Cybercrime and Download - Cyber Security Informer

The Funnel of Justice: Why U.K. Cybercrime Victims Are Left Behind

SecureWorld News

NOVEMBER 29, 2024

New Insights from The Cyber Helpline reveal a shocking gap in the justice system for cybercrime victims in the U.K. Download the full report or a snapshot. Underreporting: Only 36% of cybercrime victims report incidents to the police, compared to 79% of victims of offline crimes.

Cybercrime

Cybercrime Technology

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by IntelBroker on a cybercrime forum was stolen from its DevHub environment. for customers to use as needed.

Cybercrime

Cybercrime Data breaches Technology Banking

Leader of Qakbot cybercrime network indicted in U.S. crackdown

Security Affairs

MAY 24, 2025

Justice Department filed a civil forfeiture complaint to seize over $24M in crypto from Gallyamov, part of a multinational cybercrime crackdown. “These actions are the latest step in an ongoing multinational effort by the United States, France, Germany, the Netherlands, Denmark, the United Kingdom, and Canada to combat cybercrime.”

Cybercrime

Cybercrime Cryptocurrency Ransomware Malware

UK Ad Campaign Seeks to Deter Cybercrime

Krebs on Security

MAY 28, 2020

The United Kingdom’s anti-cybercrime agency is running online ads aimed at young people who search the Web for services that enable computer crimes, specifically trojan horse programs and DDoS-for-hire services. law enforcement agents in connection with various cybercrime investigations. FLATTENING THE CURVE.

Cybercrime

Cybercrime DDOS Advertising Hacking

The Silent Breach: How E-Waste Fuels Cybercrime

SecureWorld News

MARCH 27, 2025

In today's digital world, cybercrime is a threat to our private data and security. And with Americans owning an average of 24 electronic items in their homes , neglecting to dispose of these items correctly is putting individuals at significant risk of cybercrime. What is cybercrime?

Cybercrime

Cybercrime Computers and Electronics Firewall Hacking

FBI Hacker Dropped Stolen Airbus Data on 9/11

Krebs on Security

SEPTEMBER 13, 2023

The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold. In a post on the English language cybercrime forum BreachForums , USDoD leaked information on roughly 3,200 Airbus vendors, including names, addresses, phone numbers, and email addresses. But on Sept. But on Sept.

Cybercrime

Cybercrime Passwords Authentication Malware

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

Security Affairs

OCTOBER 3, 2023

Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023. Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. BunnyLoader v1.7

Advertising

Advertising Cybercrime Malware Cryptocurrency

Threat actors use fake AI tools to deliver the information stealer Noodlophile

Security Affairs

MAY 12, 2025

Users seeking free AI video tools unknowingly download Noodlophile Stealer, a new malware that steals browser credentials, crypto wallets, and may install remote access trojans like XWorm. Noodlophile is being sold on cybercrime forums as part of malware-as-a-service schemes, often bundled with tools for credential theft.

Malware

Malware Media Cybercrime Scams

U.S. Indicts North Korean Hackers in Theft of $200 Million

Krebs on Security

FEBRUARY 17, 2021

The Justice Department says those indicted were members of a DPRK-sponsored cybercrime group variously identified by the security community as the Lazarus Group and Advanced Persistent Threat 38 (APT 38). In reality, prosecutors say, the programs were malware or downloaded malware after the applications were installed.

Cryptocurrency

Cryptocurrency Financial Services Banking Government

Member of cybercrime group Karakurt charged in the US

Security Affairs

AUGUST 23, 2024

court for his role in the Karakurt cybercrime gang. court for his role in the Russian Karakurt cybercrime gang. “Among other things, the Russian cybercrime group steals victim data and threatens to release it unless the victim pays ransom in cryptocurrency. . ” reads the press release published by DoJ.

