Tag: cybercrime
-
Russia-linked hackers intensify attacks as global APT activity shifts
State-aligned hacking groups have spent the past six months ramping up espionage, sabotage, and cybercrime campaigns across multiple regions, according to ESET’s APT Activity … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/06/global-apt-activity-report-2025/
-
U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program
U.S. sanctions North Korea bankers and firms accused of laundering cybercrime funds used to finance the country’s nuclear weapons program. The U.S. Government has imposed sanctions on several North Korea bankers, financial institutions, and individuals accused of laundering funds obtained from cybercrime operations. According to the U.S. Treasury Department, these illicit financial activities directly support…
-
Inside Scattered LAPSUS$: 2025’s Most Notorious Hacker Alliance
Scattered LAPSUS$ Hunters unites major cybercrime groups to launch sophisticated, multi-stage attacks on global enterprises. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/news-scattered-lapsus-hacking-group/
-
Three Infamous Hacker Groups Join Forces as the ‘Scattered LAPSUS$ Hunters
The cybercriminal underground has witnessed a significant consolidation as three of the most notorious threat actors Scattered Spider, ShinyHunters, and LAPSUS$ have formally aligned to create the Scattered LAPSUS$ Hunters (SLH), a federated collective that emerged in early August 2025. This strategic merger represents a departure from traditional standalone operations, presenting a sophisticated threat model…
-
Three Infamous Hacker Groups Join Forces as the ‘Scattered LAPSUS$ Hunters
The cybercriminal underground has witnessed a significant consolidation as three of the most notorious threat actors Scattered Spider, ShinyHunters, and LAPSUS$ have formally aligned to create the Scattered LAPSUS$ Hunters (SLH), a federated collective that emerged in early August 2025. This strategic merger represents a departure from traditional standalone operations, presenting a sophisticated threat model…
-
Three Infamous Hacker Groups Join Forces as the ‘Scattered LAPSUS$ Hunters
The cybercriminal underground has witnessed a significant consolidation as three of the most notorious threat actors Scattered Spider, ShinyHunters, and LAPSUS$ have formally aligned to create the Scattered LAPSUS$ Hunters (SLH), a federated collective that emerged in early August 2025. This strategic merger represents a departure from traditional standalone operations, presenting a sophisticated threat model…
-
U.S. Sanctions 10 North Korean Entities for Laundering $12.7M in Crypto and IT Fraud
The U.S. Treasury Department on Tuesday imposed sanctions against eight individuals and two entities within North Korea’s global financial network for laundering money for various illicit schemes, including cybercrime and information technology (IT) worker fraud.”North Korean state-sponsored hackers steal and launder money to fund the regime’s nuclear weapons program,” said Under Secretary of First seen…
-
U.S. Sanctions 10 North Korean Entities for Laundering $12.7M in Crypto and IT Fraud
The U.S. Treasury Department on Tuesday imposed sanctions against eight individuals and two entities within North Korea’s global financial network for laundering money for various illicit schemes, including cybercrime and information technology (IT) worker fraud.”North Korean state-sponsored hackers steal and launder money to fund the regime’s nuclear weapons program,” said Under Secretary of First seen…
-
US sanctions North Korean bankers linked to cybercrime, IT worker fraud
The U.S. Treasury Department imposed sanctions on two North Korean financial institutions and eight individuals involved in laundering cryptocurrency stolen in cybercrime and fraudulent IT worker schemes. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-treasury-sanctions-north-korean-bankers-linked-to-cybercrime-it-worker-fraud/
-
FIN7 Hackers Leverage Windows SSH Backdoor for Stealthy Remote Access and Persistence
Tags: access, backdoor, cyber, cybercrime, group, hacker, infrastructure, intelligence, threat, windowsThe notorious FIN7 cybercriminal group, also known as Savage Ladybug, continues to rely on a sophisticated Windows SSH backdoor infrastructure with minimal modifications since 2022, according to threat intelligence analysis. The threat actor has maintained operational consistency while using an install.bat script paired with OpenSSH toolsets to establish reverse SSH and SFTP connections for maintaining…
-
Google says 2026 will be the year AI supercharges cybercrime
Security leaders are staring down a year of major change. In its Cybersecurity Forecast 2026, Google paints a picture of a threat landscape transformed by AI, supercharged … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/05/google-cybersecurity-forecast-2026/
-
North Korean companies, people sanctioned for money laundering from cybercrime, IT worker schemes
The Treasury Department on Tuesday sanctioned eight people and two companies it accused of laundering money obtained from cybercrime and IT worker schemes to fund North Korean government objectives. According to the department, over the last three years North Korea-linked cybercriminals have stolen over $3 billion, mostly in cryptocurrency. In addition, it said, North Korean…
-
North Korean companies, people sanctioned for money laundering from cybercrime, IT worker schemes
The Treasury Department on Tuesday sanctioned eight people and two companies it accused of laundering money obtained from cybercrime and IT worker schemes to fund North Korean government objectives. According to the department, over the last three years North Korea-linked cybercriminals have stolen over $3 billion, mostly in cryptocurrency. In addition, it said, North Korean…
-
Treasury sanctions 8 for laundering North Korea earnings from cybercrime, IT worker scheme
