KT

March 29, 2022

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

This post was originally published on this siteThere is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. It involves compromising email accounts and websites tied to police departments and government agencies, and then sending unauthorized demands for subscriber data while claiming the information being requested can’t wait for a court order because it relates to an urgent matter of life and death. In the United States, when federal, state or local law enforcement agencies wish to obtain information about who owns […]
April 22, 2022

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

This post was originally published on this siteKrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion. LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to […]
May 12, 2022

DEA Investigating Breach of Law Enforcement Data Portal

This post was originally published on this siteThe U.S. Drug Enforcement Administration (DEA) says it is investigating reports that hackers gained unauthorized access to an agency portal that taps into 16 different federal law enforcement databases. KrebsOnSecurity has learned the alleged compromise is tied to a cybercrime and online harassment community that routinely impersonates police and government officials to harvest personal information on their targets. Unidentified hackers shared this screenshot of alleged access to the Drug Enforcement Administration’s intelligence sharing portal. On May 8, KrebsOnSecurity received a tip that hackers obtained a username and password for an authorized user of […]
March 14, 2023

Two U.S. Men Charged in 2022 Hacking of DEA Portal

This post was originally published on this siteTwo U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims. Prosecutors for the Eastern District of New York today unsealed criminal complaints against Sagar Steven Singh — also known as “Weep” — a 19-year-old from Pawtucket, Rhode Island; and Nicholas Ceraolo, 25, of Queens, […]