Cybercrime, Hacking and Software - Cyber Security Informer

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. Silent Push said Araneida is being advertised by an eponymous user on multiple cybercrime forums. Araneida Scanner. 2023 on the forum Cracked.

Hacking

Hacking Cybercrime Advertising Data breaches

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Security experts say the Russia-based service provider Prospero OOO (the triple O is the Russian version of “LLC”) has long been a persistent source of malicious software, botnet controllers, and a torrent of phishing websites. federal agencies from using Kaspersky software, mandating its removal within 90 days.

Malware

Malware Antivirus Software DDOS

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by IntelBroker on a cybercrime forum was stolen from its DevHub environment. for customers to use as needed.

Cybercrime

Cybercrime Data breaches Technology Banking

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs

FEBRUARY 2, 2025

and Dutch authorities seized 39 domains and servers linked to the HeartSender cybercrime group based in Pakistan. A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools.

Cybercrime

Cybercrime Advertising Phishing Hacking

U.S. Offered $10M for Hacker Just Arrested by Russia

Krebs on Security

DECEMBER 4, 2024

Russia’s interior ministry last week issued a statement saying a 32-year-old hacker had been charged with violating domestic laws against the creation and use of malicious software. Matveev’s hacker identities were remarkably open and talkative on numerous cybercrime forums. Matveev did not respond to requests for comment.

Cybercrime

Cybercrime Ransomware Cryptocurrency Government

New MassJacker clipper targets pirated software seekers

Security Affairs

MARCH 15, 2025

Pirated software seekers are targeted by the new MassJacker clipper malware, according to CyberArk researchers. A new malware campaign spreading a new clipper malware dubbed MassJacker targets users searching for pirated software, Cyberark users warn. com) distributing pirated software that also spreads malware.

Software

Software Cryptocurrency Malware Encryption

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking

Hacking Cybercrime Phishing Passwords

No, I Did Not Hack Your MS Exchange Server

Krebs on Security

MARCH 28, 2021

“web shells”) that various cybercrime groups worldwide have been using to commandeer any unpatched Exchange servers. 26, Shadowserver saw an attempt to install a new type of backdoor in compromised Exchange Servers, and with each hacked host it installed the backdoor in the same place: “ /owa/auth/babydraco.aspx.

Hacking

Hacking Cybercrime DNS Antivirus

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

Krebs on Security

DECEMBER 16, 2020

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned.

Hacking

Hacking Malware Software Cybercrime

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Researchers at AT&T Alien Labs say the crooks responsible for maintaining the QakBot botnet have rented their creation to various cybercrime groups over the years.

Hacking

Hacking Malware Ransomware Government

The Silent Breach: How E-Waste Fuels Cybercrime

SecureWorld News

MARCH 27, 2025

In today's digital world, cybercrime is a threat to our private data and security. And with Americans owning an average of 24 electronic items in their homes , neglecting to dispose of these items correctly is putting individuals at significant risk of cybercrime. What is cybercrime?

Cybercrime

Cybercrime Computers and Electronics Passwords Firewall

Police took down several popular counter-antivirus (CAV) services, including AvCheck

Security Affairs

JUNE 2, 2025

Department of Justice has dismantled an online cybercrime syndicate that provided encryption services to help malware evade detection. “Crypting is the process of using software to make malware difficult for antivirus programs to detect,” the DoJ said. An international law enforcement operation led by the U.S.

Antivirus

Antivirus Cybercrime Malware Firewall

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Security Affairs

APRIL 10, 2025

The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack. Its the second cybersecurity breach that the software company has acknowledged to clients in the last month. Oracle Corp. reported Bloomberg.

Hacking

Hacking Data breaches Encryption Authentication

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking

Hacking Cybercrime Ransomware Government

FBI Hacker Dropped Stolen Airbus Data on 9/11

Krebs on Security

SEPTEMBER 13, 2023

The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold. In a post on the English language cybercrime forum BreachForums , USDoD leaked information on roughly 3,200 Airbus vendors, including names, addresses, phone numbers, and email addresses. But on Sept. But on Sept.

Cybercrime

Cybercrime Passwords Authentication Malware

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

The two infostealers allowed operators to harvest usernames, passwords, contact info, and crypto-wallets from victims, the threat actors sold this data to criminals for financial theft and hacking. Update software : Keep your operating system, security software, and firewall up to date to patch vulnerabilities.

