Disneyland Malware Team: It’s a Puny World After All

Credit to Author: BrianKrebs| Date: Wed, 16 Nov 2022 17:32:00 +0000

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode, an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic and Ukrainian.

Read more

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

Credit to Author: BrianKrebs| Date: Tue, 15 Nov 2022 15:38:20 +0000

Vyacheslav “Tank” Penchukov, the accused 40-year-old Ukrainian leader of a prolific cybercriminal group that stole tens of millions of dollars from small to mid-sized businesses in the United States and Europe, has been arrested in Switzerland, according to multiple sources.

Read more

Hacker Charged With Extorting Online Psychotherapy Service

Credit to Author: BrianKrebs| Date: Thu, 03 Nov 2022 14:43:22 +0000

A 25-year-old Finnish man has been charged with extorting a once popular and now-bankrupt online psychotherapy company and its patients. Finnish authorities rarely name suspects in an investigation, but they were willing to make an exception for Julius “Zeekill” Kivimaki, a notorious hacker who — at the tender age of 17 — had been convicted of more than 50,000 cybercrimes, including data breaches, payment fraud, operating botnets, and calling in bomb threats.

Read more

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

Credit to Author: BrianKrebs| Date: Mon, 31 Oct 2022 20:53:27 +0000

A 26-year-old Ukrainian man is awaiting extradition to the United States on charges that he acted as a core developer for Raccoon, a “malware-as-a-service” offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. KrebsOnSecurity has learned that the defendant was busted in March 2022, after fleeing mandatory military service in Ukraine in the weeks following the Russian invasion.

Read more

Fake CISO Profiles on LinkedIn Target Fortune 500s

Credit to Author: BrianKrebs| Date: Thu, 29 Sep 2022 20:52:43 +0000

Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. It’s not clear who’s behind this network of fake CISOs or what their intentions may be. But the fabricated LinkedIn identities are confusing search engine results for CISO roles at major companies, and they are being indexed as gospel by various downstream data-scraping sources.

Read more

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Credit to Author: BrianKrebs| Date: Fri, 23 Sep 2022 18:19:51 +0000

A 36-year-old Russian man recently identified by KrebsOnSecurity as the likely proprietor of the massive RSOCKS botnet has been arrested in Bulgaria at the request of U.S. authorities. At a court hearing in Bulgaria this month, the accused hacker requested and was granted extradition to the United States, reportedly telling the judge, “America is looking for me because I have enormous information and they need it.”

Read more

SIM Swapper Abducted, Beaten, Held for $200k Ransom

Credit to Author: BrianKrebs| Date: Wed, 21 Sep 2022 16:17:08 +0000

A Florida teenager who served as a lackey for a cybercriminal group that specializes in cryptocurrency thefts was beaten and kidnapped last week by a rival cybercrime gang. The teen’s captives held guns to his head while forcing him to record a video message pleading with his crew to fork over a $200,000 ransom in exchange for his life. The youth is now reportedly cooperating with U.S. federal investigators, who are responding to an alarming number of reports of physical violence tied to certain online crime communities.

Read more

Botched Crypto Mugging Lands Three U.K. Men in Jail

Credit to Author: BrianKrebs| Date: Fri, 16 Sep 2022 17:55:25 +0000

Three men in the United Kingdom were arrested this month after police responding to an attempted break-in at a residence stopped their car as they fled the scene. The authorities found weapons and a police uniform in the trunk, and say the trio intended to assault a local man and force him to hand over virtual currencies. 

Read more