Cybercrime

Cybercrime Cryptocurrency VPN Hacking

Russian group RomCom exploited Firefox and Tor Browser zero-days to target attacks Europe and North America

Security Affairs

NOVEMBER 27, 2024

Russian-based cybercrime group RomCom (aka UAT-5647 , Storm-0978 , Tropical Scorpius , UAC-0180, UNC2596 ) exploited two Firefox and Tor Browser zero-day vulnerabilities in recent attacks on users across Europe and North America. . This leads to downloading and executing the RomCom backdoor from C2 servers like journalctd[.]live,

Cybercrime

Cybercrime Hacking Government Information Security

Internet Archive was breached twice in a month

Security Affairs

OCTOBER 21, 2024

This file contained an authentication token that allowed the attacker to download the Internet Archive’s source code, which included additional credentials and tokens. This allowed the threat actor to download the organization’s user database, further source code, and modify the site.

Internet

Internet Internet Data breaches Authentication

Russian Hacker “Wazawaka” Indicted for Ransomware

Krebs on Security

MAY 16, 2023

In a January 2021 discussion on a top Russian cybercrime forum, Matveev’s alleged alter ego Wazawaka said he had no plans to leave the protection of “Mother Russia,” and that traveling abroad was not an option for him. “Mother Russia will help you,” Wazawaka concluded. 17, 1992). .” 17, 1992).

Ransomware

Ransomware Cybercrime Healthcare VPN

Arrest, Seizures Tied to Netwalker Ransomware

Krebs on Security

JANUARY 27, 2021

and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. The following advertisement (translated into English by cybersecurity firm Intel 471 ) was posted by the NetWalker affiliate program manager last year to a top cybercrime forum.

Ransomware

Ransomware Cybercrime Antivirus Encryption

Macs targeted by info stealers in new era of cyberthreats

Malwarebytes

FEBRUARY 19, 2025

But over time, the developers behind TrickBot began adding alarming new features, including the capabilities to steal Outlook credentials, disable Windows Defender, and even to download and deliver additional, separate malware onto infected devices. But in the world of cybercrime, malware features only mean so much.

Malware

Malware Software Passwords Cryptocurrency

FBI warns of malicious free online document converters spreading malware

Security Affairs

MARCH 24, 2025

” Fake file converters and download tools may perform advertised tasks but can provide resulting files containing hidden malware, giving criminals access to victims’ devices. “To conduct this scheme, cyber criminals across the globe are using any type of free document converter or downloader tool. .

Malware

Malware Identity Theft Scams Antivirus

More on the SolarWinds Breach

Schneier on Security

DECEMBER 17, 2020

About 18,000 private and government users downloaded a Russian tainted software update – a Trojan horse of sorts – that gave its hackers a foothold into victims’ systems, according to SolarWinds, the company whose software was compromised. The New York Times has more details. law enforcement agencies.

Software

Software Passwords Cybercrime Government

No, I Did Not Hack Your MS Exchange Server

Krebs on Security

MARCH 28, 2021

“web shells”) that various cybercrime groups worldwide have been using to commandeer any unpatched Exchange servers. But Watson said they don’t know how many of those systems also ran the secondary download from the rogue Krebsonsecurity domain. Just my Social Security number. I’d been doxed via DNS.

Hacking

Hacking Cybercrime DNS Antivirus

PLAYFULGHOST backdoor supports multiple information stealing features

Security Affairs

JANUARY 5, 2025

The backdoor is distributed through: Phishing emails with themes such as code of conduct to trick users into downloading the malware. Upon executing the archive, it drops a malicious Windows executable, which eventually downloads and executesthe PLAYFULGHOST payloadfrom a remote server. sys driver.

