Gift Card Gang Extracts Cash From 100k Inboxes Daily

Some of the most successful and lucrative online scams employ a “low-and-slow” approach — avoiding detection or interference from researchers and law enforcement agencies by stealing small bits of cash from many people over an extended period. Here’s the story of a cybercrime group that compromises ...

Continue reading

15-Year-Old Malware Proxy Network VIP72 Goes Dark

Over the past 15 years, a cybercrime anonymity service known as VIP72 has enabled countless fraudsters to mask their true location online by routing their traffic through millions of malware-infected systems. But roughly two weeks ago, VIP72’s online storefront — which ironically enough has remained...

Continue reading

Man Robbed of 16 Bitcoin Sues Young Thieves’ Parents

In 2018, Andrew Schober was digitally mugged for approximately $1 million worth of bitcoin. After several years of working with investigators, Schober says he’s confident he has located two young men in the United Kingdom responsible for developing a clever piece of digital clipboard-stealing malwar...

Continue reading

Wanted: Disgruntled Employees to Deploy Ransomware

Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. Apparently now that includes emailing employees directly and asking them to unleash the malware inside their employer’s network in exchange for a percentage...

Continue reading

T-Mobile: Breach Exposed SSN/DOB of 40M+ People

T-Mobile warned Monday that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. The acknowledgment came less than 48 hours after millio...

Continue reading

T-Mobile Investigating Claims of Massive Data Breach

Communications giant T-Mobile said today it is investigating the extent of a breach that hackers claim has exposed sensitive personal data on 100 million T-Mobile USA customers, in many cases including the name, Social Security number, address, date of birth, phone number, security PINs and details ...

Continue reading

New Anti Anti-Money Laundering Services for Crooks

A new dark web service is marketing to cybercriminals who are curious to see how their various cryptocurrency holdings and transactions may be linked to known criminal activity. Dubbed “Antinalysis,” the service purports to offer a glimpse into how one’s payment activity might be flagged by law enfo...

Continue reading

Microsoft Patch Tuesday, August 2021 Edition

Microsoft today released software updates to plug at least 44 security vulnerabilities in its Windows operating systems and related products. The software giant warned that attackers already are pouncing on one of the flaws, which ironically enough involves an easy-to-exploit bug in the software com...

Continue reading

Phishing Sites Targeting Scammers and Thieves

I was preparing to knock off work for the week on a recent Friday evening when a curious and annoying email came in via the contact form on this site: “Hello I go by the username Nuclear27 on your site Briansclub[.]com,” wrote “Mitch,” confusing me with the proprietor of perhaps the underground’s la...

Continue reading

Ransomware Gangs and the Name Game Distraction

It’s nice when ransomware gangs have their bitcoin stolen, malware servers shut down, or are otherwise forced to disband. We hang on to these occasional victories because history tells us that most ransomware moneymaking collectives don’t go away so much as reinvent themselves under a new name, with...

Continue reading

The Life Cycle of a Breached Database

Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals. H...

Continue reading

PlugwalkJoe Does the Perp Walk

Joseph “PlugwalkJoe” O’Connor, in a photo from a paid press release on Sept. 02, 2020, pitching him as a trustworthy cryptocurrency expert and advisor. One day after last summer’s mass-hack of Twitter, KrebsOnSecurity wrote that 22-year-old British citizen Joseph “PlugwalkJoe” O’Connor appeared to h...

Continue reading

Serial Swatter Who Caused Death Gets Five Years in Prison

A 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that lead to the death of a 60-year-old grandfather in 2020 was sentenced to 60 months in prison today. 60-year-old Mark Herring died of a heart attack after police surrounded his home in response to a swatting...

Continue reading

Spam Kingpin Peter Levashov Gets Time Served

Peter Levashov, appearing via Zoom at his sentencing hearing today. A federal judge in Connecticut today handed down a sentence of time served to spam kingpin Peter “Severa” Levashov, a prolific purveyor of malicious and junk email, and the creator of malware strains that infected millions of Micros...

Continue reading

Don’t Wanna Pay Ransom Gangs? Test Your Backups.

