Krebs on Security

JUNE 15, 2021

Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. Alla Witte’s personal website — allawitte[.]nl

Cybercrime 358

Cybercrime Ransomware Passwords Banking 358

Security Affairs

JANUARY 14, 2025

The FBI has removed Chinese PlugX malware from over 4,200 computers in networks across the United States, the U.S. The Justice Department and FBI, along with international partners, announced they deleted PlugX malware from thousands of infected computers worldwide as part of a multi-month law enforcement operation.

Malware 122

Malware Government Hacking Cybersecurity 122

Security Affairs

NOVEMBER 21, 2024

Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. The authorities launched an investigation after the ransomware gang Ransomhub claimed the attack and published samples of personal information from a database of government.

Government 144

Government Hacking Ransomware Insurance 144

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. io , and rdp[.]sh. Meanwhile, a LinkedIn profile for a Florian M. lol and nulled[.]it.

eCommerce 216

eCommerce Cybercrime Accountability Passwords 216

Security Affairs

MAY 4, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape io_uring Is Back, This Time as a Rootkit I StealC You: Tracking the Rapid Changes To StealC Interesting WordPress Malware Disguised as Legitimate Anti-Malware Plugin Using Trusted Protocols Against You: Gmail as a C2 (..)

Malware 82

Malware Cybercrime Government Hacking 82

Security Affairs

MAY 3, 2025

The Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State. The Rhysida ransomware gang claims responsibility for hacking the Government of Peru, breaching Gob.pe, which is the country’s official digital platform.

Government 126

Government Ransomware Hacking Manufacturing 126

The Last Watchdog

APRIL 7, 2025

Despite advanced AI detection and telemetry analysis offered in todays EDR solutions, modern infostealer malware is designed to evade even the most sophisticated defenses, using tactics like polymorphic malware, memory-only execution, and exploitation of zero-day vulnerabilities or outdated software.

Antivirus 113

Antivirus Malware Cybercrime Identity Theft 113

Krebs on Security

NOVEMBER 14, 2024

Shefel claims the true mastermind behind the Target and other retail breaches was Dmitri Golubov , an infamous Ukrainian hacker known as the co-founder of Carderplanet, among the earliest Russian-language cybercrime forums focused on payment card fraud. net that paid people to click on ads for Russian government employment opportunities.

Retail 273

Retail Advertising Cryptocurrency Marketing 273

Security Affairs

APRIL 21, 2025

Russia-linked group APT29 targeted diplomatic entities across Europe with a new malware loader codenamed GRAPELOADER. The phishing emails either led to malware delivery via GRAPELOADER or redirected to the Ministry’s real website to appear legitimate. The malware is highly targeted and leaves no traces of the next-stage payload.

Malware 107

Malware Phishing Encryption Hacking 107

Security Affairs

OCTOBER 20, 2024

CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog North Korea-linked APT37 exploited IE zero-day in a recent attack Omni Family Health data breach impacts 468,344 individuals Iran-linked actors target critical infrastructure organizations macOS HM Surf flaw in TCC allows bypass Safari privacy settings Two Sudanese (..)

Data breaches 118

Data breaches Cybercrime Cyber Insurance Marketing 118

The Last Watchdog

FEBRUARY 4, 2025

Malware reverse engineering to combat ransomware: SpyCloud specializes in the tracking and analyzing of malware with deep insights into pervasive infostealers such as Lumma C2 , Redline Stealer, Vidar, and more as they are often a precursor to ransomware.

Cybercrime 124

Cybercrime Phishing Accountability Malware 124

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. MrMurza’s Faceless advertised on the Russian-language cybercrime forum ProCrd. Image: spur.us. In 2013, U.S.

Malware 303

Malware Passwords Accountability Advertising 303

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Qakbot/Qbot was once again the top malware loader observed in the wild in the first six months of 2023.

Hacking 313

Hacking Malware Ransomware Government 313

Krebs on Security

SEPTEMBER 13, 2023

The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold. In a post on the English language cybercrime forum BreachForums , USDoD leaked information on roughly 3,200 Airbus vendors, including names, addresses, phone numbers, and email addresses. government inboxes.

Cybercrime 343

Cybercrime Passwords Authentication Malware 343

Krebs on Security

FEBRUARY 17, 2021

The Justice Department says those indicted were members of a DPRK-sponsored cybercrime group variously identified by the security community as the Lazarus Group and Advanced Persistent Threat 38 (APT 38). In reality, prosecutors say, the programs were malware or downloaded malware after the applications were installed.

Cryptocurrency 343

Cryptocurrency Financial Services Banking Government 343

Security Affairs

MARCH 18, 2025

Trend ZDI researchers discovered 1,000 malicious.lnk files used by nation-state actors and cybercrime groups to execute hidden malicious commands on a victims machine by exploiting the vulnerability ZDI-CAN-25373. Since 2017, the vulnerability has been exploited by APT groups from North Korea, Iran, Russia, and China.

Cybercrime 70

Cybercrime Telecommunications Government Malware 70

Security Affairs

APRIL 13, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads BadBazaar: iOS and Android Surveillanceware by Chinas APT15 Used to Target Tibetans and Uyghurs GOFFEE continues to attack (..)