Identity Theft

Identity Theft Malware Passwords Banking

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans.

Hacking

Hacking Identity Theft Government Phishing

RedLine info-stealer campaign targets Russian businesses through pirated corporate software

Security Affairs

DECEMBER 8, 2024

An ongoing RedLine information-stealing campaign is targeting Russian businesses using pirated corporate software. Since January 2024, Russian businesses using unlicensed software have been targeted by an ongoing RedLine info-stealer campaign. This method exploits user trust rather than vulnerabilities in the corporate software.

Software

Software Malware Accountability Encryption

This Service Helps Malware Authors Fix Flaws in their Code

Krebs on Security

MAY 18, 2020

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. is cybercrime forum. RedBear’s service is marketed not only to malware creators, but to people who rent or buy malicious software and services from other cybercriminals.

Malware

Malware Cybercrime Ransomware Marketing

Nation-state actors and cybercrime gangs abuse malicious.lnk files for espionage and data theft

Security Affairs

MARCH 18, 2025

Trend ZDI researchers discovered 1,000 malicious.lnk files used by nation-state actors and cybercrime groups to execute hidden malicious commands on a victims machine by exploiting the vulnerability ZDI-CAN-25373. Since 2017, the vulnerability has been exploited by APT groups from North Korea, Iran, Russia, and China.

Cybercrime

Cybercrime Telecommunications Government Malware

Banshee macOS stealer supports new evasion mechanisms

Security Affairs

JANUARY 10, 2025

Check Point researchers discovered a new version of the Banshee macOS infostealer which is distributed through phishing websites and fake GitHub repositories, often masqueraded as popular software. The malicious code was advertised on cybercrime forums for $3,000 per month.

Malware

Malware Advertising Antivirus Cybercrime

DragonForce operator chained SimpleHelp flaws to target an MSP and its customers

Security Affairs

MAY 27, 2025

Sophos researchers reported that a DragonForce ransomware operator exploited three chained vulnerabilities in SimpleHelp software to attack a managed service provider. SimpleHelp is a remote support and access software designed for IT professionals and support teams. reads the report published by Artic Wolf.

Ransomware

Ransomware Software Retail Data breaches

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

JULY 29, 2022

The abrupt closure comes ten days after KrebsOnSecurity published an in-depth look at 911 and its connections to shady pay-per-install affiliate programs that secretly bundled 911’s proxy software with other titles, including “free” utilities and pirated software. A cached copy of flashupdate[.]net

Cybercrime

Cybercrime Software Backups VPN

China-linked APTs’ tool employed in RA World Ransomware attack

Security Affairs

FEBRUARY 13, 2025

A November 2024 RA World ransomware attack on an Asian software firm used a tool linked to China-linked threat actors. Broadcom researchers reported that threat actors behind an RA World ransomware attack against an Asian software and services firm employed a tool that was explosively associated in the past with China-linked APT groups.

Ransomware

Ransomware Software Cybercrime Encryption

Is Your Computer Part of ‘The Largest Botnet Ever?’

Krebs on Security

MAY 29, 2024

.” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. Cloud Router was previously called 911 S5.

VPN

VPN Government Cybercrime Internet

Cisco states that the second data leak is linked to the one from October

Security Affairs

DECEMBER 30, 2024

In October 2024, Cisco confirmed that the data posted by the notorious threat actor IntelBroker on a cybercrime forum was stolen from its DevHub environment. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, data breach) ” reads the update published by Cisco.

Data breaches

Data breaches Cybercrime Authentication Technology

Cybercrime gets a few punches on the nose

Malwarebytes

JANUARY 31, 2025

Its not often that we get to share good news, so we wanted to grab this opportunity and showcase some progress made by law enforcement actions against cybercrime with you. Europol notified us about the take-down of two of the largest cybercrime forums in the world. This crime network specializes in developing and selling phishing kits.

Cybercrime

Cybercrime Phishing Malware Hacking

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. One of Megatraffer’s ads on an English-language cybercrime forum. “Antivirus software trusts signed programs more.

Malware

Malware Cybercrime Software Accountability

Member of cybercrime group Karakurt charged in the US

Security Affairs

AUGUST 23, 2024

court for his role in the Karakurt cybercrime gang. court for his role in the Russian Karakurt cybercrime gang. “Among other things, the Russian cybercrime group steals victim data and threatens to release it unless the victim pays ransom in cryptocurrency. . ” reads the press release published by DoJ.

