This site uses cookies to improve your experience. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country, we will assume you are from the United States. Select your Cookie Settings or view our Privacy Policy and Terms of Use.
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Used for the proper function of the website
Used for monitoring website traffic and interactions
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Strictly Necessary: Used for the proper function of the website
Performance/Analytics: Used for monitoring website traffic and interactions
A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. A machine-translated version of Flymoney, one of dozens of cryptocurrency exchanges apparently nested at Cryptomus.
authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges. Separately, the U.S.
Justice Department charged five suspects linked to the Scattered Spider cybercrime gang with wire fraud conspiracy. Justice Department charged five alleged members of the cybercrime gang Scattered Spider (also known as UNC3944 , 0ktapus ) with conspiracy to commit wire fraud. ” reads the press release published by DoJ. .
Justice Department filed a civil forfeiture complaint to seize over $24M in crypto from Gallyamov, part of a multinational cybercrime crackdown. In connection with the charges, the Justice Department filed today a civil forfeiture complaint against over $24 million in cryptocurrency seized from Gallyamov over the course of the investigation.”
A sophisticated cybercrime campaign, dubbed Elusive Comet , has been uncovered, in which North Korean threat actors are exploiting Zoom's remote control feature to infiltrate the systems of cryptocurrency professionals. Victims are sent unsolicited invitations to join Zoom calls, often via links in phishing emails or messages.
Daryna Antoniuk at TheRecord reports that a security researcher said on Sunday they had contacted Wazawaka, who confirmed being charged and said he’d paid two fines, had his cryptocurrency confiscated, and is currently out on bail pending trial. government’s “Wanted” poster for him. “Mother Russia will help you.
Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges.
KrebsOnSecurity recently told the saga of a cryptocurrency investor named Tony who was robbed of more than $4.7 million in cryptocurrencies from Tony was verify-trezor[.]io. Federal Communications Commission (FCC), as well as those working at the cryptocurrency exchanges Coinbase and Binance. Image: Shutterstock, iHaMoo.
This approach reflects the as-a-service logic already prevalent in other areas of the cybercrime sector, significantly reducing the level of technical knowledge needed by those wishing to access this confidential data. UNDERGR OUND FORUMS AND PAYMENT DYNAMICS Payments are handled through mechanisms long rooted in underground trades.
In a surprising move related to international cybercrime, Russian authorities have charged Mikhail Matveev, also known as "Wazawaka," with creating ransomware to extort commercial organizations, according to Russian media outlet RIA.
That Joeleoli moniker registered on the cybercrime forum OGusers in 2018 with the email address joelebruh@gmail.com , which also was used to register accounts at several websites for a Joel Evans from North Carolina. According to prosecutors, the group mainly sought to steal cryptocurrency from victim companies and their employees.
Ripple cryptocurrency library was compromised in a supply chain attack aimed at stealing users’ private keys. Threat actors compromised the Ripple cryptocurrency npm JavaScript library xrpl.js to harvest users’ private keys. ” reads the report published by Aikido. contained malicious code.
seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016. million in revenue.
As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new investment opportunities and decentralized transactions.
Maybe it’s indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024’s most engrossing security stories were about bad things happening to bad guys. Image: Shutterstock, Dreamansions. KrebsOnSecurity.com turns 15 years old today!
In January, KrebsOnSecurity wrote about rapper Punchmade Dev , whose music videos sing the praises of a cybercrime lifestyle. But until recently, there wasn’t much to support a conclusion that Punchmade was actually doing the cybercrime things he promotes in his songs.
This post explores answers to those questions, as well as some of the ways Trickbot and other organized cybercrime gangs gradually recruit, groom and trust new programmers. Alla Witte’s personal website — allawitte[.]nl nl — circa October 2018. 6 in Miami, Fla. Image: DOJ. On June 7, the DOJ announced it had clawed back $2.3
Kosovar citizen extradited to the US for running the cybercrime marketplace BlackDB.cc Kosovo citizen Liridon Masurica (33) of Gjilan, was extradited to the US for running the cybercrime marketplace BlackDB.cc ” The FBI led the investigation with support from the Kosovo Polices Cybercrime Investigation Directorate.
Shefel claims the true mastermind behind the Target and other retail breaches was Dmitri Golubov , an infamous Ukrainian hacker known as the co-founder of Carderplanet, among the earliest Russian-language cybercrime forums focused on payment card fraud. “I’m also godfather of his second son.” “Hi, how are you?”
. “A Command Post was set up at Europol headquarters in The Hague during the action week, with investigators from Canada, Denmark, France, Germany, the Netherlands, the United Kingdom and the United States working with Europols European Cybercrime Centre and its Joint Cybercrime Action Taskforce.”
A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. As first reported by KrebsOnSecurity, Buchanan (a.k.a. ” U.S.
A critical vulnerability in Aviatrix Controller is actively exploited to deploy backdoors and cryptocurrency miners in the wild. The Wiz Incident Response team reported that threat actors are exploiting the flaw in attacks in the wild to deploy backdoors and cryptocurrency miners. ” reads the advisory published by Wiz.
