article thumbnail

Oops: DanaBot Malware Devs Infected Their Own PCs

Krebs on Security

government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot , a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. DanaBot’s features, as promoted on its support site. DanaBot’s features, as promoted on its support site.

Malware 235
article thumbnail

Pakistan Arrests 21 in ‘Heartsender’ Malware Service

Krebs on Security

Authorities in Pakistan have arrested 21 individuals accused of operating “ Heartsender ,” a once popular spam and malware dissemination service that operated for more than a decade. Some of the core developers and sellers of Heartsender posing at a work outing in 2021.

Malware 195
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

Last year, the French security firm Intrinsec detailed Prospero’s connections to bulletproof services advertised on Russian cybercrime forums under the names Securehost and BEARHOST. A fake browser update page pushing mobile malware. The bulletproof hosting provider BEARHOST. Image: Ke-la.com. Image: Intrinsec.

Malware 260
article thumbnail

U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation

The Hacker News

Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and unsealed charges against 16 individuals for their alleged involvement in the development and deployment of the malware, which it said was controlled by a Russia-based cybercrime organization.

article thumbnail

Why Phishers Love New TLDs Like.shop,top and.xyz

Krebs on Security

A study on phishing data released by Interisle Consulting finds that new gTLDs introduced in the last few years command just 11 percent of the market for new domains, but accounted for roughly 37 percent of cybercrime domains reported between September 2023 and August 2024. The top 5 new gTLDs, ranked by cybercrime domains reported.

article thumbnail

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. “The Cybercrime Team is on the trail of a number of buyers of the tools,” the Dutch national police said. A statement from the U.S.

Phishing 271
article thumbnail

Leader of Qakbot cybercrime network indicted in U.S. crackdown

Security Affairs

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. The malware spreads via malspam campaigns, it inserts replies in active email threads. Gallyamov began developing Qakbot in 2008, building a team that expanded its capabilities over the time. and abroad.