Cybercrime

Cybercrime VPN Cryptocurrency Hacking

ExCobalt Cybercrime group targets Russian organizations in multiple sectors

Security Affairs

JUNE 24, 2024

The cybercrime group ExCobalt targeted Russian organizations in multiple sectors with a previously unknown backdoor known as GoRed. Positive Technologies researchers reported that a cybercrime gang called ExCobalt targeted Russian organizations in multiple sectors with a previously unknown Golang-based backdoor known as GoRed.

Cybercrime

Cybercrime Telecommunications DNS Technology

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

Security Affairs

NOVEMBER 15, 2024

“Ilya Lichtenstein was sentenced today to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex, a global cryptocurrency exchange.” Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex.

Cryptocurrency

Cryptocurrency Hacking Government Accountability

Sam’s Club Investigates Alleged Cl0p Ransomware Breach

Security Affairs

MARCH 30, 2025

This week, Cl0p ransomware group listed Sams Club among the victims of its December Cleo software exploit , accusing it of ignoring security. ” Ransomware gang Cl0p leaked files from Rackspace Technology and listed ~170 companies allegedly hacked via zero-day vulnerabilities in Cleos file-transfer software.

Ransomware

Ransomware Data breaches Software Hacking

Singapore Police arrest six men allegedly involved in a cybercrime syndicate

Security Affairs

SEPTEMBER 12, 2024

The Singapore Police Force (SPF) has arrested six individuals for their role in the operations of a cybercrime ring in the country. The six men are believed to be linked to a global cybercrime syndicate. A 35-year-old man had hacking tools and was preparing for cyber-attacks, with laptops, phones, and S$2,600 in cash confiscated.

Cybercrime

Cybercrime Computers and Electronics Mobile Cryptocurrency

No SOCKS, No Shoes, No Malware Proxy Services!

Krebs on Security

AUGUST 2, 2022

With the recent demise of several popular “proxy” services that let cybercriminals route their malicious traffic through hacked PCs, there is now something of a supply chain crisis gripping the underbelly of the Internet. Last week, a seven-year-old proxy service called 911[.]re The disruption at 911[.]re The disruption at 911[.]re

Malware

Malware Cybercrime Internet Internet

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

SecureWorld News

APRIL 22, 2025

A sophisticated cybercrime campaign, dubbed Elusive Comet , has been uncovered, in which North Korean threat actors are exploiting Zoom's remote control feature to infiltrate the systems of cryptocurrency professionals. billion hack of the Bybit exchange in February 2025.

Cryptocurrency

Cryptocurrency Social Engineering Cybercrime Engineering

XE Group shifts from credit card skimming to exploiting zero-days

Security Affairs

FEBRUARY 10, 2025

The cybercrime group XE Group exploited a VeraCore zero-day to deploy reverse shells, web shells in recent attacks. On November 5, 2024, Intezer spotted an attack attributed to XE Group, an EDR detected a post-exploitation activity through a webshell on an IIS server hosting VeraCores warehouse management system software.

Manufacturing

Manufacturing Cybercrime Authentication Passwords

Microsoft seized the US infrastructure of the Storm-1152 cybercrime group

Security Affairs

DECEMBER 14, 2023

Microsoft’s Digital Crimes Unit seized multiple domains used by cybercrime group Storm-1152 to sell fraudulent Outlook accounts. Microsoft’s Digital Crimes Unit seized multiple domains used by a cybercrime group, tracked as Storm-1152, to sell fraudulent accounts. ” reads the announcement published by Microsoft.

Cybercrime

Cybercrime Accountability Media Technology

Feds Charge NY Man as BreachForums Boss “Pompompurin”

Krebs on Security

MARCH 17, 2023

Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of running BreachForums , a popular English-language cybercrime forum where some of the world biggest hacked databases routinely show up for sale. The FBI later acknowledged that a software misconfiguration allowed someone to send the fake emails.

Data breaches

Data breaches Cybercrime Insurance Internet

MY TAKE: Will companies now heed attackers’ ultimatum in the MOVEit-Zellis supply chain hack?