Malware

Malware Phishing Encryption Hacking

Crooks use a fake antivirus site to spread Venom RAT and a mix of malware

Security Affairs

MAY 28, 2025

Researchers found a fake Bitdefender site spreading the Venom RAT by tricking users into downloading it as antivirus software. DomainTools Intelligence (DTI) researchers warn of a malicious campaign using a fake website (bitdefender-download[.]com)

Antivirus

Antivirus Malware Banking Cryptocurrency

BadBox 2.0 botnet infects millions of IoT devices worldwide, FBI warns

Security Affairs

JUNE 9, 2025

Cyber criminals gain unauthorized access to home networks by either configuring the product with malicious software prior to the users purchase or infecting the device as it downloads required applications that contain backdoors, usually during the set-up process. 3 ” reads the alert published by the FBI. ” BADBOX 2.0

IoT

IoT Internet Internet Advertising

Russia-linked Gamaredon targets Ukraine with Remcos RAT

Security Affairs

MARCH 31, 2025

Russia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. The threat actor is using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Talos researchers warn that Russia-linked APT group Gamaredon (a.k.a.

Phishing

Phishing Antivirus Encryption Hacking

MUT-1244 Campaign Steals Hundreds of Thousands of WordPress Credentials and More

SecureWorld News

DECEMBER 17, 2024

Researchers at Datadog Security Labs have uncovered a year-long, large-scale cybercrime campaign by a threat actor tracked as MUT-1244. By downloading and running this code, victims essentially infected themselves." Simultaneously, a phishing campaign tricked targets into installing a fake kernel update.

Phishing

Phishing Threat Detection Social Engineering Cybercrime

Zxyel Flaw Powers New Mirai IoT Botnet Strain

Krebs on Security

MARCH 20, 2020

This week, security researchers said they spotted that same vulnerability being exploited by a new variant of Mirai , a malware strain that targets vulnerable Internet of Things (IoT) devices for use in large-scale attacks and as proxies for other cybercrime activity. which boasts some 100 million devices deployed worldwide.

IoT

IoT DDOS Firewall VPN

Open Source Pwned Passwords with FBI Feed and 225M New NCA Passwords is Now Live!

Troy Hunt

DECEMBER 19, 2021

225M More Passwords From the NCA The UK's National Crime Agency has done some wonderful work over the years to combat cybercrime. I used to show a short video of theirs at the beginning of many of my talks; it's titled Teenage Cybercrime: Help your child make the right choices and it formed part of their #CyberChoices campaign.

Passwords

Passwords Cybercrime Accountability Risk

New HijackLoader malware is rapidly growing in popularity in the cybercrime community

Security Affairs

SEPTEMBER 11, 2023

The loader determines if the final payload has been embedded in the binary or if it has to download it from an external server. The malware maintains persistence by creating a shortcut file (LNK) in the Windows Startup folder and pointing it to a Background Intelligent Transfer Service (BITS) job that points to the executable file.

Cybercrime

Cybercrime Malware Hacking Information Security

Ukrainian Police Nab Six Tied to CLOP Ransomware

Krebs on Security

JUNE 16, 2021

Terabytes of documents and files stolen from victim organizations that have not paid a data ransom are now available for download from CLOP’s deep web site, including Stanford, UCLA and the University of Maryland. CLOP’s victim shaming blog on the deep web.

Ransomware

Ransomware Cybercrime Malware Encryption

Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers

Security Affairs

JUNE 19, 2025

“Since March 2025, Check Point Research has been tracking malicious GitHub repositories targeting Minecraft users with an undetected Java downloader.” Upon launching the game, the fake mod downloads a second-stage stealer, which then fetches an additional.NET-based stealer.

Malware

Malware VPN Cyber threats Hacking

SpyLend Android malware found on Google Play enabled financial cyber crime and extortion

Security Affairs

FEBRUARY 24, 2025

CYFIRMA researchers discovered that the SpyLend Android malware was downloaded 100,000 times from the official app store Google Play. The Finance Simplified app is still available on Google Play at the time of this reports publication, with downloads doubling to 100,000 in a week. ” reads the report published by CYFIRMA.

