Tag: cybercrime
-
U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation
The U.S. Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and unsealed charges against 16 individuals for their alleged involvement in the development and deployment of the malware, which it said was controlled by a Russia-based cybercrime organization.The malware, the DoJ said, infected more than…
-
Digital trust is cracking under the pressure of deepfakes, cybercrime
69% of global respondents to a Jumio survey say AI-powered fraud now poses a greater threat to personal security than traditional forms of identity theft. This number rises to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/23/ai-powered-fraud-threat/
-
US Takes Down DanaBot Malware, Indicts Developers
DanaBot Used to Steal and to Spy. A top figure in the Russian cybercrime gang behind DanaBot infected his own computer with the malware, allowing an FBI agent to search an image of his system, U.S. federal prosecutors disclosed Thursday in indictments and an announced disruption of the malware’s infrastructure. First seen on govinfosecurity.com Jump…
-
DOJ charges man allegedly behind Qakbot malware
The alleged leader of the cybercriminal gang behind the Qakbot malware, which was used by many high-profile ransomware gangs, has been indicted by the U.S. Justice Department. First seen on therecord.media Jump to article: therecord.media/doj-charges-man-allegedly-behind-qakbot-malware
-
Blurring Lines Between Scattered Spider & Russian Cybercrime
The loosely affiliated hacking group has shifted closer to ransomware gangs, raising questions about Scattered Spider’s ties to the Russian cybercrime underground. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/blurring-lines-scattered-spider-russian-cybercrime
-
Blurring Lines Between Scattered Spider and Russian Cybercrime
The loosely affiliated hacking group has shifted closer to ransomware gangs, raising questions about Scattered Spider’s ties to the Russian cybercrime underground. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/blurring-lines-scattered-spider-russian-cybercrime
-
Ghosted by a cybercriminal
Hazel observes that cybercriminals often fumble teamwork, with fragile alliances crumbling over missed messages. Plus, how UAT-6382 is exploiting Cityworks and what you can do to stay secure. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/ghosted-by-a-cybercriminal/
-
Hackers use fake Ledger apps to steal Mac users’ seed phrases
Cybercriminal campaigns are using fake Ledger apps to target macOS users and their digital assets by deploying malware that attempts to steal seed phrases that protect access to digital cryptocurrency wallets. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-use-fake-ledger-apps-to-steal-mac-users-seed-phrases/
-
Authorities carry out global takedown of infostealer used by cybercriminals
Authorities, along with tech companies including Microsoft and Cloudflare, say they’ve disrupted Lumma. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/05/authorities-carry-out-global-takedown-of-infostealer-used-by-cybercriminals/
-
Cybercriminals Using Trusted Google Domains to Spread Malicious Code
A sophisticated new malvertising scheme has emerged, transforming trusted e-commerce websites into phishing traps without the knowledge of site owners or advertisers. Cybercriminals are exploiting integrations with Google APIs, specifically through JSONP (JSON with Padding) calls, to inject malicious scripts into legitimate online stores. These scripts operate covertly, redirecting unsuspecting shoppers to fraudulent payment pages…
-
Cybercrime-Gruppe Dragonforce nimmt Konkurrenten im Kampf um die Ransomware-Vorherrschaft ins Visier
Seit Februar 2024, als die internationale Strafverfolgungsoperation ‘Cronos” die Leaksite Lockbit lahmlegte, ist das kriminelle Ransomware-Ökosystem stark gestört. In der Folge sind nicht nur neue Geschäftsmodelle entstanden, sondern es herrscht auch ein Revierkampf, da die Gruppen um die größte Marktmacht und schlussendlich den höchsten Gewinn mit Ransomware-Operationen wetteifern. Eine Gruppe macht dabei nach Untersuchungen der…
-
Feds and Microsoft crush Lumma Stealer that stole millions of passwords
Tags: access, breach, control, cyber, cybercrime, cybersecurity, infrastructure, malware, microsoft, password, russia, service, software, threat, tool2,300 domains neutralized, command infrastructure seized: As part of the legal action filed in the US District Court for the Northern District of Georgia, Microsoft secured authorization to seize and disrupt a core component of Lumma’s ecosystem: its domain infrastructure. These domains acted as communication nodes between infected devices and the malware’s operators.According to the…
-
Cybercrime & Kryptowährungen Teil 2 – So kämpfen Regulierung, Behörden und Forensik gegen Krypto-Kriminalität
First seen on security-insider.de Jump to article: www.security-insider.de/cyberkriminalitaet-krypto-boersen-regulierung-forensik-praevention-a-f8d1a0c6cac246029d6ced9f1a19683f/
-
Microsoft Dismantles Lumma Stealer Network, Seizes 2,000+ Domains
Microsoft disrupts Lumma Stealer network, seizing 2,000 domains linked to 394,000 infections in global cybercrime crackdown with law enforcement partners. First seen on hackread.com Jump to article: hackread.com/microsoft-dismantle-lumma-stealer-domain-seized/
-
Lumma infostealer infected about 10 million systems before global disruption
Cybercriminals used the prolific malware to target individuals and businesses, including Fortune 500 companies, according to the FBI. First seen on cyberscoop.com Jump to article: cyberscoop.com/lumma-infostealer-widespread-victims/
-
Police Operation and Microsoft Take Down Lumma Infostealer