An IT company, a financial institution and eight men accused of aiding cybercrime and IT worker scams are now on the U.S. government’s list of sanctioned North Korean entities. First seen on therecord.media Jump to article: therecord.media/north-korea-us-sanctions-it-worker-scams-cybercrime
-
A Cybercrime Merger Like No Other, Scattered Spider, LAPSUS$, and ShinyHunters Join Forces
The nascent collective that combines three prominent cybercrime groups, Scattered Spider, LAPSUS$, and ShinyHunters, has created no less than 16 Telegram channels since August 8, 2025.”Since its debut, the group’s Telegram channels have been removed and recreated at least 16 times under varying iterations of the original name a recurring cycle reflecting platform moderation and…
-
Cybercriminals exploit RMM tools to steal real-world cargo
Cybercriminals are compromising logistics and trucking companies by tricking them into installing remote monitoring and management (RMM) tools, Proofpoint researchers warned. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/04/cybercriminals-logistics-trucking-rmm-tools/
-
Cybercriminals exploit RMM tools to steal real-world cargo
Cybercriminals are compromising logistics and trucking companies by tricking them into installing remote monitoring and management (RMM) tools, Proofpoint researchers warned. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/04/cybercriminals-logistics-trucking-rmm-tools/
-
Cybercriminals exploit RMM tools to steal real-world cargo
Cybercriminals are compromising logistics and trucking companies by tricking them into installing remote monitoring and management (RMM) tools, Proofpoint researchers warned. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/04/cybercriminals-logistics-trucking-rmm-tools/
-
Crooks exploit RMM software to hijack trucking firms and steal cargo
Hackers target trucking firms with RMM tools to steal freight, teaming with organized crime to loot goods, mainly food and beverages. Cybercriminals are targeting trucking and logistics firms with RMM tools (remote monitoring and management software) to steal freight. Active since June 2025, the group works with organized crime to loot goods, mainly food and…
-
Crooks exploit RMM software to hijack trucking firms and steal cargo
Hackers target trucking firms with RMM tools to steal freight, teaming with organized crime to loot goods, mainly food and beverages. Cybercriminals are targeting trucking and logistics firms with RMM tools (remote monitoring and management software) to steal freight. Active since June 2025, the group works with organized crime to loot goods, mainly food and…
-
Cybercriminals have built a business on YouTube’s blind spots
The days when YouTube was just a place for funny clips and music videos are behind us. With 2.53 billion active users, it has become a space where entertainment, information, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/04/youtube-video-scams-cybercrime/
-
Cybercriminals Exploit RMM Tools to Target Trucking Firms and Hijack Freight
Cybercriminals are orchestrating sophisticated attacks against trucking and freight companies in elaborate schemes designed to steal cargo shipments worth millions. These threat actors are exploiting the digital transformation of the logistics industry, compromising transportation companies to fraudulently bid on legitimate cargo loads before stealing and reselling the goods. At the center of these operations is…
-
Cybercriminals Exploit RMM Tools to Target Trucking Firms and Hijack Freight
Cybercriminals are orchestrating sophisticated attacks against trucking and freight companies in elaborate schemes designed to steal cargo shipments worth millions. These threat actors are exploiting the digital transformation of the logistics industry, compromising transportation companies to fraudulently bid on legitimate cargo loads before stealing and reselling the goods. At the center of these operations is…
-
Jabber Zeus developer ‘MrICQ’ extradited to US from Italy
Ukrainian Yuriy Rybtsov, aka MrICQ, a suspected Jabber Zeus developer, was extradited from Italy to the US to face cybercrime charges. Ukrainian national Yuriy Igorevich Rybtsov (41), aka MrICQ, an alleged Jabber Zeus developer, was arrested in Italy, lost his extradition appeal, and has been sent to the US to face cybercrime charges. After a…
-
Nation-State, Cyber and Hacktivist Threats Pummel Europe
Identity and Cloud Stacks Targeted as Adversaries Seek New Ways In, Experts Warn. Cyberattacks targeting European organizations continue to shape and be shaped by geopolitical events, whether they involve nation-state hackers, financially motivated cybercriminals or opportunistic hacktivists, says a new report from cybersecurity firm CrowdStrike. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/nation-state-cyber-hacktivist-threats-pummel-europe-a-29914
-
Cybercrime groups team with organized crime in massive cargo theft campaigns
Financially motivated hackers are abusing remote monitoring and access tools against trucking and freight companies, Proofpoint warns. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cybercrime-organized-crime-cargo-theft-campaign/804501/
-
Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks
Bad actors are increasingly training their sights on trucking and logistics companies with an aim to infect them with remote monitoring and management (RMM) software for financial gain and ultimately steal cargo freight.The threat cluster, believed to be active since at least June 2025 according to Proofpoint, is said to be collaborating with organized crime…
-
YouTube ‘Ghost Network’ Spreads Infostealer via 3,000 Fake Videos
Check Point Research exposed a sophisticated, role-based operation called the YouTube Ghost Network, distributing dangerous Lumma and Rhadamanthys Infostealer malware. Learn how cybercriminals use hijacked channels and bots to triple malicious video output and steal user credentials. First seen on hackread.com Jump to article: hackread.com/youtube-ghost-network-infostealer-fake-videos/