Cybercrime - Cyber Security Informer

Why Phishers Love New TLDs Like.shop,top and.xyz

Krebs on Security

DECEMBER 3, 2024

A study on phishing data released by Interisle Consulting finds that new gTLDs introduced in the last few years command just 11 percent of the market for new domains, but accounted for roughly 37 percent of cybercrime domains reported between September 2023 and August 2024. The top 5 new gTLDs, ranked by cybercrime domains reported.

Cybercrime

Cybercrime Phishing Accountability Internet

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

JANUARY 31, 2025

On January 29, the FBI and the Dutch national police seized the technical infrastructure for a cybercrime service marketed under the brands Heartsender , Fudpage and Fudtools (and many other “fud” variations). “The Cybercrime Team is on the trail of a number of buyers of the tools,” the Dutch national police said.

Phishing

Phishing Cybercrime Advertising Malware

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by IntelBroker on a cybercrime forum was stolen from its DevHub environment.

Cybercrime

Cybercrime Data breaches Technology Banking

Evolving Cybercrime: Inside the Russian-Speaking Underground

Penetration Testing

APRIL 9, 2025

The Russian-speaking cybercriminal underground remains a dominant force in the global cybercrime landscape. A recent report by Trend Micro, marking the 50th installment in their series on this subject, highlights the underground’s sophistication, resilience, and significant impact.

Cybercrime

Cybercrime Cybersecurity Phishing Ransomware

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

This approach reflects the as-a-service logic already prevalent in other areas of the cybercrime sector, significantly reducing the level of technical knowledge needed by those wishing to access this confidential data.

Cybercrime

Cybercrime Social Engineering Accountability Government

Cybercrime is surging across Africa

Graham Cluley

JUNE 25, 2025

A new INTERPOL report has sounded the alarm over a dramatic increase in cybercrime across Africa, with digital crime now accounting for a significant proportional of all criminal activity across the continent. Read more in my article on the Hot for Security blog.

Cybercrime

Cybercrime Accountability Phishing Ransomware

CrowdStrike 2025 Global Threat Report: 51-Second Breaches Shake Cybercrime

eSecurity Planet

MARCH 3, 2025

The business of cybercrime Cybercriminals are no longer disorganized hackers. The report emphasizes that modern cybercrime is not about deploying a single exploit but rather about orchestrating multifaceted campaigns that combine speed, stealth, and sophistication. Evolving tactics in a digital world: should you care?

Threat Reports

Threat Reports Cybercrime Artificial Intelligence Social Engineering

Operation Secure: INTERPOL dismantles 20,000+ malicious IPs in major cybercrime crackdown

Security Affairs

JUNE 11, 2025

said Neal Jetton, INTERPOL’s Director of Cybercrime. Operation Secure has once again shown the power of intelligence sharing in disrupting malicious infrastructure and preventing large-scale harm to both individuals and businesses.”

Cybercrime

Cybercrime Data collection Scams Cyber threats

Leader of Qakbot cybercrime network indicted in U.S. crackdown

Security Affairs

MAY 24, 2025

Justice Department filed a civil forfeiture complaint to seize over $24M in crypto from Gallyamov, part of a multinational cybercrime crackdown. “These actions are the latest step in an ongoing multinational effort by the United States, France, Germany, the Netherlands, Denmark, the United Kingdom, and Canada to combat cybercrime.”

Cybercrime

Cybercrime Cryptocurrency Ransomware Malware

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Silent Push said Araneida is being advertised by an eponymous user on multiple cybercrime forums. Araneida Scanner’s Telegram channel bragging about how customers are using the service for cybercrime. The service’s Telegram channel boasts nearly 500 subscribers and explains how to use the tool for malicious purposes.

Hacking

Hacking Cybercrime Advertising Data breaches

U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation

The Hacker News

MAY 23, 2025

Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and unsealed charges against 16 individuals for their alleged involvement in the development and deployment of the malware, which it said was controlled by a Russia-based cybercrime organization.

Cybercrime

Cybercrime Malware

GUESST ESSAY: Cybercrime for hire: small businesses are the new bullseye of the Dark Web

The Last Watchdog

MAY 15, 2025

And thanks to an explosion of inexpensive cybercrime-as-a-service offerings on the dark web, launching an attack is easier and cheaper than ever. Cybercrime industrialized The dark web has become a marketplace where bad actors can buy tools and access with the ease of shopping for software.

