Security Affairs

APRIL 7, 2025

This approach reflects the as-a-service logic already prevalent in other areas of the cybercrime sector, significantly reducing the level of technical knowledge needed by those wishing to access this confidential data.

Cybercrime

Security Affairs

JUNE 11, 2025

said Neal Jetton, INTERPOL’s Director of Cybercrime. Operation Secure has once again shown the power of intelligence sharing in disrupting malicious infrastructure and preventing large-scale harm to both individuals and businesses.”

Cybercrime

SecureWorld News

DECEMBER 3, 2024

In a surprising move related to international cybercrime, Russian authorities have charged Mikhail Matveev, also known as "Wazawaka," with creating ransomware to extort commercial organizations, according to Russian media outlet RIA. Despite U.S.

Cybercrime

The Hacker News

MAY 23, 2025

Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and unsealed charges against 16 individuals for their alleged involvement in the development and deployment of the malware, which it said was controlled by a Russia-based cybercrime organization.

Cybercrime

Krebs on Security

DECEMBER 19, 2024

Silent Push said Araneida is being advertised by an eponymous user on multiple cybercrime forums. Araneida Scanner’s Telegram channel bragging about how customers are using the service for cybercrime. The service’s Telegram channel boasts nearly 500 subscribers and explains how to use the tool for malicious purposes.

Hacking

Krebs on Security

DECEMBER 4, 2024

Matveev’s hacker identities were remarkably open and talkative on numerous cybercrime forums. image: x.com/vxunderground The golden rule of cybercrime in Russia has always been that as long as you never hack, extort or steal from Russian citizens or companies, you have little to fear of arrest. “Mother Russia will help you.

Cybercrime

The Last Watchdog

MAY 15, 2025

And thanks to an explosion of inexpensive cybercrime-as-a-service offerings on the dark web, launching an attack is easier and cheaper than ever. Cybercrime industrialized The dark web has become a marketplace where bad actors can buy tools and access with the ease of shopping for software.

Small Business

eSecurity Planet

MARCH 3, 2025

The business of cybercrime Cybercriminals are no longer disorganized hackers. The report emphasizes that modern cybercrime is not about deploying a single exploit but rather about orchestrating multifaceted campaigns that combine speed, stealth, and sophistication. Evolving tactics in a digital world: should you care?

Threat Reports

Security Affairs

NOVEMBER 24, 2024

seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016.

Cybercrime

Security Affairs

JANUARY 30, 2025

An international law enforcement operation targeted several major cybercrime websites, including Cracked, Nulled, Sellix, and StarkRDP. An international law enforcement operation led by Europol, code-named Operation Talent, dismantled several major cybercrime sites, including Cracked, Nulled, Sellix, and StarkRDP. and Nulled.to.”

Cybercrime

Krebs on Security

DECEMBER 11, 2024

A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. wtf, and PQHosting ; -sites selling aged email, financial, or social media accounts, such as verif[.]work com and rdp[.]monster;

Cryptocurrency

Krebs on Security

NOVEMBER 19, 2024

8, a cybercriminal using the nickname “ abyss0 ” posted on the English-language cybercrime community BreachForums that they’d stolen files belonging to some of Finastra’s largest banking clients. Importantly, for any customers who are deemed to be affected, we will be reaching out and working with them directly.”

Data breaches

Krebs on Security

DECEMBER 29, 2024

Maybe it’s indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024’s most engrossing security stories were about bad things happening to bad guys. Image: Shutterstock, Dreamansions. KrebsOnSecurity.com turns 15 years old today!

Scams

Krebs on Security

MAY 22, 2025

government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot , a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018.

Malware

SecureWorld News

MAY 14, 2025

The FBI's Internet Crime Complaint Center (IC3) has released its 2024 Internet Crime Report, marking a record-breaking year in cybercrime. The report highlights a staggering $16.6 billion in reported losses, a 33% increase from 2023, underscoring the escalating threat landscape faced by individuals and organizations alike.

Cybercrime

Krebs on Security

NOVEMBER 1, 2024

We’ll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the world’s most visited travel website. A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans. A full, defanged list of domains is available here.

Phishing

SecureWorld News

FEBRUARY 3, 2025

In a significant victory against cybercrime, U.S. Cybercrime as a service: an evolving threat As cybercriminals continue to develop more sophisticated and accessible tools, law enforcement agencies worldwide are struggling to keep pace. For every criminal group disrupted, multiple others remain active or emerge to take their place."

Phishing

Krebs on Security

MAY 29, 2025

ISPs, and that Ivan Neculiti for many years sold “bulletproof” hosting services that told Russian cybercrime forum customers they would proudly ignore any abuse complaints or police inquiries. The homepage of Stark Industries Solutions.

Scams

Security Affairs

MARCH 18, 2025

Trend ZDI researchers discovered 1,000 malicious.lnk files used by nation-state actors and cybercrime groups to execute hidden malicious commands on a victims machine by exploiting the vulnerability ZDI-CAN-25373. Since 2017, the vulnerability has been exploited by APT groups from North Korea, Iran, Russia, and China.

