Arrest in ‘Ransom Your Employer’ Email Scheme

Credit to Author: BrianKrebs| Date: Mon, 22 Nov 2021 21:57:18 +0000

In August, KrebsOnSecurity warned that scammers were contacting people and asking them to unleash ransomware inside their employer’s network, in exchange for a percentage of any ransom amount paid by the victim company. This week, authorities in Nigeria arrested a suspect in connection with the scheme — a young man who said he was trying to save up money to help fund a new social network.

Read more

Tech CEO Pleads to Wire Fraud in IP Address Scheme

Credit to Author: BrianKrebs| Date: Wed, 17 Nov 2021 23:56:07 +0000

The CEO of a South Carolina technology firm has pleaded guilty to 20 counts of wire fraud in connection with an elaborate network of phony companies set up to obtain more than 735,000 Internet Protocol (IP) addresses from the nonprofit organization that leases the digital real estate to entities in North America.

Read more

Hoax Email Blast Abused Poor Coding in FBI Website

Credit to Author: BrianKrebs| Date: Sat, 13 Nov 2021 22:46:53 +0000

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. According to an interview with the person who claimed responsibility for the hoax, the spam messages were sent by abusing insecure code in an FBI online portal designed to share information with state and local law enforcement authorities.

Read more

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Credit to Author: BrianKrebs| Date: Tue, 09 Nov 2021 02:05:21 +0000

The U.S. Department of Justice said today it arrested a Ukrainian man who deployed ransomware on behalf of the REvil ransomware gang, a Russian cybercriminal collective that has extorted hundreds of millions from victim organizations. The DOJ also said it had seized $6.1 million in cryptocurrency sent to another REvil affiliate, and that the State Department is now offering up to $10 million for information leading to the arrest of any key leaders of REvil.

Read more

The ‘Groove’ Ransomware Gang Was a Hoax

Credit to Author: BrianKrebs| Date: Tue, 02 Nov 2021 15:34:14 +0000

A number of publications in September warned about the emergence of “Groove,” a new ransomware group that called on competing extortion gangs to unite in attacking U.S. government interests online. It now appears that Groove was all a big hoax designed to toy with security firms and journalists.

Read more

Trial Ends in Guilty Verdict for DDoS-for-Hire Boss

Credit to Author: BrianKrebs| Date: Fri, 17 Sep 2021 01:22:31 +0000

A jury in California today reached a guilty verdict in the trial of Matthew Gatrel, a St. Charles, Ill. man charged in 2018 with operating two online services that allowed paying customers to launch powerful distributed denial-of-service (DDoS) attacks against Internet users and websites. Gatrel’s conviction comes roughly two weeks after his co-conspirator pleaded guilty to criminal charges related to running the services.

Read more

“FudCo” Spam Empire Tied to Pakistani Software Firm

Credit to Author: BrianKrebs| Date: Mon, 06 Sep 2021 19:04:41 +0000

In May 2015, KrebsOnSecurity briefly profiled “The Manipulaters,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. Six years later, a review of the social media postings from this group shows they are prospering, while rather poorly hiding their activities behind a software development firm in Lahore that has secretly enabled an entire generation of spammers and scammers.

Read more

15-Year-Old Malware Proxy Network VIP72 Goes Dark

Credit to Author: BrianKrebs| Date: Wed, 01 Sep 2021 20:09:24 +0000

Over the past 15 years, a cybercrime anonymity service known as VIP72 has enabled countless fraudsters to mask their true location online by routing their traffic through millions of malware-infected systems. But roughly two week ago, VIP72’s online storefront — which sold access to more than 30,000 compromised PCs — simply vanished.

Read more