Malware

Malware Marketing Hacking Mobile

Cisco states that the second data leak is linked to the one from October

Security Affairs

DECEMBER 30, 2024

In October 2024, Cisco confirmed that the data posted by the notorious threat actor IntelBroker on a cybercrime forum was stolen from its DevHub environment. At this stage in our investigation, we have determined that a small number of files that were not authorized for public download may have been published.

Data breaches

Data breaches Cybercrime Authentication Technology

Malicious npm packages target Ethereum developers

Security Affairs

JANUARY 4, 2025

The campaign is still ongoing and the malicious packages collectively totaled more than one thousand downloads. The attack has led to the identification of 20 malicious packages published by three primary authors, with the most downloaded package, @nomicsfoundation/sdk-test , accumulating 1,092 downloads.”

Encryption

Encryption Hacking Cybercrime Information Security

When Efforts to Contain a Data Breach Backfire

Krebs on Security

AUGUST 16, 2022

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. The administrator responded to this empty threat by purchasing the stolen banking data and leaking it on the forum for everyone to download.

Data breaches

Data breaches Banking Cybercrime Marketing

DragonForce operator chained SimpleHelp flaws to target an MSP and its customers

Security Affairs

MAY 27, 2025

The first vulnerability, CVE-2024-57727 (CVSS score of 7.5), is an unauthenticated path traversal issue allowing attackers to download arbitrary files from the server. Attackers could download files, upload files with admin privileges, and escalate their access to an administrative level on vulnerable servers.

Ransomware

Ransomware Software Retail Data breaches

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

But judging from the proliferation of help-wanted ads for offensive pentesters in the cybercrime underground, today’s attackers have exactly zero trouble gaining that initial intrusion: The real challenge seems to be hiring enough people to help everyone profit from the access already gained. THE DOCTOR IS IN.

Cybercrime

Cybercrime Penetration Testing Malware Ransomware

Processing 23 Billion Rows of ALIEN TXTBASE Stealer Logs

Troy Hunt

FEBRUARY 25, 2025

This is just one of many channels involved in cybercrime, but it's noteworthy due to the huge amount of freely accessible data. Alice downloaded, onto her personal laptop, a version of Notepad++ from a website she believed to be legitimate.

Passwords

Passwords Accountability VPN Malware

New MassJacker clipper targets pirated software seekers

Security Affairs

MARCH 15, 2025

The attack involves executing a cmd script followed by a PowerShell script, which downloads three executables, including the Amadey botnet and two.NET executables (32-bit and 64-bit). The malware, dubbed PackerE, downloads an encrypted DLL (PackerD1) that employs multiple anti-analysis techniques.

Software

Software Cryptocurrency Malware Encryption

The popular xrpl.js Ripple cryptocurrency library was compromised in a supply chain attack

Security Affairs

APRIL 23, 2025

is the recommended library for integrating a JavaScript/TypeScript app with the XRP, it has more than 140.000 weekly downloads. Hundreds of thousands of applications and websites use this package, the package has been downloaded over 2.9 It is the official SDK for the XRP Ledger, with more than 140.000 weekly downloads.”

Cryptocurrency

Cryptocurrency Malware Hacking Risk

Secret Service Investigates Breach at U.S. Govt IT Contractor

Krebs on Security

SEPTEMBER 9, 2019

Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. In mid-August, a member of a popular Russian-language cybercrime forum offered to sell access to the internal network of a U.S.

Cybercrime

Cybercrime Government Data collection Internet

The source code of Banshee Stealer leaked online

Security Affairs

NOVEMBER 26, 2024

We’ve archived the leak and made it available for download on GitHub.” We've archived the leak and made it available for download on GitHub. ” Yesterday Banshee Stealer, the MacOS-based Malware-as-a-Service infostealer, had their source code leaked online.

Malware

Malware Cryptocurrency Encryption Hacking

Fake AI Video Tools Spreading New “Noodlophile” Malware, Targets Thousands on Facebook

eSecurity Planet

MAY 11, 2025

Technical support consultant using programming to upgrade artificial intelligence simulation model As AI tools boom in popularity, cyberthieves are exploiting the excitement with fake AI video editing platforms that lure users into downloading malware. Document.docx: A disguised batch file that downloads more malware.