The FBI's Internet Crime Complaint Center (IC3) has released its 2024 Internet Crime Report, marking a record-breaking year in cybercrime. The report highlights a staggering $16.6 billion in reported losses, a 33% increase from 2023, underscoring the escalating threat landscape faced by individuals and organizations alike. billion in losses.
Experts warn of a large-scale cryptocurrency miner campaign targeting Russian users with SilentCryptoMiner. This is a covert miner able to mine multiple cryptocurrencies (ETH, ETC, XMR, RTM and others) using various algorithms. The payload was only accessible from Russian IPs, suggesting a targeted attack on Russian users.
authorities attributed the theft of $308 million cryptocurrency from DMM Bitcoin to North Korean cyber actors. authorities linked the $308 million cyber heist targeting cryptocurrency company DMM Bitcoin to North Korea-linked threat actors. On June 1st, the Japanese cryptocurrency exchange DMM Bitcoin announced that crooks stole 4,502.9
More attacks targeting cryptocurrency users. The malware targets many widely used cryptocurrency wallet browser extensions: 1. As I outlined in my 2025 Cybersecurity Predictions , I forecast an increased Nation State focus on the finance sector, with specific emphasis on the cryptocurrency. This year we have already seen a ~$1.5
Pig butchering is a rampant form of fraud wherein people are lured by flirtatious strangers online into investing in fraudulent cryptocurrency trading platforms. The agency said Funnull directly facilitated pig butchering and other schemes that resulted in more than $200 million in financial losses by Americans.
Secret Service and Department of Homeland Security told reporters on Wednesday the trio’s activities involved extortion, phishing, direct attacks on financial institutions and ATM networks, as well as malicious applications that masqueraded as software tools to help people manage their cryptocurrency holdings.
A 20-year-old man linked to the Scattered Spider cybercrime group has pleaded guilty to charges filed in Florida and California. “In the Florida case, Urban was accused of stealing at least $800,000 in cryptocurrency from five different victims between August 2022 and March 2023.” ” reported News4Jax.
Ransomware in big business, made possible by insecure networks that allow criminals to gain access to networks in the first place, and cryptocurrencies that allow for payments that governments cannot interdict.
Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. These are two of the largest and longest-running dark web platforms for the trade of illegal goods, drugs, and cybercrime services. The authorities also seized two vehicles and €8 million worth of cryptocurrency.
The operation was carried out by Public Prosecutor’s Office in Frankfurt am Main, the Central Office for Combating Cybercrime (ZIT), and the Federal Criminal Police Office (BKA). Nearly $100M in cryptocurrency was traded on the platform from 2018-2024, with operators taking 1-5% commissions. Now in custody.
The United States Department of Justice (DOJ) has unsealed charges against five individuals accused of orchestrating sophisticated phishing campaigns tied to the notorious Scattered Spider cybercrime group. If something about the text or email you received or website you're viewing seems off, it probably is." "The
One English-speaking cybercriminal who goes by the nicknames “ Pwnstar ” and “ Pwnipotent ” has been selling fake EDR services on both Russian-language and English cybercrime forums. “I cannot 100% guarantee every order will go through,” Pwnstar explained. ” An ad from Pwnstar for fake EDR services.
An international law enforcement operation targeted several major cybercrime websites, including Cracked, Nulled, Sellix, and StarkRDP. An international law enforcement operation led by Europol, code-named Operation Talent, dismantled several major cybercrime sites, including Cracked, Nulled, Sellix, and StarkRDP. and Nulled.to.”
The crime gang announced it was closing up shop after its servers were seized and someone drained the cryptocurrency from an account the group uses to pay affiliates. The new restrictions came as some Russian cybercrime forums began distancing themselves from ransomware operations altogether. ”
AMLBot , a service that helps businesses avoid transacting with cryptocurrency wallets that have been sanctioned for cybercrime activity, said an investigation published by KrebsOnSecurity last year helped it shut down three dark web services that secretly resold its technology to help cybercrooks avoid detection by anti-money laundering systems.
INTERPOL also issued a Purple Notice to warn countries about emerging fraudulent activities involving cryptocurrencies. The authorities have warned of “USDT Token Approval Scam” that allows scammers access to the victims’ cryptocurrency wallets and make unauthorized transactions. The operation led to 27 arrests and 19 indictments.
Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. “Targeting of Cryptocurrency Users and Influencers: Crazy Evil explicitly victimizes the cryptocurrency space with bespoke spearphishing lures.”
A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. Dellone says the crooks then used his phone number to break into his account at Coinbase and siphon roughly $100,000 worth of cryptocurrencies. federal court.”
A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”
The cryptocurrency sector has always been a magnet for cybercriminals, but the TraderTraitor campaign marks a different kind of threatone backed by state-sponsored actors with long-term goals and surgical precision. The post The TraderTraitor Crypto Heist: Nation-State Tactics Meet Financial Cybercrime appeared first on Security Boulevard.
CISA adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog Three new Ivanti CSA zero-day actively exploited in attacks Ukrainian national pleads guilty in U.S.
We organize all of the trending information in your field so you don't have to. Join 28,000+ users and stay up to date on the latest articles your peers are reading.
You know about us, now we want to get to know you!
Let's personalize your content
Let's get even more personalized
We recognize your account from another site in our network, please click 'Send Email' below to continue with verifying your account and setting a password.
Let's personalize your content