Cybercrime, Internet and System Administration

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years.

Cybercrime

Cybercrime Banking Malware Ransomware

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service. SocksEscort began in 2009 as “ super-socks[.]com

Malware

Malware VPN Internet Internet

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Krebs on Security

NOVEMBER 8, 2021

If it sounds unlikely that a normal Internet user could make millions of dollars unmasking the identities of REvil gang members, take heart and consider that the two men indicted as part this law enforcement action do not appear to have done much to separate their cybercriminal identities from their real-life selves. 3 was Lublin, Poland.

Ransomware

Ransomware Cybercrime System Administration Passwords

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

.” The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums. Kloster says he’s worked in many large companies in Omsk as a system administrator, web developer and photographer.

Advertising

Advertising Cybercrime System Administration Hacking

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

.” New York City-based cyber intelligence firm Flashpoint said the Snatch ransomware group was created in 2018, based on Truniger’s recruitment both on Russian language cybercrime forums and public Russian programming boards. “The command requires Windows system administrators,” Truniger’s ads explained.

Ransomware

Ransomware Accountability Cybercrime Backups

Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity

Krebs on Security

JUNE 9, 2020

City officials now say they plan to pay the ransom demand, in hopes of keeping the personal data of their citizens off of the Internet. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin.

Ransomware

Ransomware System Administration Backups Technology

Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

Security Affairs

MARCH 10, 2020

Microsoft is warning of human-operated ransomware, this kind of attack against businesses is becoming popular in the cybercrime ecosystem. Human-operated ransomware is a technique usually employed in nation-state attacks that is becoming very popular in the cybercrime ecosystem. ” reads the post published by Microsoft.

Ransomware

Ransomware Cybercrime Social Engineering Banking

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Dmitry Yuryevich Khoroshev.

Ransomware

Ransomware Cybercrime Accountability Malware

StealthWorker botnet targets Synology NAS devices to drop ransomware

Security Affairs

AUGUST 9, 2021

The Taiwanese company urges its customers to enable multi-factor authentication where available, enable auto block and account protection, and to use string administrative credentials, . System administrators that have noticed suspicious activity on their devices should report it to Synology technical support.

Ransomware

Ransomware System Administration Malware Authentication

The Challenges in Building Digital Trust

SecureWorld News

DECEMBER 11, 2023

In the 1980s, the internet as we know it today was called ARPANET and used mostly by researchers and the military. System administrators didn't bother locking down their systems, because the possibility of bad actors using them didn't really cross their minds.

Technology

Technology Artificial Intelligence Cybercrime Government

Bye Bye Emotet, law enforcement pushed the uninstall code via the botnet

Security Affairs

APRIL 26, 2021

. “According to the affidavit, foreign law enforcement agents, working in coordination with the FBI, gained lawful access to Emotet servers located overseas and identified the Internet Protocol addresses of approximately 1.6 million computers worldwide that appear to have been infected with Emotet malware between April 1, 2020, and Jan.

Malware

Malware Banking System Administration Hacking

Dissecting the malicious arsenal of the Makop ransomware gang

Security Affairs

MARCH 14, 2023

The gang leverages exposed remote administration services and internet-facing vulnerabilities to gain and maintain access to victim networks. Makop gang did not conduct any significative retooling since 2020, which is a clear indicator of their effectiveness even after three years and hundreds of successful compromises.

Ransomware

Ransomware Software System Administration Encryption

Just What Does It Take to Develop a Career in the Cybersecurity Domain?

IT Security Guru

JANUARY 12, 2021

IoT (Internet of Things) Security. System Administrator (or, sysadmin). Far away from the glamor and spotlight that other career fields like programming or data science get, there is a full-on war for hiring good cyber talent because of the year-on-year spike in cybercrime. Secure Software Development. Secure DevOps.

Cybersecurity

Cybersecurity Government IoT Penetration Testing

Ransomware Gangs and the Name Game Distraction

Krebs on Security

AUGUST 5, 2021

Reinvention is a basic survival skill in the cybercrime business. After acknowledging someone had also seized their Internet servers, DarkSide announced it was folding. REvil’s last big victim was Kaseya , a Miami-based company whose products help system administrators manage large networks remotely. Image: FBI.

Ransomware

Ransomware Cybercrime Malware System Administration

Ransomware Operator: 'Start **cking Up the U.S. Public Sector'

SecureWorld News

OCTOBER 26, 2021

Here is the translated and censored message: "In our difficult and troubled time when the US government is trying to fight us, I call on all partner programs to stop competing, unite and start **cking up the US public sector, show this old man who is the boss here who is the boss and will be on the Internet.

Ransomware

Ransomware Backups Government Penetration Testing

The Hacker Mind Podcast: Ethical Hacking

ForAllSecure

MAY 26, 2022

.” I wrote about the pending Cyber Security Enhancement Act of 2002 (CSEA) and said: “ The problem with this legislation is that it's often very difficult to determine who is responsible for any given cybercrime. Who is responsible? Is it the hospital, which should have had a power backup?

Hacking

Hacking Technology InfoSec Media

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

A recent leak has put it in the hands of cybercrime actors and it is very likely that by the end of the year we will see it involved in APT cases too. The reason is simple: they represent huge software stacks that must support many protocols and have to be internet-facing to operate properly. The next WannaCry.

Firmware

Firmware Surveillance Mobile Telecommunications

Cyber Security Informer

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

Who and What is Behind the Malware Proxy Service SocksEscort?

Webinars

Trending Sources

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Webinars

Meet the Administrators of the RSOCKS Proxy Botnet

A Closer Look at the Snatch Data Ransom Group

Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity

Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

How Did Authorities Identify the Alleged Lockbit Boss?

StealthWorker botnet targets Synology NAS devices to drop ransomware

The Challenges in Building Digital Trust

Bye Bye Emotet, law enforcement pushed the uninstall code via the botnet

Dissecting the malicious arsenal of the Makop ransomware gang

Just What Does It Take to Develop a Career in the Cybersecurity Domain?

Ransomware Gangs and the Name Game Distraction

Ransomware Operator: 'Start **cking Up the U.S. Public Sector'

The Hacker Mind Podcast: Ethical Hacking

Advanced threat predictions for 2023

Stay Connected