Web Fraud 2.0 – Page 4 – Computer Security Articles

SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool

June 22, 2023 admin A Little Sunshine, Adidas, apple, brian hughes, Latest Warnings, Lego, smishing, sms phishing, united parcel service, UPS, ups canada ltd., Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 22 Jun 2023 19:11:33 +0000

The United Parcel Service (UPS) says fraudsters have been harvesting phone numbers and other information from its online shipment tracking tool in Canada to send highly targeted SMS phishing (a.k.a. “smishing”) messages that spoofed UPS and other top brands. The missives addressed recipients by name, included details about recent orders, and warned that those orders wouldn’t be shipped unless the customer paid an added delivery fee.

Independent Krebs

Why Malware Crypting Services Deserve More Scrutiny

June 21, 2023 admin +7.9235059268, Breadcrumbs, cdek, constella intelligence, crypt[.]guru, gumboldt@gmail.com, Intel 471, kerens, kolumb, masscrypt@exploit.im, Ne'er-Do-Well News, obelisk57@gmail.com, pepyak@gmail.com, sergey y purtov, sergey yurievich purtov, spurtov@gmail.com, vip crypt, Web Fraud 2.0, Сергей Юрьевич Пуртов

Credit to Author: BrianKrebs| Date: Wed, 21 Jun 2023 18:39:36 +0000

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. In fact, the process of “crypting” malware is sufficiently complex and time-consuming that most serious cybercrooks will outsource this critical function to a handful of trusted third parties. This story explores the history and identity behind Cryptor[.]biz, a long-running crypting service that is trusted by some of the biggest names in cybercrime.

Independent Krebs

Service Rents Email Addresses for Account Signups

June 6, 2023 admin impulse scam crypto project, kopeechka, Mastodon, quotpw, renaud chaput, spam, Trend Micro, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 06 Jun 2023 20:09:13 +0000

One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to create large numbers of new throwaway email accounts. Now a new service offers to help dramatically cut costs associated with large-scale spam and account creation campaigns, by paying people to sell their email account credentials and letting customers temporarily rent access to a vast pool of established accounts at major providers.

Independent Krebs

Discord Admins Hacked by Malicious Bookmarks

May 30, 2023 admin aura network, berk yilmaz, bookmarklets, Breadcrumbs, Latest Warnings, levatax, metrixcoin, nahmii, nicholas scavuzzo, ocean protocol, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 31 May 2023 00:19:17 +0000

A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark.

Independent Krebs

Interview With a Crypto Scam Investment Spammer

May 22, 2023 admin arkose labs, Breadcrumbs, constella intelligence, domaintools, edgard011012@gmail.com, lolzteam, Mastodon, mondi group, moonxtrade, msr-sergey2015@yandex.ru, Ne'er-Do-Well News, quot.pw, renaud chaput, sergey proshutinskiy, tgm, Twitter, Web Fraud 2.0, ципа

Credit to Author: BrianKrebs| Date: Tue, 23 May 2023 00:15:30 +0000

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. What follows is an interview with a Russian hacker responsible for a series of aggressive crypto spam campaigns that recently prompted several large Mastodon communities to temporarily halt new registrations. According to the hacker, their spam software has been in private use until the last few weeks, when it was released as open source code.

Independent Krebs

Giving a Face to the Malware Proxy Service ‘Faceless’

April 18, 2023 admin accessapproved, asus666, constella intelligence, denis viktorovich pankov, faceless, Flashpoint, gaihnik, lesstroy@mgn.ru, liberty reserve, mrmurza, Ne'er-Do-Well News, omega^gg4u, riley kilmer, Shodan, spur.us, u1018928, vadim panov, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 18 Apr 2023 20:59:39 +0000

For the past seven years, a malware-based proxy service known as “Faceless” has sold anonymity to countless cybercriminals. For less than a dollar per day, Faceless customers can route their malicious traffic through tens of thousands of compromised systems advertised on the service. In this post we’ll examine clues left behind over the past decade by the proprietor of Faceless, including some that may help put a face to the name.

Independent Krebs

UK Sets Up Fake Booter Sites To Muddy DDoS Market

March 28, 2023 admin A Little Sunshine, booter, ddos-for-hire, National Crime Agency, Operation Power Off, stresser, u.s. department of justice, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 28 Mar 2023 17:26:07 +0000

The United Kingdom’s National Crime Agency (NCA) has been busy setting up phony DDoS-for-hire websites that seek to collect information on users, remind them that launching DDoS attacks is illegal, and generally increase the level of paranoia for people looking to hire such services.

Independent Krebs

Google Suspends Chinese E-Commerce App Pinduoduo Over Malware

March 22, 2023 admin A Little Sunshine, breachforums, bytedance, darknavy, data breaches, google, Latest Warnings, liu huafang, pdd holdings, pinduoduo, project zero, temu, TikTok, Web Fraud 2.0, weibo

Credit to Author: BrianKrebs| Date: Wed, 22 Mar 2023 23:11:08 +0000

Google says it has suspended the app for the Chinese e-commerce giant Pinduoduo after malware was found in versions of the app. The move comes just weeks after Chinese security researchers published an analysis suggesting the popular e-commerce app sought to seize total control over affected devices by exploiting multiple security vulnerabilities in a variety of Android-based smartphones.