Browse the comments on virtually any story about a ransomware attack and you will almost surely encounter the view that the victim organization could have avoided paying their extortionists if only they’d had proper data backups. But the ugly truth is there are many non-obvious reasons why victims e...

Continue reading

Microsoft Patch Tuesday, July 2021 Edition

Microsoft today released updates to patch at least 116 security holes in its Windows operating systems and related software. At least four of the vulnerabilities addressed today are under active attack, according to Microsoft. Thirteen of the security bugs quashed in this month’s release earned Micr...

Continue reading

Spike in “Chain Gang” Destructive Attacks on ATMs

Last summer, financial institutions throughout Texas started reporting a sudden increase in attacks involving well-orchestrated teams that would show up at night, use stolen trucks and heavy chains to rip Automated Teller Machines (ATMs) out of their foundations, and make off with the cash boxes ins...

Continue reading

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. The attackers exploited a vulnerability in software from Kaseya, a Miami-based company whose products help system administrators manage large networks remotely....

Continue reading

Microsoft Issues Emergency Patch for Windows Flaw

Microsoft on Tuesday issued an emergency software update to quash a security bug that’s been dubbed “PrintNightmare,” a critical vulnerability in all supported versions of Windows that is actively being exploited. The fix comes a week ahead of Microsoft’s normal monthly Patch Tuesday release, and fo...

Continue reading

Another 0-Day Looms for Many Western Digital Users

Some of Western Digital’s MyCloud-based data storage devices. Image: WD. Countless Western Digital customers saw their MyBook Live network storage drives remotely wiped in the past month thanks to a bug in a product line the company stopped supporting in 2015, as well as a previously unknown zero-da...

Continue reading

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Financial services giant Intuit this week informed 1.4 million small businesses using its QuickBooks Online Payroll and Intuit Online Payroll products that their payroll information will be shared with big-three consumer credit bureau Equifax starting later this year unless customers opt out by the ...

Continue reading

We Infiltrated a Counterfeit Check Ring! Now What?

Imagine waking up each morning knowing the identities of thousands of people who are about to be mugged for thousands of dollars each. You know exactly when and where each of those muggings will take place, and you’ve shared this information in advance with the authorities each day for a year with n...

Continue reading

MyBook Users Urged to Unplug Devices from Internet

Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a previously unknown critical flaw that can be triggered by anyone who knows the Internet addr...

Continue reading

How Cyber Sleuths Cracked an ATM Shimmer Gang

In 2015, police departments worldwide started finding ATMs compromised with advanced new “shimming” devices made to steal data from chip card transactions. Authorities in the United States and abroad had seized many of these shimmers, but for years couldn’t decrypt the data on the devices. This is a...

Continue reading

How Cyber Safe is Your Drinking Water Supply?

Amid multiple recent reports of hackers breaking into and tampering with drinking water treatment systems comes a new industry survey with some sobering findings: A majority of the 52,000 separate drinking water systems in the United States still haven’t inventoried some or any of their information ...

Continue reading

First American Financial Pays Farcical $500K Fine

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. [NYSE:FAF] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. This week, the U.S. S...

Continue reading

Ukrainian Police Nab Six Tied to CLOP Ransomware

Authorities in Ukraine this week charged six people alleged to be part of the CLOP ransomware group, a cybercriminal gang said to have extorted more than half a billion dollars from victims. Some of CLOP’s victims this year alone include Stanford University Medical School, the University of Californ...

Continue reading

How Does One Get Hired by a Top Cybercrime Gang?

The U.S. Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot, a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. Just how di...

Continue reading

Microsoft Patches Six Zero-Day Security Holes

Microsoft today released another round of security updates for Windows operating systems and supported software, including fixes for six zero-day bugs that malicious hackers already are exploiting in active attacks. June’s Patch Tuesday addresses just 49 security holes — about half the normal number...

Continue reading

Justice Dept. Claws Back $2.3M Paid by Colonial Pipeline to Ransomware Gang

The U.S. Department of Justice said today it has recovered $2.3 million worth of Bitcoin that Colonial Pipeline paid to ransomware extortionists last month. The funds had been sent to DarkSide, a ransomware-as-a-service syndicate that disbanded after a May 14 farewell message to affiliates saying it...

Continue reading