Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft 268

Identity Theft Phishing Cryptocurrency Accountability 268

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. “I wasn’t expected to be approve[d].”

Hacking 363

Hacking Cybercrime Energy and Utilities Accountability 363

Security Affairs

JUNE 7, 2021

Cybercriminals in Russian underground forums have been invited to take part in competitions for hacking cryptocurrency and NFT. Several Russian underground forums have launched competitions for hacking cryptocurrency schema and Non-fungible token (NFT). SecurityAffairs – hacking, cryptocurrency hack). Pierluigi Paganini.

Cryptocurrency 145

Cryptocurrency Cybercrime Hacking Technology 145

Krebs on Security

OCTOBER 17, 2024

AnonSudan ), a cybercrime business known for launching powerful distributed denial-of-service (DDoS) attacks against a range of targets, including dozens of hospitals, news websites and cloud providers. government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a.

DDOS 270

DDOS Government Internet Internet 270

Krebs on Security

JULY 22, 2020

The New York Times last week ran an interview with several young men who claimed to have had direct contact with those involved in last week’s epic hack against Twitter. ” Twice in the past year, the OGUsers forum was hacked , and both times its database of usernames, email addresses and private messages was leaked online.

Hacking 348

Hacking Accountability Scams Media 348

Krebs on Security

FEBRUARY 4, 2021

Facebook told KrebsOnSecurity it seized hundreds of accounts — mainly on Instagram — that have been stolen from legitimate users through a variety of intimidation and harassment tactics, including hacking, coercion, extortion, sextortion , SIM swapping , and swatting. THE MIDDLEMEN. WHAT YOU CAN DO.

Accountability 329

Accountability Hacking Media Mobile 329

Security Affairs

NOVEMBER 25, 2024

Thai authorities arrested members of two Chinese cybercrime organizations, one of these groups carried out SMS blaster attacks. ” An SMS blaster attack is a cyberattack where a large number of malicious or fraudulent SMS messages are sent to mobile devices within a specific area or to a targeted group.

Mobile 126

Mobile Scams Technology Telecommunications 126

Security Affairs

OCTOBER 28, 2024

million mobile and fixed subscribers. Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. Recently, many cybercriminals have been creating profiles shortly before sharing information about hacks, attacks, or data leaks in France.” Free S.A.S.

Cyber Attacks 127

Cyber Attacks Telecommunications Data breaches Banking 127

Security Affairs

MARCH 28, 2025

. “Preliminary findings indicate that the suspects developed malware called Mamont, which they distributed via Telegram channels under the guise of safe mobile applications and video files. ” The authorities linked the three suspects to over 300 cybercrimes, the police seized servers, computers, storage devices, and bank cards.

Banking 117

Banking Computers and Electronics Mobile Malware 117

Joseph Steinberg

OCTOBER 24, 2022

This major incident became known to the Australia’s pubic just two weeks after it learned that Optus, the country’s second-largest mobile phone network provider, was also hacked, leading to the records of nearly 10 million of its customers’ data being held for ransom by a cybercriminal.

Cybersecurity 363

Cybersecurity Social Engineering Artificial Intelligence Insurance 363

Krebs on Security

AUGUST 6, 2020

Hacked or ill-gotten accounts at consumer data brokers have fueled ID theft and identity theft services of various sorts for years. ms , then a major identity theft service in the cybercrime underground, had infiltrated computers at some of America’s large consumer and business data aggregators , including LexisNexis Inc. ,

Accountability 363

Accountability Identity Theft Hacking Insurance 363

Security Affairs

MARCH 21, 2025

Law Enforcement and Cybercrime Control Russian authorities may want to monitor criminal organizations, opposition groups, or foreign entities using Telegram. Zero-day prices have risen as the level of security of messaging apps and mobile devices becomes harder to hack.

Government 144

Government Surveillance Mobile Hacking 144

Krebs on Security

JANUARY 30, 2024

Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. Multiple security firms soon assigned the hacking group the nickname “ Scattered Spider.” 9, 2024, U.S. technology companies during the summer of 2022.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

Security Affairs

NOVEMBER 3, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cryptocurrency 110

Cryptocurrency Hacking Phishing Cyber Attacks 110

Security Affairs

JANUARY 30, 2024

Data of 750 million Indian mobile subscribers was offered for sale on dark web hacker forums earlier in January. CloudSEK researchers warned that a database containing data of 750 million Indian mobile subscribers was offered for sale on dark web hacker forums earlier in January.