The Last Watchdog

JUNE 12, 2023

The cybersecurity community is waiting for the next shoe to drop in the wake of the audacious MOVEit-Zellis hack orchestrated by the infamous Russian hacking collective, Clop. ” Post SolarWinds This is a prime example of what multi-stage supply chain hacks have morphed into two years after the milestone SolarWinds hack.

Hacking

Hacking Risk Cyber threats Cybercrime

DMM Bitcoin $308M Bitcoin heist linked to North Korea

Security Affairs

DECEMBER 25, 2024

.” The agencies discovered that in March 2024, a North Korea-linked threat actor posed as a LinkedIn recruiter and targeted an employee of the Japan-based enterprise cryptocurrency wallet software company Ginco, then compromised them via a malicious Python script shared masqueraded as a “pre-employment test.” BTC ($308M).

Cryptocurrency

Cryptocurrency Social Engineering Hacking Cybercrime

BadBox 2.0 botnet infects millions of IoT devices worldwide, FBI warns

Security Affairs

JUNE 9, 2025

Cyber criminals gain unauthorized access to home networks by either configuring the product with malicious software prior to the users purchase or infecting the device as it downloads required applications that contain backdoors, usually during the set-up process. “Most of the infected devices were manufactured in China.

IoT

IoT Internet Internet Advertising

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years

Krebs on Security

APRIL 30, 2024

A 26-year-old Finnish man was sentenced to more than six years in prison today after being convicted of hacking into an online psychotherapy clinic, leaking tens of thousands of patient therapy records, and attempting to extort the clinic and patients. After being charged with the attack in October 2022, Kivimäki fled the country.

DDOS

DDOS Cybercrime Hacking Passwords

Breachforums Boss to Pay $700k in Healthcare Breach

Krebs on Security

MAY 15, 2025

In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for sale on the forum in 2023. Conor Brian Fitzpatrick , a.k.a.

Healthcare

Healthcare Insurance Data breaches Government

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Security Affairs

MAY 1, 2025

A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6. The DarkWatchman malware can evade detection by standard antivirus software.

Malware

Malware Phishing Telecommunications Antivirus

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Trending Sources

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Law enforcement seized the domains of HeartSender cybercrime marketplaces

U.S. Offered $10M for Hacker Just Arrested by Russia

New MassJacker clipper targets pirated software seekers

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

No, I Did Not Hack Your MS Exchange Server

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

U.S. Hacks QakBot, Quietly Removes Botnet Infections

The Silent Breach: How E-Waste Fuels Cybercrime

Police took down several popular counter-antivirus (CAV) services, including AvCheck

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

FBI Hacker Dropped Stolen Airbus Data on 9/11

International law enforcement operation dismantled RedLine and Meta infostealers

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

RedLine info-stealer campaign targets Russian businesses through pirated corporate software

This Service Helps Malware Authors Fix Flaws in their Code

Nation-state actors and cybercrime gangs abuse malicious.lnk files for espionage and data theft

Banshee macOS stealer supports new evasion mechanisms

DragonForce operator chained SimpleHelp flaws to target an MSP and its customers

911 Proxy Service Implodes After Disclosing Breach

China-linked APTs’ tool employed in RA World Ransomware attack

Is Your Computer Part of ‘The Largest Botnet Ever?’

Cisco states that the second data leak is linked to the one from October

Cybercrime gets a few punches on the nose

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Member of cybercrime group Karakurt charged in the US

ExCobalt Cybercrime group targets Russian organizations in multiple sectors

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

Sam’s Club Investigates Alleged Cl0p Ransomware Breach

Singapore Police arrest six men allegedly involved in a cybercrime syndicate

No SOCKS, No Shoes, No Malware Proxy Services!

Hackers Exploit Zoom's Remote Control Feature in Cryptocurrency Heists

XE Group shifts from credit card skimming to exploiting zero-days

Microsoft seized the US infrastructure of the Storm-1152 cybercrime group

Feds Charge NY Man as BreachForums Boss “Pompompurin”

MY TAKE: Will companies now heed attackers’ ultimatum in the MOVEit-Zellis supply chain hack?

DMM Bitcoin $308M Bitcoin heist linked to North Korea

BadBox 2.0 botnet infects millions of IoT devices worldwide, FBI warns

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years

Breachforums Boss to Pay $700k in Healthcare Breach

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Stay Connected