Small Business

Small Business Cybercrime Cyber Insurance Phishing

BreachForums Crackdown: 5 Arrested in International Cybercrime Operation

SecureWorld News

JUNE 26, 2025

The suspects, all French nationals, were detained during coordinated raids conducted by the Cybercrime Brigade of the Paris Police headquarters in Hauts-de-Seine, Seine-Maritime, and Réunion. A global threat, a global response The arrests also underscore a shift in the geography of cybercrime.

Cybercrime

Cybercrime Identity Theft Social Engineering Data breaches

U.S. Offered $10M for Hacker Just Arrested by Russia

Krebs on Security

DECEMBER 4, 2024

Matveev’s hacker identities were remarkably open and talkative on numerous cybercrime forums. image: x.com/vxunderground The golden rule of cybercrime in Russia has always been that as long as you never hack, extort or steal from Russian citizens or companies, you have little to fear of arrest. “Mother Russia will help you.

Cybercrime

Cybercrime Ransomware Cryptocurrency Government

Pakistan Arrests 21 in ‘Heartsender’ Malware Service

Krebs on Security

MAY 28, 2025

This wasnt just a scam operation – it was essentially a cybercrime university that empowered fraudsters globally, NCCIA Director Abdul Ghaffar said at a press briefing. Prior to folding their operations behind WeCodeSolutions, Shahzad and others arrested this month operated as a web hosting group calling itself The Manipulaters.

Malware

Malware Cybercrime Antivirus Scams

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. Intel471 finds the user FlorainN registered across multiple cybercrime forums using the email address olivia.messla@outlook.de.

eCommerce

eCommerce Cybercrime Accountability Hacking

Oops: DanaBot Malware Devs Infected Their Own PCs

Krebs on Security

MAY 22, 2025

government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot , a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018.

Malware

Malware Cybercrime Government Banking

How Cryptocurrency Turns to Cash in Russian Banks

Krebs on Security

DECEMBER 11, 2024

A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. wtf, and PQHosting ; -sites selling aged email, financial, or social media accounts, such as verif[.]work com and rdp[.]monster;

Cryptocurrency

Cryptocurrency Banking Cybercrime Advertising

Happy 15th Anniversary, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2024

Maybe it’s indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024’s most engrossing security stories were about bad things happening to bad guys. Image: Shutterstock, Dreamansions. KrebsOnSecurity.com turns 15 years old today!

Scams

Scams Cybercrime Cryptocurrency Social Engineering

Fintech Giant Finastra Investigating Data Breach

Krebs on Security

NOVEMBER 19, 2024

8, a cybercriminal using the nickname “ abyss0 ” posted on the English-language cybercrime community BreachForums that they’d stolen files belonging to some of Finastra’s largest banking clients. Importantly, for any customers who are deemed to be affected, we will be reaching out and working with them directly.”

Data breaches

Data breaches Banking Cybercrime Advertising

British Hacker ‘IntelBroker’ Charged in $25M Cybercrime Case, US Seeks Extradition

Tech Republic Security

JUNE 27, 2025

Please enable cookies. Sorry, you have been blocked You are unable to access techrepublic.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution.

Cybercrime

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016.

Cybercrime

Cybercrime Cryptocurrency Banking Accountability

Global Crackdown: DoJ Seizes Crypting Services in Major Cybercrime Bust

Penetration Testing

JUNE 2, 2025

The DOJ, with international partners, seized four domains providing crypting services to cybercriminals, hindering malware attacks in a global operation.

Cybercrime

Cybercrime Malware Ransomware Cybersecurity

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

We’ll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the world’s most visited travel website. A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans. A full, defanged list of domains is available here.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Last year, the French security firm Intrinsec detailed Prospero’s connections to bulletproof services advertised on Russian cybercrime forums under the names Securehost and BEARHOST. The bulletproof hosting provider BEARHOST. This screenshot has been machine-translated from Russian. Image: Ke-la.com.

Malware

Malware Antivirus DDOS Software

Operation Heart Blocker: International Police Disrupt Phishing Network

SecureWorld News

FEBRUARY 3, 2025

In a significant victory against cybercrime, U.S. Cybercrime as a service: an evolving threat As cybercriminals continue to develop more sophisticated and accessible tools, law enforcement agencies worldwide are struggling to keep pace. For every criminal group disrupted, multiple others remain active or emerge to take their place."

Phishing

Phishing Cybercrime Scams Authentication

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

Shefel claims the true mastermind behind the Target and other retail breaches was Dmitri Golubov , an infamous Ukrainian hacker known as the co-founder of Carderplanet, among the earliest Russian-language cybercrime forums focused on payment card fraud. “I’m also godfather of his second son.”