Malware 74

Malware Spyware Government Mobile 74

Security Affairs

MARCH 21, 2025

The company exclusively sells exploits to the Russian government and local firms. Law Enforcement and Cybercrime Control Russian authorities may want to monitor criminal organizations, opposition groups, or foreign entities using Telegram. The Russian firm seeks up to $500K for one-click RCE, $1.5M continues the announcement.

Government 144

Government Surveillance Mobile Hacking 144

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 117

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 117

Security Affairs

DECEMBER 1, 2024

By automating the generation of malware variants, attackers can evade detection mechanisms employed by major anti-malware engines. This includes creating tools for offensive purposes, such as malware or scripts designed to exploit vulnerabilities. Another area of concern is the use of GAI to develop malicious code.

Artificial Intelligence 134

Artificial Intelligence Phishing Media Cyber threats 134

Krebs on Security

AUGUST 19, 2021

Apparently now that includes emailing employees directly and asking them to unleash the malware inside their employer’s network in exchange for a percentage of any ransom amount paid by the victim company. Image: Abnormal Security. billion in 2020. Image: FBI. For example, the Lockbit 2.0

Ransomware 363

Ransomware Social Engineering Cybercrime Scams 363

Krebs on Security

OCTOBER 1, 2020

federal government if the crooks who profit from the attack are already under economic sanctions, the Treasury Department warned today. government, they still can be fined either way, said Ginger Faulk , a partner in the Washington, D.C. Image: Shutterstock. jurisdiction) and making it a crime to transact with them.

Ransomware 363

Ransomware Cyber Insurance Insurance Cybercrime 363

Krebs on Security

SEPTEMBER 9, 2019

Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. government IT contractor that does business with more than 20 federal agencies, including several branches of the military.

Cybercrime 277

Cybercrime Government Data collection Internet 277

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Image: treasury.gov.

Ransomware 312

Ransomware Cybercrime Accountability Malware 312

Security Affairs

JANUARY 11, 2025

. “On November 20, 2024, we were notified by a vendor of point-of-sale processing services for some of our retail locations that accounts with their organization had been compromised by an organized cybercrime group.” ” reads the notice of data breach published by the company on its website.

Data breaches 113

Data breaches Retail Cybercrime Government 113

Security Affairs

MARCH 2, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 63

Malware Architecture IoT Ransomware 63

Security Affairs

APRIL 26, 2024

As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new investment opportunities and decentralized transactions. Compromised websites and malware are often at the root of these types of attacks.

Cryptocurrency 130

Cryptocurrency Cybercrime Education Scams 130

Security Affairs

JANUARY 19, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 65

Malware Artificial Intelligence DNS Ransomware 65

Krebs on Security

DECEMBER 16, 2020

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned.

Hacking 362

Hacking Malware Software Cybercrime 362

CyberSecurity Insiders

JANUARY 3, 2023

How to prepare: Governments and enterprise organizations will need to use natural language processing and AI to shift to a more proactive approach to cybersecurity. The use of “wiper” malware will proliferate, erasing data from government and critical infrastructure systems as well as mobile phones.

Technology 135

Technology Cybercrime Artificial Intelligence Government 135

Krebs on Security

DECEMBER 8, 2021

A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. DCReavers2 was just the 22nd account to register on the Darkode cybercrime forum.

Cybercrime 337

Cybercrime Ransomware Accountability Advertising 337

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking 249

Hacking Cybercrime Ransomware Government 249

Krebs on Security

MARCH 16, 2020

Anyone who’s seen the 1984 hit movie Ghostbusters likely recalls the pivotal scene where a government bureaucrat orders the shutdown of the ghost containment unit , effectively unleashing a pent-up phantom menace on New York City. Image: Ghostbusters. Image: Shadowserver.org.

Malware 324

Malware Internet Internet Government 324

SecureWorld News

APRIL 22, 2025

A sophisticated cybercrime campaign, dubbed Elusive Comet , has been uncovered, in which North Korean threat actors are exploiting Zoom's remote control feature to infiltrate the systems of cryptocurrency professionals. During the interview, the attacker requested remote control access to Gallen's computer, which was subsequently granted.

Cryptocurrency 90

Cryptocurrency Social Engineering Cybercrime Engineering 90

Krebs on Security

JANUARY 28, 2022

“ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. One concern about more malware shifting to Rust is that it is considered a much more secure programming language compared to C and C++, writes Catalin Cimpanu for The Record.

Ransomware 337

Ransomware Accountability Cybercrime Malware 337

Security Affairs

JULY 7, 2024

Today marks the launch of the Security Affairs newsletter, specializing in Malware. Each week, it will feature a collection of the best articles and research on malware. This newsletter complements the weekly one you already receive.

Malware 120

Malware Spyware Cybercrime Ransomware 120

The Last Watchdog

MARCH 19, 2025

Attackers now have access to extensive identity data from multiple sourcesincluding data breaches, infostealer malware infections, phishing campaigns, and combolistsposing a challenge for organizations whose security measures have not yet adapted to address the full scope of interconnected identity exposures holistically.

Cyber Risk 113

Cyber Risk Risk Phishing Cybercrime 113