Cybercrime

Krebs on Security

JULY 24, 2025

An investigation into the attacker’s infrastructure points to a long-running Nigerian cybercrime ring that is actively targeting established companies in the transportation and aviation industries. However, BEC scams were the second most costly form of cybercrime reported to the feds last year, with nearly $2.8

Scams

Security Affairs

DECEMBER 12, 2024

Law enforcement globally targets these services to combat cybercrime. The police are taking tough action against cybercrime, in whatever form. Booter and stresser services are platforms that enable Distributed Denial-of-Service (DDoS) attacks by overwhelming targets with traffic. The police are also present on the web.”

DDOS

Krebs on Security

NOVEMBER 9, 2024

One English-speaking cybercriminal who goes by the nicknames “ Pwnstar ” and “ Pwnipotent ” has been selling fake EDR services on both Russian-language and English cybercrime forums. “I cannot 100% guarantee every order will go through,” Pwnstar explained. ” An ad from Pwnstar for fake EDR services.

Hacking

Krebs on Security

FEBRUARY 28, 2025

Last year, the French security firm Intrinsec detailed Prospero’s connections to bulletproof services advertised on Russian cybercrime forums under the names Securehost and BEARHOST. The bulletproof hosting provider BEARHOST. This screenshot has been machine-translated from Russian. Image: Ke-la.com.

Malware

Security Affairs

OCTOBER 14, 2024

Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. These are two of the largest and longest-running dark web platforms for the trade of illegal goods, drugs, and cybercrime services.

Marketing

Security Affairs

MAY 25, 2025

. “A Command Post was set up at Europol headquarters in The Hague during the action week, with investigators from Canada, Denmark, France, Germany, the Netherlands, the United Kingdom and the United States working with Europols European Cybercrime Centre and its Joint Cybercrime Action Taskforce.”

Ransomware

Security Affairs

JUNE 2, 2025

Department of Justice has dismantled an online cybercrime syndicate that provided encryption services to help malware evade detection. This helps them launch stealthy attacks and gain access to victims systems without being noticed, making these services a key tool in the cybercrime ecosystem. net, Cryptor[.]biz, biz, and Crypt[.]guru.

Antivirus

Krebs on Security

OCTOBER 17, 2024

AnonSudan ), a cybercrime business known for launching powerful distributed denial-of-service (DDoS) attacks against a range of targets, including dozens of hospitals, news websites and cloud providers. government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a.

DDOS

Security Affairs

JUNE 22, 2025

This move, reported by cybersecurity firm Cybereason, shows Qilin stepping up its operations and trying to take over space left by rival cybercrime groups. With advanced tools, legal help, spam services, and massive data storage, it’s positioning itself as a full-service cybercrime platform.

Ransomware

Security Affairs

OCTOBER 25, 2024

“Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat.” However, after a $22 million transaction, an affiliate publicly complained on a Russian cybercrime forum, alleging that BlackCat did not pay their fee.

Data breaches

Security Affairs

JUNE 26, 2025

seeking extradition for cybercrimes. The case is led by the Complex Frauds and Cybercrime Unit, with prosecution by Assistant U.S. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime) Kai West (25), a British national, has been charged in the U.S.

Cybercrime

Security Affairs

JANUARY 11, 2025

The indictment and arrests announced today, which follow the earlier takedown of the defendants criminal infrastructure, yet again demonstrate the value of our international partnerships in countering the global threat from cybercrime. were allegedly used for laundering funds from ransomware and cybercrimes. Blender.io and Sinbad.io

Cybercrime

Krebs on Security

JANUARY 7, 2025

” Perm is the current administrator of Star Fraud , one of the more consequential cybercrime communities on Telegram and one that has emerged as a foundry of innovation in voice phishing attacks. As we’ll see in a moment, that phishing kit is operated and rented out by a cybercriminal known as “ Perm ” a.k.a.

Phishing

SecureWorld News

JULY 8, 2025

Ransomware-as-a-Service (RaaS) has transformed cybercrime into an accessible, scalable platform that anyone can tap into—no code required. Welcome to the age of cybercrime for hire—streamlined, professionalized, and more dangerous than ever. How RaaS works: cybercrime-as-a-platform RaaS operates like any modern SaaS business model.

Ransomware

Security Affairs

NOVEMBER 23, 2024

Microsoft announced the disruption of the ONNX phishing service, another success against cybercrime which led to the seizure of 240 sites. Microsoft disrupted the ONNX phishing service, seizing 240 sites and naming an Egyptian man as the operator behind the operation.

Phishing

Security Affairs

NOVEMBER 27, 2024

From multi-level marketing scams to credit card fraud on an industrial scale, the increasing volume and sophistication of cybercrime attacks is of serious concern.” Angola dismantled a virtual casino targeting Brazilian and Nigerian gamblers, arresting 150 and seizing 200 computers and 100 phones.

Scams

Security Affairs

FEBRUARY 17, 2025

In 2023, Zservers leased infrastructure, including a Russian IP address, to a Lockbit affiliate” Bulletproof hosting services enable global cybercrime by providing safe havens for threat actors. The law enforcement revealed that Zservers’ servers were in Amsterdam, and cybercrime groups like Conti and LockBit used the platform.

Cybercrime

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group published configuration files and VPN passwords for over 15,000 Fortinet FortiGate appliances. “2025 will be a fortunate year for the world.

VPN