Security Affairs

JULY 18, 2024

The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. SentinelOne researchers warn that the financially motivated group FIN7 is using multiple pseudonyms to advertise a security evasion tool in several criminal underground forums. is forum for $15,000.

Advertising 140

Advertising Cybercrime Hacking Ransomware 140

Schneier on Security

JULY 14, 2023

And one lucky donor, as his campaign advertised on Facebook, will have the chance to win a Yeti Tundra 45 cooler that typically costs more than $300—just for donating at least $1. A clever hack. It’s actually a pretty good idea. Probably the cheapest way to get the contributors he needs.

Hacking 231

Hacking Advertising Media 231

Krebs on Security

JULY 22, 2020

The New York Times last week ran an interview with several young men who claimed to have had direct contact with those involved in last week’s epic hack against Twitter. ” Twice in the past year, the OGUsers forum was hacked , and both times its database of usernames, email addresses and private messages was leaked online.

Hacking 345

Hacking Accountability Scams Media 345

Krebs on Security

FEBRUARY 16, 2022

The ICRC said the hacked servers contained data relating to the organization’s Restoring Family Links services, which works to reconnect people separated by war, violence, migration and other causes. In their online statement about the hack (updated on Feb. “Mr. .” Image: Ke-la.com. com, sachtimes[.]com,

Hacking 301

Hacking Ransomware Media Accountability 301

Krebs on Security

FEBRUARY 4, 2021

Facebook told KrebsOnSecurity it seized hundreds of accounts — mainly on Instagram — that have been stolen from legitimate users through a variety of intimidation and harassment tactics, including hacking, coercion, extortion, sextortion , SIM swapping , and swatting. THE MIDDLEMEN.

Accountability 327

Accountability Hacking Media Mobile 327

Krebs on Security

FEBRUARY 28, 2025

Last year, the French security firm Intrinsec detailed Prospero’s connections to bulletproof services advertised on Russian cybercrime forums under the names Securehost and BEARHOST. government for its hacking operations, CEO Eugene Kaspersky says he ordered workers to delete the code. The bulletproof hosting provider BEARHOST.

Malware 256

Malware Antivirus Software DDOS 256

Adam Levin

JULY 24, 2020

Barely a day goes by without news of an elite hacking team creating a more stealth exploit– malware , elaborate spear-phishing attacks, trojans, and a killer array of ransomware that can take factories and other organizations offline, or even hobble entire cities. Cyberattacks are constantly getting more sophisticated.

Hacking 237

Hacking Phishing Risk Accountability 237

Krebs on Security

NOVEMBER 1, 2024

One post last month on the Russian-language hacking forum BHF offered up to $5,000 for each hotel account. This seller claims to help people monetize hacked booking.com partners, apparently by using the stolen credentials to set up fraudulent listings.

Phishing 273

Phishing Accountability Artificial Intelligence Cybercrime 273

Security Affairs

JULY 18, 2024

The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. SentinelOne researchers warn that the financially motivated group FIN7 is using multiple pseudonyms to advertise a security evasion tool in several criminal underground forums. is forum for $15,000.

Advertising 98

Advertising Cybercrime Hacking Ransomware 98

Krebs on Security

MARCH 10, 2020

District Court for the Southern District of California allege Firsov was the administrator of deer.io, an online platform that hosted more than 24,000 shops for selling stolen and/or hacked usernames and passwords for a variety of top online destinations. ” A Google Translate version of that advertisement is here (PDF).

Accountability 353

Accountability Advertising Hacking Cybercrime 353

Security Affairs

OCTOBER 3, 2023

Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023. Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape.

Advertising 138

Advertising Cybercrime Malware Cryptocurrency 138

Security Affairs

FEBRUARY 22, 2024

The antivirus firm is accused of selling the data to advertising companies without user consent. According to the complaint, the cybersecurity firm was advertising its products as privacy-friendly. million and order to stop selling or licensing any web browsing data for advertising purposes. FTC will also fine Avast $16.5

Advertising 136

Advertising Antivirus Data collection Software 136

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. Abusewith[.]us 2, 2014.

Hacking 240

Hacking Accountability Data breaches Marketing 240

Security Affairs

FEBRUARY 2, 2025

A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools. The HeartSender group advertised its tools as fully undetectable by antispam software.

Cybercrime 108

Cybercrime Advertising Phishing Hacking 108

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. Authorities in the United States, Germany, the Netherlands and the U.K.

Advertising 318

Advertising Cybercrime System Administration Hacking 318

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. io , and rdp[.]sh. Those archived webpages show both RDP services were owned by an entity called 1337 Services Gmbh.

eCommerce 213

eCommerce Cybercrime Accountability Passwords 213

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malicious code was advertised on cybercrime forums for $3,000 per month. The malware can collect cookies, logins and browsing history, but from Safari only cookies can be collected.

Malware 119

Malware Advertising Antivirus Cybercrime 119

Troy Hunt

NOVEMBER 13, 2024

Apparently, before a child reaches the age of 13, advertisers will have gathered more 72 million data points on them. But in all likelihood, there will be more than a handful of domain subscribers who take issue with that volume of people data sitting there in one corpus easily downloadable via a clear web hacking forum.