Mobile 141

Mobile Identity Theft Cybercrime Cyber Attacks 141

Security Affairs

AUGUST 6, 2024

Threat actors breached the UK-based mobile device management (MDM) firm Mobile Guardian and remotely wiped thousands of devices. Hackers breached the mobile device management (MDM) firm Mobile Guardian, the company detected unauthorized access to iOS and ChromeOS devices on August 4th. ” reported the MOE.

Mobile 143

Mobile Education Hacking Cybercrime 143

Security Affairs

OCTOBER 31, 2024

Interbank disclosed a data breach after a threat actor claimed the hack of the organization and leaked stolen data online. ” [link] The financial organization announced that it had resumed its mobile and online platforms after recent outages and sought to assure customers that their funds were not impacted by the security incident.

Data breaches 130

Data breaches Financial Services Hacking Mobile 130

Security Affairs

JULY 4, 2022

“Shangai authorities have not publicly responded to the purported hack. The hacker is offering the database on a popular cybercrime forum for 10 bitcoins. SecurityAffairs – hacking, Chinese residents). If the incident will be confirmed, this data breach is the largest one in the country’s history. Pierluigi Paganini.

Cybercrime 145

Cybercrime Data breaches Cryptocurrency Internet 145

Security Affairs

SEPTEMBER 12, 2024

The Singapore Police Force (SPF) has arrested six individuals for their role in the operations of a cybercrime ring in the country. The six men are believed to be linked to a global cybercrime syndicate. A 35-year-old man had hacking tools and was preparing for cyber-attacks, with laptops, phones, and S$2,600 in cash confiscated.

Cybercrime 124

Cybercrime Computers and Electronics Mobile Cryptocurrency 124

Security Affairs

MARCH 29, 2025

“The emergence of the Crocodilus mobile banking Trojan marks a significant escalation in the sophistication and threat level posed by modern malware. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,malware) . ” ThreatFabric concludes.

Banking 69

Banking Mobile Identity Theft Malware 69

Security Affairs

APRIL 30, 2021

UNC2447 cybercrime gang exploited a zero-day in the Secure Mobile Access (SMA), addressed by SonicWall earlier this year, before the vendor released a fix. FireEye experts pointed out that the flaw was publicly disclosed after the SonicWall hack that took place in January, and a first patch was released by the vendor in February.

Cybercrime 143

Cybercrime Ransomware Malware Mobile 143

Security Affairs

DECEMBER 29, 2021

T-Mobile discloses a new data breach that impacted a “very small number of customers” who were victim of SIM swap attacks. T-Mobile has suffered another security breach, threat actors gained access to the accounts of “a small number of” customers.’. ” a T-Mobile Spokesperson told BleepingComputer.

Data breaches 145

Data breaches Mobile Accountability Wireless 145

SecureWorld News

NOVEMBER 22, 2024

The United States Department of Justice (DOJ) has unsealed charges against five individuals accused of orchestrating sophisticated phishing campaigns tied to the notorious Scattered Spider cybercrime group. As this case shows, phishing and hacking has become increasingly sophisticated and can result in enormous losses.

Phishing 108

Phishing Identity Theft Cryptocurrency Cybercrime 108

Security Affairs

MAY 20, 2025

South Korean mobile network operator SK Telecom revealed that the security breach disclosed in April began in 2022. SK Telecom is South Koreas largest wireless telecom company, a major player in the countrys mobile and tech landscape. The telecom giant detected an infection of its systems at 11 PM on Saturday, April 19, 2025.

Malware 108

Malware Mobile Data breaches Wireless 108

Security Affairs

NOVEMBER 27, 2021

HAEICHI-II: Interpol arrested 1,003 individuals charged for several cybercrimes, including romance scams, investment frauds, and online money laundering. Only through this level of global cooperation and coordination can national law enforcement effectively tackle what is a parallel cybercrime pandemic,” added Secretary General Stock.

