Blog, Cybercrime and Web Fraud - Cyber Security Informer

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Krebs on Security

OCTOBER 17, 2024

AnonSudan ), a cybercrime business known for launching powerful distributed denial-of-service (DDoS) attacks against a range of targets, including dozens of hospitals, news websites and cloud providers. government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a.

DDOS

DDOS Government Internet Internet

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

” Perm is the current administrator of Star Fraud , one of the more consequential cybercrime communities on Telegram and one that has emerged as a foundry of innovation in voice phishing attacks. The image that Lookout used in its blog post for Crypto Chameleon can be seen in the lower right hooded figure. “ Annie.”

Phishing

Phishing Cryptocurrency Accountability Social Engineering

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Krebs on Security

MAY 29, 2025

“Amazon is doing a terrible job — every day since they made those claims to you and us in our public blog they have had IPs still mapped to Funnull, including some that have stayed mapped for inexplicable periods of time,” Edwards said. ” U.S. The homepage of Stark Industries Solutions.

Scams

Scams Internet Internet Cybercrime

This Service Helps Malware Authors Fix Flaws in their Code

Krebs on Security

MAY 18, 2020

biz , which frequently blogs about security weaknesses in popular malware tools. is cybercrime forum. “We can examine your (or not exactly your) PHP code for vulnerabilities and backdoors,” reads his offering on several prominent Russian cybercrime forums. The cybercrime actor “upO” on Exploit[.]in

Malware

Malware Cybercrime Ransomware Marketing

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Brad Marden , superintendent of cybercrime operations for the Australian Federal Police (AFP), said their investigation into who was behind U-Admin began in late 2018, after Australian citizens began getting deluged with phishing attacks via mobile text messages that leveraged the software. The U-Admin phishing panel interface. Image: fr3d.hk/blog.

Phishing

Phishing Scams Banking Mobile

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

12 blog post , the attackers used their access to Mailchimp employee accounts to steal data from 214 customers involved in cryptocurrency and finance. “Brickings” are among the “violence-as-a-service” offerings broadly available on many cybercrime channels. On July 28 and again on Aug. According to an Aug.

Social Engineering

Social Engineering Cybercrime Mobile Identity Theft

The Rise of One-Time Password Interception Bots

Krebs on Security

SEPTEMBER 29, 2021

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. And all of them operate via Telegram , a cloud-based instant messaging system.

Passwords

Passwords Authentication Banking Mobile

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Krebs on Security

DECEMBER 5, 2022

The defendants, who initially pursued a strategy of counter suing Google for interfering in their sprawling cybercrime business, later brazenly offered to dismantle the botnet in exchange for payment from Google. The judge in the case was not amused, found for the plaintiff, and ordered the defendants and their U.S.

Cybercrime

Cybercrime Malware Internet Internet

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

For example, this account at Medium has authored more than a dozen blog posts in the past year singing the praises of Tornote as a secure, self-destructing messaging service. com is currently selling security cameras made by the Chinese manufacturer Hikvision , via an Internet address based in Hong Kong. io seem like a legitimate website.

Phishing

Phishing Cryptocurrency DDOS Internet

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

” According to the Indonesian security blog Cyberthreat.id , Saputra admitted being the administrator of 16Shop , but told the publication he handed the project off to others by early 2020. 16Shop documentation instructing operators on how to deploy the kit.

Phishing

Phishing Passwords Hacking Insurance

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Krebs on Security

FEBRUARY 4, 2021

Like most cybercrime forums, OGUsers is overrun with shady characters who are there mainly to rip off other members. “We know hackers sometimes delete content when they gain access to an account, and until now people had no way of easily getting their photos and videos back,” Instagram explained in a blog post.

Accountability

Accountability Hacking Media Mobile

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Krebs on Security

SEPTEMBER 2, 2021

Here’s the story of a cybercrime group that compromises up to 100,000 email inboxes per day, and apparently does little else with this access except siphon gift card and customer loyalty program data that can be resold online.

Accountability

Accountability Authentication Passwords Hacking

The Stark Truth Behind the Resurgence of Russia’s Fin7

Krebs on Security

JULY 10, 2024

The Russia-based cybercrime group dubbed “ Fin7 ,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. Malwarebytes blogged about a similar campaign in April, but did not attribute the activity to any particular group.

Cybercrime

Cybercrime Phishing Malware Software

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

The security firm CrowdStrike dubbed the group “ Scattered Spider ,” a recognition that the MGM hackers came from different hacker cliques scattered across an ocean of Telegram and Discord servers dedicated to financially-oriented cybercrime. ” Beige members were implicated in two stories published here in 2020.

Cybercrime

Cybercrime Accountability Mobile Hacking

Google Suspends Chinese E-Commerce App Pinduoduo Over Malware

Krebs on Security

MARCH 22, 2023

28, 2023, researchers at the Chinese security firm DarkNavy published a blog post purporting to show evidence that a major Chinese ecommerce company’s app was using this same three-exploit chain to read user data stored by other apps on the affected device, and to make its app nearly impossible to remove. .

Malware

Malware eCommerce Marketing Mobile

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

Krebs on Security

MARCH 29, 2022

In a blog post about their recent hack, Microsoft said LAPSUS$ succeeded against its targets through a combination of low-tech attacks, mostly involving old-fashioned social engineering — such as bribing employees at or contractors for the target organization. ” The price: $100 to $250 per request.

Accountability

Accountability Government Hacking Social Engineering

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Krebs on Security

SEPTEMBER 18, 2024

Although many domains correspond to websites for electronics stores or blogs about IT topics, just as many contain a fair amount of placeholder content (think “lorem ipsum” text on the “contact” page). Mazidul Islam’s LinkedIn page says he is the organizer of a now defunct IT blog called gadgetsbiz[.]com,

Scams

Scams DNS Internet Internet

Cyber Security Informer

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

A Day in the Life of a Prolific Voice Phishing Crew

Trending Sources

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

This Service Helps Malware Authors Fix Flaws in their Code

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

The Rise of One-Time Password Interception Bots

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Karma Catches Up to Global Phishing Service 16Shop

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Gift Card Gang Extracts Cash From 100k Inboxes Daily

The Stark Truth Behind the Resurgence of Russia’s Fin7

The Dark Nexus Between Harm Groups and ‘The Com’

Google Suspends Chinese E-Commerce App Pinduoduo Over Malware

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Stay Connected