IS for rise the system administration awareness: Code execution: execve("/tmp/upgrade""); // to execute upgrade. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. O"]); // for persistence.

DDOS

DDOS Malware Encryption Penetration Testing

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

A recent leak has put it in the hands of cybercrime actors and it is very likely that by the end of the year we will see it involved in APT cases too. We encourage system administrators to immediately set up monitoring for these machines, due to the unlikelihood that patching (even in a timely fashion) will be sufficient to protect them.

Firmware

Firmware Surveillance Telecommunications Mobile

Updates from the MaaS: new threats delivered through NullMixer

Security Affairs

MARCH 27, 2023

The Originating Malvertising Campaign According to CTI investigation on the adversary infrastructure, we were able to identify an ongoing campaign luring system administrators to install the malicious code into their machines.

Malware

Malware Social Engineering Encryption Marketing

Canadian Police Raid ‘Orcus RAT’ Author

Krebs on Security

APRIL 2, 2019

An advertisement for Orcus RAT. In response to an inquiry from this office, the RCMP stopped short of naming names, but said “we can confirm that our National Division Cybercrime Investigative Team did execute a search warrant at a Toronto location last week.”. Meanwhile on Hackforums[.]net

Advertising

Advertising Malware Marketing Software

The Hacker Mind Podcast: Ethical Hacking

ForAllSecure

MAY 26, 2022

.” I wrote about the pending Cyber Security Enhancement Act of 2002 (CSEA) and said: “ The problem with this legislation is that it's often very difficult to determine who is responsible for any given cybercrime. Who is responsible? Is it the hospital, which should have had a power backup? So it's kind of a business model, right?

Hacking

Hacking Technology InfoSec Media

IT threat evolution Q2 2021

SecureList

AUGUST 12, 2021

The tricks used by the scammers include imitating the infamous “ Blue Screen of Death ” (BSOD) in the browser, false warnings about system errors or detected malware, threats to encrypt files and legal liability notices. Notify your supervisors as soon as possible.

Ransomware

Ransomware Malware Banking Encryption

Cyber Security Informer

Meet the Administrators of the RSOCKS Proxy Botnet

How Did Authorities Identify the Alleged Lockbit Boss?

Trending Sources

Who and What is Behind the Malware Proxy Service SocksEscort?

Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

FBI and CISA published a new advisory on AvosLocker ransomware

WeSteal, a shameless commodity cryptocurrency stealer available for sale

FireEye experts found source code for CARBANAK malware on VirusTotal?

Three members of FIN7 (Carbanak) gang charged with stealing 15 million credit cards

FireEye experts found source code for CARBANAK malware on VirusTotal?

US authorities charged Dridex gang members for stealing over $100 Million

BatLoader campaign impersonates ChatGPT and Midjourney to deliver Redline Stealer

New Linux/DDosMan threat emerged from an evolution of the older Elknot

Advanced threat predictions for 2023

Updates from the MaaS: new threats delivered through NullMixer

Canadian Police Raid ‘Orcus RAT’ Author

The Hacker Mind Podcast: Ethical Hacking

IT threat evolution Q2 2021

Stay Connected