Krebs – Computer Security Articles

Ask Fitis, the Bear: Real Crooks Sign Their Malware

June 1, 2023 admin 0 Comments 165540027, 774748@gmail.com, akafitis@gmail.com, Breadcrumbs, code-signing certificates, constella intelligence, DomainTools.com, featar24, fitis, Flashpoint, glavmed, Intel 471, konstantin evgenievich fetisov, megatraffer, Ne'er-Do-Well News, o.r.z., Spamit, spampage@yandex.ru

Credit to Author: BrianKrebs| Date: Thu, 01 Jun 2023 16:15:34 +0000

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. This post is a deep dive on “Megatraffer,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015.

Independent Krebs

Discord Admins Hacked by Malicious Bookmarks

May 30, 2023 admin 0 Comments aura network, berk yilmaz, bookmarklets, Breadcrumbs, Latest Warnings, levatax, metrixcoin, nahmii, nicholas scavuzzo, ocean protocol, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 31 May 2023 00:19:17 +0000

A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark.

Independent Krebs

Phishing Domains Tanked After Meta Sued Freenom

May 26, 2023 admin A Little Sunshine, awpg ecrime exchange, dave piscitello, freenom, interisle consulting group, Mastodon, meta, Namecheap, openphish, phishtank, spamhaus

Credit to Author: BrianKrebs| Date: Fri, 26 May 2023 16:37:15 +0000

The number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit from social networking giant Meta, which alleged the free domain name provider has a long history of ignoring abuse complaints about phishing websites while monetizing traffic to those abusive domains.

Independent Krebs

Interview With a Crypto Scam Investment Spammer

May 22, 2023 admin arkose labs, Breadcrumbs, constella intelligence, domaintools, edgard011012@gmail.com, lolzteam, Mastodon, mondi group, moonxtrade, msr-sergey2015@yandex.ru, Ne'er-Do-Well News, quot.pw, renaud chaput, sergey proshutinskiy, tgm, Twitter, Web Fraud 2.0, ципа

Credit to Author: BrianKrebs| Date: Tue, 23 May 2023 00:15:30 +0000

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. What follows is an interview with a Russian hacker responsible for a series of aggressive crypto spam campaigns that recently prompted several large Mastodon communities to temporarily halt new registrations. According to the hacker, their spam software has been in private use until the last few weeks, when it was released as open source code.

Independent Krebs

Russian Hacker “Wazawaka” Indicted for Ransomware

May 16, 2023 admin babuk ransomware, boriselcin, hive ransomware, lockbit ransomware, mikhail pavolovich matveev, Ne'er-Do-Well News, orange, ramp, uhodiransomwar, wazawaka

Credit to Author: BrianKrebs| Date: Tue, 16 May 2023 21:33:43 +0000

A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and vocal member of several top ransomware groups was the subject of two indictments unsealed by the Justice Department today. U.S. prosecutors say Mikhail Pavolovich Matveev, a.k.a. “Wazawaka” and “Boriselcin” worked with three different ransomware gangs that extorted hundreds of millions of dollars from companies, schools, hospitals and government agencies.

Independent Krebs

Re-Victimization from Police-Auctioned Cell Phones

May 16, 2023 admin A Little Sunshine, dave levin, graykey, propertyroom.com, University of Maryland

Credit to Author: BrianKrebs| Date: Tue, 16 May 2023 12:20:58 +0000

Countless smartphones seized in arrests and searches by police forces across the United States are being auctioned online without first having the data on them erased, a practice that can lead to crime victims being re-victimized, a new study found. In response, the largest online marketplace for items seized in U.S. law enforcement investigations says it now ensures that all phones sold through its platform will be data-wiped prior to auction.

Independent Krebs

Microsoft Patch Tuesday, May 2023 Edition

May 11, 2023 admin adam barnett, blacklotus, cve-2023-24932, cve-2023-24941, cve-2023-28283, cve-2023-29325, cve-2023-29336, immersive labs, kevin breen, Rapid7, sans internet storm center, Time to Patch

Credit to Author: BrianKrebs| Date: Wed, 10 May 2023 01:19:58 +0000

Microsoft today released software updates to fix at least four dozen security holes in its Windows operating systems and other software, including patches for two zero-day vulnerabilities that are already being exploited in active attacks.

Independent Krebs

Feds Take Down 13 More DDoS-for-Hire Services

May 9, 2023 admin angel manuel colon jr., booters, cambridge university cybercrime center, cory anthony palmer, ddos-for-hire, FBI, jeremiah sam evans miller, john m. dobbs, matthew gatrel, Ne'er-Do-Well News, richard clayton, shamar shattock, stressers, u.s. department of justice

Credit to Author: BrianKrebs| Date: Tue, 09 May 2023 14:05:44 +0000

The U.S. Federal Bureau of Investigation (FBI) this week seized 13 domain names connected to “booter” services that let paying customers launch crippling distributed denial-of-service (DDoS) attacks. Ten of the domains are reincarnations of DDoS-for-hire services the FBI seized in December 2022, when it charged six U.S. men with computer crimes for allegedly operating booters.

← Previous