Ukraine Nabs Suspect in 773M Password ‘Megabreach’

Credit to Author: BrianKrebs| Date: Tue, 19 May 2020 16:46:21 +0000

In January 2019, dozens of media outlets raised the alarm about a new “megabreach” involving the release of some 773 million stolen usernames and passwords that was breathlessly labeled “the largest collection of stolen data in history.” A subsequent review by KrebsOnSecurity quickly determined the data was years old and merely a compilation of credentials pilfered from mostly public data breaches. Earlier today, authorities in Ukraine said they’d apprehended a suspect in the case.

Read more

This Service Helps Malware Authors Fix Flaws in their Code

Credit to Author: BrianKrebs| Date: Mon, 18 May 2020 15:31:17 +0000

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals.

Read more

How Cybercriminals are Weathering COVID-19

Credit to Author: BrianKrebs| Date: Thu, 30 Apr 2020 18:20:57 +0000

In many ways, the COVID-19 pandemic has been a boon to cybercriminals: With unprecedented numbers of people working from home and anxious for news about the virus outbreak, it’s hard to imagine a more target-rich environment for phishers, scammers and malware purveyors. In addition, many crooks are finding the outbreak has helped them better market their cybercriminal wares and services. But it’s not all good news: The Coronavirus also has driven up costs and disrupted key supply lines for many cybercriminals.

Read more

Meet the World’s Biggest ‘Bulletproof’ Hoster

Credit to Author: BrianKrebs| Date: Tue, 16 Jul 2019 15:34:31 +0000

For at least the past decade, a computer crook variously known as “Yalishanda,” “Downlow” and “Stas_vl” has run one of the most popular “bulletproof” Web hosting services catering to a vast array of phishing sites, cybercrime forums and malware download servers. What follows are a series of clues that point to the likely real-life identity of a Russian man who appears responsible for enabling a ridiculous amount of cybercriminal activity on the Internet today.

Read more