Cybercrime 133

Cybercrime Scams Banking Malware 133

Security Affairs

DECEMBER 30, 2024

In October 2024, Cisco confirmed that the data posted by the notorious threat actor IntelBroker on a cybercrime forum was stolen from its DevHub environment. IntelBroker targeted many major organizations in past attacks, including AMD , AT&T, Bank of America, Microsoft, Europol , SAP, T-Mobile, Verizon, and others.

Data breaches 126

Data breaches Cybercrime Authentication Technology 126

Security Affairs

SEPTEMBER 21, 2024

A joint international law enforcement operation led by Europol dismantled a major phishing scheme targeting mobile users. Europol supported European and Latin American law enforcement agencies in dismantling an international criminal network that unlocks stolen or lost mobile phones using a phishing platform.

Mobile 134

Mobile Phishing Computers and Electronics Marketing 134

Security Affairs

DECEMBER 21, 2023

More than 22,000 users of Blink Mobility should take the necessary steps to protect themselves against the risk of identity theft. Los Angeles-based electric car-sharing provider Blink Mobility left a misconfigured MongoDB database open to the public.

Mobile 136

Mobile Identity Theft Passwords Phishing 136

Security Affairs

OCTOBER 17, 2022

Interpol has announced the arrests of 75 individuals as part of a coordinated international operation against an organized cybercrime ring called Black Axe. Interpol arrested 75 individuals as part of a coordinated global operation, codenamed Operation Jackal, against the cybercrime ring Black Axe. and the U.S.) Pierluigi Paganini.

Cybercrime 131

Cybercrime Scams Banking Mobile 131

Krebs on Security

AUGUST 9, 2021

Also, this greenhorn criminal clearly had bought into BriansClub’s advertising, which uses my name and likeness in a series of ads that run on all the top cybercrime forums. In late 2019, BriansClub changed its homepage to include doctored images of my Social Security and passport cards, credit report and mobile phone bill information.

Phishing 362

Phishing Cybercrime Accountability Advertising 362

Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime 73

Cybercrime Artificial Intelligence Hacking VPN 73

Security Affairs

APRIL 13, 2025

Cell C is the fourth-largest mobile network operator in South Africa, , after Vodacom, MTN, and Telkom. The company founded in 2001 offers prepaid and postpaid mobile plans, data bundles and internet services, fiber broadband, roaming and international calling, SIM-only plans and device deals.

Data breaches 130

Data breaches Unstructured Data Identity Theft Healthcare 130

Krebs on Security

APRIL 28, 2020

But in a phone interview with KrebsOnSecurity earlier this week, Jim made a call to Citi’s automated system from his mobile phone on file with the bank, and I could hear Citi’s systems asking him to enter the last four digits of his credit card number before he could review recent transactions.

Scams 363

Scams Banking Accountability Financial Services 363

Security Affairs

APRIL 16, 2025

” In September, security researchers from G DATA discovered more than two dozen Android mobile phones from different manufacturers already infected by pre-installed malware. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Chinese Android phone )

Malware 130

Malware Manufacturing Mobile Spyware 130

Security Affairs

APRIL 7, 2025

Microsoft credited controversial actor EncryptHub, a lone actor with ties to cybercrime, for reporting two Windows flaws. In 2024, he shifted to cybercrime, starting with low-level roles in vishing and ransomware, later moving into malware and vulnerability research that drew wide attention.

Cybercrime 73

Cybercrime Malware Hacking VPN 73

Security Affairs

NOVEMBER 30, 2024

SpyLoan activity has surged, with malicious apps and infected devices increasing over 75% from Q2 to Q3 2024, highlighting their growing mobile threat presence. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Google Play)

Social Engineering 131

Social Engineering Media Mobile Scams 131

Security Affairs

AUGUST 16, 2021

T-Mobile confirms a breach after threat actors claimed to have obtained records of 100 million of its customers and offered them for sale. T-Mobile has confirmed a data breach that exposed personal information from over 100 million of its US customers. SecurityAffairs – hacking, data breach). Pierluigi Paganini.

Data breaches 134

Data breaches Mobile Telecommunications Wireless 134