Document, Hacking and Web Fraud - Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking

Hacking Accountability Government Social Engineering

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Krebs on Security

FEBRUARY 4, 2021

Facebook told KrebsOnSecurity it seized hundreds of accounts — mainly on Instagram — that have been stolen from legitimate users through a variety of intimidation and harassment tactics, including hacking, coercion, extortion, sextortion , SIM swapping , and swatting. THE MIDDLEMEN.

Accountability

Accountability Hacking Media Mobile

How to Lose a Fortune with Just One Bad Click

Krebs on Security

DECEMBER 18, 2024

A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click “yes” to a Google prompt on his mobile device.

Cryptocurrency

Cryptocurrency Accountability Authentication Phishing

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

Unfortunately for us, Doug freaked out after deciding he’d been tricked — backing up his important documents, changing his passwords, and then reinstalling macOS on his computer. If you’re approached in a similar scheme, the response from the would-be victim documented in the SlowMist blog post is probably the best.

Malware

Malware Cryptocurrency Software Phishing

‘Spam Nation’ Villain Vrublevsky Charged With Fraud

Krebs on Security

MARCH 22, 2022

But according to information obtained by KrebsOnSecurity, it is equally likely Vrublevsky was arrested thanks to his propensity for carefully documenting the links between Russia’s state security services and the cybercriminal underground. A Google-translated snippet of the hacked ChronoPay Confluence installation.

Banking

Banking Marketing DDOS Risk

How Phishers Are Slinking Their Links Into LinkedIn

Krebs on Security

FEBRUARY 3, 2022

The trouble is, there’s little to stop criminals from leveraging newly registered or hacked LinkedIn business accounts to create their own ad campaigns using Slinks. Here’s the very first Slink created: [link] which redirects to the homepage for LinkedIn Marketing Solutions. Here’s one example from Jan. Image: Urlscan.io.

Phishing

Phishing Marketing Scams Accountability

Malicious Office 365 Apps Are the Ultimate Insiders

Krebs on Security

MAY 5, 2021

The service also advertised the ability to extract and filter emails and files based on selected keywords, as well as attach malicious macros to all documents in a user’s Microsoft OneDrive. A cybercriminal service advertising the sale of access to hacked Office365 accounts. Image: Proofpoint.

Accountability

Accountability Passwords Advertising Phishing

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S.

Social Engineering

Social Engineering Mobile Cybercrime Passwords

The Link Between AWM Proxy & the Glupteba Botnet

Krebs on Security

JUNE 28, 2022

That same day, AWM Proxy — a 14-year-old anonymity service that rents hacked PCs to cybercriminals — suddenly went offline. Launched in March 2008, AWM Proxy quickly became the largest service for crooks seeking to route their malicious Web traffic through compromised devices.

Passwords

Passwords Malware Internet Internet

Phishers are Angling for Your Cloud Providers

Krebs on Security

AUGUST 30, 2019

But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and their customers. ” This attack comes on the heels of another targeted phishing campaign leveraging Pardot that was documented earlier this month by Netskope , a cloud security firm.

Phishing

Phishing Marketing Accountability DNS

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries. 16Shop documentation instructing operators on how to deploy the kit. A LinkedIn profile for Rizky says he is a backend Web developer in Bandung who earned a bachelor’s degree in information technology in 2020.

Phishing

Phishing Passwords Hacking Internet

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

The government believes the brains behind Joker’s Stash is Timur Kamilevich Shakhmametov , an individual who is listed in Russian incorporation documents as the owner of Arpa Plus , a Novosibirsk company that makes mobile games. ru , which periodically published hacking tools and exploits for software vulnerabilities.

Cryptocurrency

Cryptocurrency Cybercrime Retail Government

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

If the attachment is opened, the malicious document proceeds to quietly download additional malware and hacking tools to the victim machine ( here’s one video example of a malicious Microsoft Office attachment from the malware sandbox service any.run ).

Cybercrime

Cybercrime Malware Ransomware Penetration Testing

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

Verified and other Russian language crime forums where MrMurza had a presence have been hacked over the years, with contact details and private messages leaked online. For the past few years, someone using the nickname Gaihnik25 has been posting messages to the Russian-language hacking forum Gerki[.]pw The address gaihnik@mail.ru

Malware

Malware Passwords Accountability Advertising

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

First spotted in mid-August 2022 , Venus is known for hacking into victims’ publicly-exposed Remote Desktop services to encrypt Windows devices. Department of Health and Human Services (HHS) warned that Venus ransomware attacks were targeting a number of U.S. healthcare organizations. “They are targeting a lot of U.S.