Data breaches 335

Data breaches Passwords B2B Technology 335

Security Affairs

MARCH 24, 2025

” Fake file converters and download tools may perform advertised tasks but can provide resulting files containing hidden malware, giving criminals access to victims’ devices. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, free online document converters)

Malware 115

Malware Scams Identity Theft Antivirus 115

Security Affairs

NOVEMBER 24, 2024

To advertise the marketplace, PopeyeTools allegedly promised to refund or replace purchased credit cards that were no longer valid at the time of sale. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Cybercrime 129

Cybercrime Cryptocurrency Banking Accountability 129

Security Affairs

NOVEMBER 5, 2024

Canadian authorities arrested a suspect linked to multiple hacks following a breach of cloud data platform Snowflake earlier this year. “Canadian authorities have arrested a man suspected of being behind a string of hacks involving as many as 165 customers of Snowflake Inc., Charges remain undisclosed.

Unstructured Data 120

Unstructured Data Media Hacking Cybercrime 120

Krebs on Security

NOVEMBER 10, 2020

Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. Contacted by KrebsOnSecurity, Hodson said his Facebook account indeed was hacked, and that the attackers had budgeted $500 for the entire campaign. On the evening of Monday, Nov.

Ransomware 363

Ransomware Accountability Hacking Advertising 363

Security Affairs

JANUARY 4, 2024

The X account of cybersecurity giant Mandiant was hacked, attackers used it to impersonate the Phantom crypto wallet and push a cryptocurrency scam. Crooks hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam.

Cryptocurrency 132

Cryptocurrency Scams Accountability Hacking 132

Security Affairs

NOVEMBER 30, 2024

Some of the malicious apps were promoted through deceptive advertising on social media. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Google Play) Some apps were suspended by Google from Google Play while others were updated by the developers.

Social Engineering 128

Social Engineering Media Mobile Scams 128

Krebs on Security

DECEMBER 29, 2024

Much of my summer was spent reporting a story about how advertising and marketing firms have created a global free-for-all where anyone can track the daily movements and associations of hundreds of millions of mobile devices , thanks to the ubiquity of mobile location data that is broadly and cheaply available.

Scams 237

Scams Cybercrime Cryptocurrency Social Engineering 237

Schneier on Security

DECEMBER 28, 2018

This is a really interesting story of an ad fraud scheme that relied on hijacking the Border Gateway Protocol: Members of 3ve (pronounced "eve") used their large reservoir of trusted IP addresses to conceal a fraud that otherwise would have been easy for advertisers to detect. Lots of details in the article. This is an example of that.

Scams 235

Scams Advertising Hacking Software 235

Krebs on Security

SEPTEMBER 17, 2020

Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. Security firm FireEye dubbed that hacking blitz “one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years.” Image: FBI.

Antivirus 363

Antivirus Hacking Software Government 363

Krebs on Security

MAY 5, 2021

This week, messaging security vendor Proofpoint published some new data on the rise of these malicious Office 365 apps, noting that a high percentage of Office users will fall for this scheme [full disclosure: Proofpoint is an advertiser on this website]. A cybercriminal service advertising the sale of access to hacked Office365 accounts.

Accountability 348

Accountability Advertising Passwords Phishing 348

Schneier on Security

APRIL 2, 2021

News article : Most troublingly, Activision says that the “cheat” tool has been advertised multiple times on a popular cheating forum under the title “new COD hack.” ” (Gamers looking to flout the rules will typically go to such forums to find new ways to do so.)

Software 228

Software Malware Advertising Antivirus 228

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches 116

Data breaches Cybercrime Cyber Insurance Marketing 116

Krebs on Security

JUNE 18, 2020

An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web.

Identity Theft 363

Identity Theft Healthcare Hacking Technology 363

Krebs on Security

APRIL 22, 2019

An advertisement for RevCode WebMonitor. ” But critics say WebMonitor is far more likely to be deployed on “pwned” devices, or those that are surreptitiously hacked. The first advertisements in hacker forums for the sale of WebMonitor began in mid-2017. Federal Bureau of Prisons , he was released on Nov.

Advertising 253

Advertising Antivirus Software Malware 253

CyberSecurity Insiders

DECEMBER 13, 2022

India’s Corona fighting digital platform COWIN Portal has been reportedly been hacked by a hacker who is ready to sell the access details and some health worker data to interested parties. The post India corona fighting digital platform COWIN gets hacked appeared first on Cybersecurity Insiders.

Hacking 124

Hacking Healthcare Cyber Attacks Advertising 124

Adam Shostack

JANUARY 2, 2025

Image by Midjourney: robot reading many books::2 , while being hacked. The image is cinematic, dramatic, professional photography, studio lighting, studio background, advertising photography, intricate details, hyper-detailed --v 6.0 --ar 8:3 Strategie usate dagli hacker per violare sistemi. There is a stack of books on the bench.

Software 130

Software Advertising Hacking 130

Krebs on Security

JANUARY 24, 2023

First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device. “I At that time, RSOCKS was advertising more than 80,000 proxies. RSOCKS, circa 2016.

Cybercrime 292

Cybercrime Advertising IoT Malware 292

Security Affairs

OCTOBER 14, 2024

Some sellers on Bohemia advertised they were shipping the products from the Netherlands. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, dark web) million euros.

Marketing 125

Marketing Cybercrime DDOS Cryptocurrency 125

Krebs on Security

APRIL 5, 2021

“The company has been hacked, data has been stolen and will soon be released as the company refuses to protect its peoples’ data.” This letter is from the Clop ransomware gang, putting pressure on a recent victim named on Clop’s dark web shaming site. “Good day!

Ransomware 351

Ransomware Advertising Retail DDOS 351