Three Charged in July 15 Twitter Compromise

Credit to Author: BrianKrebs| Date: Fri, 31 Jul 2020 21:43:11 +0000

Three individuals have been charged for their alleged roles in the July 15 hack on Twitter, an incident that resulted in Twitter profiles for some of the world’s most recognizable celebrities, executives and public figures sending out tweets advertising a bitcoin scam. 

Read more

New Charges, Sentencing in Satori IoT Botnet Conspiracy

Credit to Author: BrianKrebs| Date: Thu, 25 Jun 2020 23:52:54 +0000

The U.S. Justice Department today criminally charged a Canadian and a Northern Ireland man for allegedly conspiring to build multiple botnets that enslaved hundreds of thousands of routers and other Internet of Things (IoT) devices for use in large-scale distributed denial-of-service (DDoS) attacks. In addition, a defendant in the United States was sentenced to drug treatment and 18 months community confinement for his admitted role in the conspiracy.

Read more

A Light at the End of Liberty Reserve’s Demise?

Credit to Author: BrianKrebs| Date: Fri, 14 Feb 2020 18:48:39 +0000

In May 2013, the U.S. Justice Department seized Liberty Reserve, alleging the virtual currency service acted as a $6 billion financial hub for the cybercrime world. Prompted by assurances that the government would one day afford Liberty Reserve users a chance to reclaim any funds seized as part of the takedown, KrebsOnSecurity filed a claim shortly thereafter to see if and when this process might take place. This week, an investigator with the U.S. Internal Revenue service finally got in touch to discuss my claim.

Read more

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Credit to Author: BrianKrebs| Date: Tue, 11 Feb 2020 03:25:52 +0000

The U.S. Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. DOJ officials said the four men were responsible for carrying out the largest theft of sensitive personal information by state-sponsored hackers ever recorded. 

Read more

DDoS Mitigation Firm Founder Admits to DDoS

Credit to Author: BrianKrebs| Date: Mon, 20 Jan 2020 23:13:03 +0000

A Georgia man who co-founded a service designed to protect companies from crippling distributed denial-of-service (DDoS) attacks has pleaded to paying a DDoS-for-hire service to launch attacks against others.

Read more

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Credit to Author: BrianKrebs| Date: Mon, 16 Dec 2019 14:08:21 +0000

The U.S. Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “Evil Corp” and stole roughly $100 million from businesses and consumers. As it happens, for several years KrebsOnSecurity closely monitored the day-to-day communications and activities of the accused and his accomplices. What follows is an insider’s look at the back-end operations of this gang.

Read more

Expert: IoT Botnets the Work of a ‘Vast Minority’

Credit to Author: BrianKrebs| Date: Wed, 24 Jan 2018 15:38:52 +0000

In December 2017, the U.S. Department of Justice announced indictments and guilty pleas by three men in the United States responsible for creating and using Mirai, a malware strain that enslaves poorly-secured “Internet of Things” or IoT devices like security cameras and digital video recorders for use in large-scale cyberattacks. The FBI and the DOJ had help in their investigation from many security experts, but this post focuses on one expert whose research into the Dark Web and its various malefactors was especially useful in that case. Allison Nixon is director of security research at Flashpoint, a cyber intelligence firm based in New York City. Nixon spoke with KrebsOnSecurity at length about her perspectives on IoT security and the vital role of law enforcement in this fight.

Read more

Some Basic Rules for Securing Your IoT Stuff

Credit to Author: BrianKrebs| Date: Wed, 17 Jan 2018 19:36:24 +0000

Most readers here have likely heard or read various prognostications about the impending doom from the proliferation of poorly-secured “Internet of Things” or IoT devices. Loosely defined as any gadget or gizmo that connects to the Internet but which most consumers probably wouldn’t begin to know how to secure, IoT encompasses everything from security cameras, routers and digital video recorders to printers, wearable devices and “smart” lightbulbs. Throughout 2016 and 2017, attacks from massive botnets made up entirely of hacked IoT devices had many experts warning of a dire outlook for Internet security. But the future of IoT doesn’t have to be so bleak. Here’s a primer on minimizing the chances that your IoT things become a security liability for you or for the Internet at large.

Read more