Healthcare

Healthcare Backups Ransomware Insurance

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Krebs on Security

JANUARY 22, 2019

Large-scale spam campaigns often are conducted using newly-registered or hacked email addresses, and/or throwaway domains. Guilmette told KrebsOnSecurity he initially considered the possibility that GoDaddy had been hacked, or that thousands of the registrar’s customers perhaps had their GoDaddy usernames and passwords stolen.

DNS

DNS Internet Internet Computers and Electronics

Using Google Search to Find Software Can Be Risky

Krebs on Security

JANUARY 25, 2024

Hegel noted that the spike in malicious software-themed ads came not long after Microsoft started blocking by default Office macros in documents downloaded from the Internet. He said the volume of the current malicious ad campaigns from this group appears to be relatively low compared to a year ago.

Software

Software Advertising Malware Accountability

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

” Monahan has been documenting the crypto thefts via Twitter/X since March 2023, frequently expressing frustration in the search for a common cause among the victims. And then he got hacked. “I would personally advocate that nobody ever uses LastPass again: Not because they were hacked. Then on Aug.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Krebs on Security

NOVEMBER 2, 2023

One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. The login page for the criminal reshipping service SWAT USA Drop.

Cybercrime

Cybercrime Marketing Scams Retail

The Dark Nexus Between Harm Groups and ‘The Com’

Krebs on Security

SEPTEMBER 13, 2024

While MGM was still trying to evict the intruders from its systems, an individual who claimed to have firsthand knowledge of the hack contacted multiple media outlets to offer interviews about how it all went down. ’s West Midlands Police as part of a joint investigation with the FBI into the MGM hack. ” Image: USDOJ.

Cybercrime

Cybercrime Accountability Mobile Hacking

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

” Islam and Woody were both core members of UGNazi, a hacker collective that sprang up in 2012 and claimed credit for hacking and attacking a number of high-profile websites. . “ JoshTheGod ,” referred to in the Iza complaint as “M.I.” had some personal problems and checked himself into rehab.

Cryptocurrency

Cryptocurrency Government Internet Internet

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

Krebs on Security

MARCH 29, 2022

Virtually all major technology companies serving large numbers of users online have departments that routinely review and process such requests, which are typically granted as long as the proper documents are provided and the request appears to come from an email address connected to an actual police department domain name.

Accountability

Accountability Government Hacking Social Engineering

Google Suspends Chinese E-Commerce App Pinduoduo Over Malware

Krebs on Security

MARCH 22, 2023

In November 2022, Google documented these three same vulnerabilities being used together to compromise Samsung devices. The three Samsung exploits that DarkNavy says were used by the malicious app. DarkNavy likewise did not name the app they said was responsible for the attacks.

Malware

Malware eCommerce Mobile Marketing

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Krebs on Security

APRIL 27, 2022

When KrebsOnSecurity recently explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media firms and technology providers, many security experts called it a fundamentally unfixable problem.

Mobile

Mobile Government Media Technology

Meet the World’s Biggest ‘Bulletproof’ Hoster

Krebs on Security

JULY 16, 2019

In 2010, this author received a massive data dump from a source that had hacked into or otherwise absconded with more than four years of email records from ChronoPay — at the time a major Russian online payment provider whose CEO and co-founders were the chief subjects of my 2014 book, Spam Nation: The Inside Story of Organized Cybercrime.

Cybercrime

Cybercrime Phishing Banking Malware

Lamborghini Carjackers Lured by $243M Cyberheist

Krebs on Security

OCTOBER 9, 2024

As documented in last month’s deep dive on top Com members , The Com is also a place where cybercriminals go to boast about their exploits and standing within the community, or to knock others down a peg or two.

Cryptocurrency

Cryptocurrency Social Engineering Accountability Mobile

Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Trending Sources

How to Lose a Fortune with Just One Bad Click

Calendar Meeting Links Used to Spread Mac Malware

‘Spam Nation’ Villain Vrublevsky Charged With Fraud

How Phishers Are Slinking Their Links Into LinkedIn

Malicious Office 365 Apps Are the Ultimate Insiders

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

The Link Between AWM Proxy & the Glupteba Botnet

Phishers are Angling for Your Cloud Providers

Karma Catches Up to Global Phishing Service 16Shop

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Giving a Face to the Malware Proxy Service ‘Faceless’

New Ransom Payment Schemes Target Executives, Telemedicine

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Using Google Search to Find Software Can Be Risky

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

The Dark Nexus Between Harm Groups and ‘The Com’

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

Google Suspends Chinese E-Commerce App Pinduoduo Over Malware

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Meet the World’s Biggest ‘Bulletproof’ Hoster

Lamborghini Carjackers Lured by $243M Cyberheist

Stay Connected