Advertising

Advertising Retail Cryptocurrency Cybercrime

Alleged ‘Scattered Spider’ Member Extradited to U.S.

Krebs on Security

APRIL 30, 2025

A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. Tyler Buchanan, being escorted by Spanish police at the airport in Palma de Mallorca in June 2024.

Identity Theft

Identity Theft Phishing Cryptocurrency Cybercrime

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Krebs on Security

MAY 29, 2025

ISPs, and that Ivan Neculiti for many years sold “bulletproof” hosting services that told Russian cybercrime forum customers they would proudly ignore any abuse complaints or police inquiries. The homepage of Stark Industries Solutions.

Scams

Scams Internet Internet Cybercrime

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

One English-speaking cybercriminal who goes by the nicknames “ Pwnstar ” and “ Pwnipotent ” has been selling fake EDR services on both Russian-language and English cybercrime forums. “I cannot 100% guarantee every order will go through,” Pwnstar explained. ” An ad from Pwnstar for fake EDR services.

Hacking

Hacking Accountability Government Social Engineering

BreachForums broken up? French police arrest five members of notorious cybercrime site

Graham Cluley

JUNE 28, 2025

Suspected high-ranking members of one of the world's largest online marketplaces for leaked data have been arrested by French police. Read more in my article on the Hot for Security blog.

Cybercrime

Cybercrime Data breaches

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Security Affairs

OCTOBER 14, 2024

Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. These are two of the largest and longest-running dark web platforms for the trade of illegal goods, drugs, and cybercrime services.

Marketing

Marketing Cybercrime DDOS Cryptocurrency

Operation ENDGAME disrupted global ransomware infrastructure

Security Affairs

MAY 25, 2025

. “A Command Post was set up at Europol headquarters in The Hague during the action week, with investigators from Canada, Denmark, France, Germany, the Netherlands, the United Kingdom and the United States working with Europols European Cybercrime Centre and its Joint Cybercrime Action Taskforce.”

Ransomware

Ransomware Cybercrime Malware Cryptocurrency

CAPTCHA Trap: Fake Verification Unleashes Lumma Stealer on Unsuspecting Users

Penetration Testing

MAY 12, 2025

Sophos X-Ops has uncovered a cunning cybercrime campaign using fake CAPTCHA pages to trick users into running PowerShell The post CAPTCHA Trap: Fake Verification Unleashes Lumma Stealer on Unsuspecting Users appeared first on Daily CyberSecurity.

Cybercrime

Cybercrime Cybersecurity Social Engineering Engineering

Police took down several popular counter-antivirus (CAV) services, including AvCheck

Security Affairs

JUNE 2, 2025

Department of Justice has dismantled an online cybercrime syndicate that provided encryption services to help malware evade detection. This helps them launch stealthy attacks and gain access to victims systems without being noticed, making these services a key tool in the cybercrime ecosystem. net, Cryptor[.]biz, biz, and Crypt[.]guru.

Antivirus

Antivirus Cybercrime Malware Firewall

Change Healthcare data breach impacted over 100 million people

Security Affairs

OCTOBER 25, 2024

“Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat.” However, after a $22 million transaction, an affiliate publicly complained on a Russian cybercrime forum, alleging that BlackCat did not pay their fee.

Data breaches

Data breaches Healthcare Cybercrime Insurance

FBI Warns of Scattered Spider's Expanding Attacks on Airlines Using Social Engineering

The Hacker News

JUNE 28, 2025

Federal Bureau of Investigation (FBI) has revealed that it has observed the notorious cybercrime group Scattered Spider broadening its targeting footprint to strike the airline sector. To that end, the agency said it's actively working with aviation and industry partners to combat the activity and help victims.

Social Engineering

Social Engineering Engineering Cybercrime

Qilin ransomware gang now offers a “Call Lawyer” feature to pressure victims

Security Affairs

JUNE 22, 2025

This move, reported by cybersecurity firm Cybereason, shows Qilin stepping up its operations and trying to take over space left by rival cybercrime groups. With advanced tools, legal help, spam services, and massive data storage, it’s positioning itself as a full-service cybercrime platform.

Ransomware

Ransomware DDOS Cybercrime Healthcare

Google Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance Firms

The Hacker News

JUNE 17, 2025

The notorious cybercrime group known as Scattered Spider (aka UNC3944) that recently targeted various U.K. retailers has begun to target major insurance companies, according to Google Threat Intelligence Group (GTIG). Google Threat Intelligence Group is now aware of multiple intrusions in the U.S.