Malware

Malware Scams Media Artificial Intelligence

Russia-linked group Nebulous Mantis targets NATO-related defense organizations

Security Affairs

APRIL 30, 2025

” Nebulous Mantis imitates trusted services like OneDrive to trick victims into downloading infected files, often hosted on Mediafire. Post-infection, a fake PDF triggers an EXE that checks for sandbox evasion markers before downloading further payloads like Keyprov.dll. The APT group uses RomCom malware in multi-stage attacks.

Encryption

Encryption Ransomware Malware Phishing

Alleged Extortioner of Psychotherapy Patients Faces Trial

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime

Cybercrime Hacking Data breaches Banking

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Researchers at AT&T Alien Labs say the crooks responsible for maintaining the QakBot botnet have rented their creation to various cybercrime groups over the years.

Hacking

Hacking Malware Ransomware Government

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

One of Megatraffer’s ads on an English-language cybercrime forum. Megatraffer has continued to offer their code-signing services across more than a half-dozen other Russian-language cybercrime forums, mostly in the form of sporadically available EV and non-EV code-signing certificates from major vendors like Thawte and Comodo.

Malware

Malware Cybercrime Antivirus Software

The Funnel of Justice: Why U.K. Cybercrime Victims Are Left Behind

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Trending Sources

Leader of Qakbot cybercrime network indicted in U.S. crackdown

UK Ad Campaign Seeks to Deter Cybercrime

The Silent Breach: How E-Waste Fuels Cybercrime

FBI Hacker Dropped Stolen Airbus Data on 9/11

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

Threat actors use fake AI tools to deliver the information stealer Noodlophile

U.S. Indicts North Korean Hackers in Theft of $200 Million

Member of cybercrime group Karakurt charged in the US

Russian group RomCom exploited Firefox and Tor Browser zero-days to target attacks Europe and North America

Internet Archive was breached twice in a month

Russian Hacker “Wazawaka” Indicted for Ransomware

Arrest, Seizures Tied to Netwalker Ransomware

Macs targeted by info stealers in new era of cyberthreats

FBI warns of malicious free online document converters spreading malware

More on the SolarWinds Breach

No, I Did Not Hack Your MS Exchange Server

PLAYFULGHOST backdoor supports multiple information stealing features

Crooks use a fake antivirus site to spread Venom RAT and a mix of malware

BadBox 2.0 botnet infects millions of IoT devices worldwide, FBI warns

Russia-linked Gamaredon targets Ukraine with Remcos RAT

MUT-1244 Campaign Steals Hundreds of Thousands of WordPress Credentials and More

Zxyel Flaw Powers New Mirai IoT Botnet Strain

Open Source Pwned Passwords with FBI Feed and 225M New NCA Passwords is Now Live!

New HijackLoader malware is rapidly growing in popularity in the cybercrime community

Ukrainian Police Nab Six Tied to CLOP Ransomware

Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers

SpyLend Android malware found on Google Play enabled financial cyber crime and extortion

Cisco states that the second data leak is linked to the one from October

Malicious npm packages target Ethereum developers

When Efforts to Contain a Data Breach Backfire

DragonForce operator chained SimpleHelp flaws to target an MSP and its customers

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Processing 23 Billion Rows of ALIEN TXTBASE Stealer Logs

New MassJacker clipper targets pirated software seekers

The popular xrpl.js Ripple cryptocurrency library was compromised in a supply chain attack

Secret Service Investigates Breach at U.S. Govt IT Contractor

The source code of Banshee Stealer leaked online

Fake AI Video Tools Spreading New “Noodlophile” Malware, Targets Thousands on Facebook

Russia-linked group Nebulous Mantis targets NATO-related defense organizations

Alleged Extortioner of Psychotherapy Patients Faces Trial

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Stay Connected