Insurance

Insurance Retail Cybercrime

Moldovan Police arrested a 45-year-old foreign man participating in ransomware attacks on Dutch companies

Security Affairs

MAY 13, 2025

He is internationally wanted for multiple cybercrime, including ransomware attacks, blackmail, and money laundering, targeting Dutch companies. “He is wanted internationally for committing several cybercrimes (ransomware attacks, blackmail, and money laundering) against companies based in the Netherlands.” million euros.”

Ransomware

Ransomware Cybercrime Malware Banking

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Security Affairs

JUNE 26, 2025

seeking extradition for cybercrimes. The case is led by the Complex Frauds and Cybercrime Unit, with prosecution by Assistant U.S. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime) Kai West (25), a British national, has been charged in the U.S.

Cybercrime

Cybercrime Hacking Healthcare Accountability

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

The Last Watchdog

FEBRUARY 4, 2025

“SpyCloud has a long history of leading the way in understanding the cybercrime ecosystem, from our early days in world-class ATO prevention to continuing to build solutions that empower organizations to proactively protect against threats stemming from infostealer malware, phished and breach data.

Cybercrime

Cybercrime Phishing Accountability Malware

Operation PowerOFF took down 27 DDoS platforms across 15 countries

Security Affairs

DECEMBER 12, 2024

Law enforcement globally targets these services to combat cybercrime. The police are taking tough action against cybercrime, in whatever form. Booter and stresser services are platforms that enable Distributed Denial-of-Service (DDoS) attacks by overwhelming targets with traffic. The police are also present on the web.”

DDOS

DDOS Cybercrime Marketing Hacking

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Krebs on Security

OCTOBER 17, 2024

AnonSudan ), a cybercrime business known for launching powerful distributed denial-of-service (DDoS) attacks against a range of targets, including dozens of hospitals, news websites and cloud providers. government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a.

DDOS

DDOS Government Internet Internet

Why Phishers Love New TLDs Like.shop,top and.xyz

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Trending Sources

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Evolving Cybercrime: Inside the Russian-Speaking Underground

EDR-as-a-Service makes the headlines in the cybercrime landscape

Cybercrime is surging across Africa

CrowdStrike 2025 Global Threat Report: 51-Second Breaches Shake Cybercrime

Operation Secure: INTERPOL dismantles 20,000+ malicious IPs in major cybercrime crackdown

Leader of Qakbot cybercrime network indicted in U.S. crackdown

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation

GUESST ESSAY: Cybercrime for hire: small businesses are the new bullseye of the Dark Web

BreachForums Crackdown: 5 Arrested in International Cybercrime Operation

U.S. Offered $10M for Hacker Just Arrested by Russia

Pakistan Arrests 21 in ‘Heartsender’ Malware Service

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Oops: DanaBot Malware Devs Infected Their Own PCs

How Cryptocurrency Turns to Cash in Russian Banks

Happy 15th Anniversary, KrebsOnSecurity!

Fintech Giant Finastra Investigating Data Breach

British Hacker ‘IntelBroker’ Charged in $25M Cybercrime Case, US Seeks Extradition

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Global Crackdown: DoJ Seizes Crypting Services in Major Cybercrime Bust

Booking.com Phishers May Leave You With Reservations

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Operation Heart Blocker: International Police Disrupt Phishing Network

An Interview With the Target & Home Depot Hacker

Alleged ‘Scattered Spider’ Member Extradited to U.S.

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

FBI: Spike in Hacked Police Emails, Fake Subpoenas

BreachForums broken up? French police arrest five members of notorious cybercrime site

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Operation ENDGAME disrupted global ransomware infrastructure

CAPTCHA Trap: Fake Verification Unleashes Lumma Stealer on Unsuspecting Users

Police took down several popular counter-antivirus (CAV) services, including AvCheck

Change Healthcare data breach impacted over 100 million people

FBI Warns of Scattered Spider's Expanding Attacks on Airlines Using Social Engineering

Qilin ransomware gang now offers a “Call Lawyer” feature to pressure victims

Google Warns of Scattered Spider Attacks Targeting IT Support Teams at U.S. Insurance Firms

Moldovan Police arrested a 45-year-old foreign man participating in ransomware attacks on Dutch companies

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

Operation PowerOFF took down 27 DDoS platforms across 15 countries

Sudanese Brothers Arrested in ‘AnonSudan’ Takedown

Stay Connected