User Panels and Command and Control Domains Seized. Law enforcement and Microsoft struck a blow against malware used to steal login credentials and financial data, seizing the central command structure and thousands of online domains used to control the Lumma Stealer. Lumma first appeared on Russian-language speaking cybercriminal forums in 2022. First seen on govinfosecurity.com…
-
Lumma infostealer’s infrastructure seized during US, EU, Microsoft operation
A sting involving law enforcement and private sector companies disrupted the Lumma infostealer, malware sold around the globe to cybercriminals and credited for millions of infections. First seen on therecord.media Jump to article: therecord.media/lumma-infostealer-malware-takedown-microsoft-fbi
-
Authorities Carry Out Elaborate Global Takedown of Infostealer Heavily Used by Cybercriminals
US, European, and Japanese authorities, along with tech companies including Microsoft and Cloudflare, say they’ve disrupted Lumma, an infostealer popular with criminal gangs. First seen on wired.com Jump to article: www.wired.com/story/lumma-stealer-takedown-disrupted/
-
PupkinStealer Exploits Web Browser Passwords and App Tokens to Exfiltrate Data Through Telegram
A newly identified .NET-based information-stealing malware, dubbed PupkinStealer (also known as PumpkinStealer in some reports), has surfaced as a significant cyber threat, targeting sensitive data such as web browser passwords and application session tokens. First observed in the wild around April 2025, this malware is believed to have roots in Russian-speaking cybercrime communities, with indicators…
-
Cybercriminals Mimic Kling AI to Distribute Infostealer Malware
A new malware campaign disguised as Kling AI used fake Facebook ads and counterfeit websites to distribute an infostealer First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cyber-criminals-mimic-kling-ai/
-
The cyber-attack is costly and embarrassing. But M&S should pull through
If £300m can be whittled down to £150m, it’s a big hit but still a long way from upsetting M&S’s broader revivalShouldn’t a robust IT system be able to withstand the odd “human error”, such as somebody at a third-party supplier being hoodwinked by devious cybercriminals? Isn’t <a href=”https://www.theguardian.com/business/2025/may/21/cyber-attack-cost-marks-and-spencer-lost-sales-company-results-reveal”>£300m at the expensive end for these…
-
‘Deep concern’ for domestic abuse survivors as cybercriminals expected to publish confidential refuge addresses
A data extortion incident impacting the British government’s Legal Aid Agency could have serious implications for vulnerable people. First seen on therecord.media Jump to article: therecord.media/concern-domestic-survivors-breach-london
-
UK police looking at ‘range’ of potential perpetrators behind retail cyberattacks
The head of the cybercrime unit at the National Crime Agency says the investigation into cyberattacks on British retail companies is not focused on a specific group, for now. First seen on therecord.media Jump to article: therecord.media/uk-retail-cyberattacks-nca-investigation
-
Scattered Spider is focus of NCA inquiry into cyber-attacks against UK retailers
Detectives say English-speaking hacker community a key suspect after M&S, Co-op and Harrods targeted<ul><li><a href=”https://www.theguardian.com/business/live/2025/may/21/uk-inflation-forecast-jumped-april-higher-household-bills-reeves-g7-canada-business-live”>Business live latest updates</li></ul>A hacker community known as Scattered Spider is a key suspect in a criminal inquiry into cyber-attacks against UK retailers including Marks & Spencer, detectives have said.Scattered Spider, a loose collective of native English-speaking cybercriminals, has been strongly…
-
India Launches e-Zero FIR System to Fast-Track Financial Cybercrime Cases
Indian Ministry of Home Affairs (MHA) has introduced the e-Zero FIR system, a digital-forward solution to ensure justice for victims of financial cybercrimes. Announced by India’s Union Home Minister and Minister of Cooperation Amit Shah on May 19, 2025, this initiative is part of the government’s Cyber Secure Bharat initiative. First seen on thecyberexpress.com Jump…
-
Coinbase says recent data breach impacts 69,461 customers
Coinbase, a cryptocurrency exchange with over 100 million customers, revealed that a recent data breach in which cybercriminals stole customer and corporate data affected 69,461 individuals First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/coinbase-says-recent-data-breach-impacts-69-461-customers/
-
Cybercriminals Could Leverage Google Cloud Platform for Malicious Activities
A Research by Tenable and Cisco Talos has shed light on a critical vulnerability in Google Cloud Platform’s (GCP) Cloud Functions and Cloud Build services, revealing a potential attack vector for cybercriminals. According to Tenable, the default Cloud Build Service Account (SA) previously granted excessive permissions during the deployment of Cloud Functions, a serverless compute…
-
M&S Reportedly Hacked Using Third-Party Credentials
Scattered Spider Stole Tata Consulting Services Employee Login Details for Hack. British retailer Marks & Spencer was reportedly compromised by cybercrime group Scattered Spider using stolen employee credentials from a third-party IT company. Citing an unidentified source, Reuters reported hackers used the M&S login credentials of two Tata Consulting Services employees. First seen on govinfosecurity.com…
-
Account Takeover Scams Are Bypassing Fraud Defenses
FIs Must Invest in AI-Fueled Behavioral Biometrics to Go Beyond Static Credentials. Scammers are increasingly turning to account takeover fraud, as financial institutions ramp up their defenses. Instead of luring victims into making authorized transactions, cybercriminals are bypassing them altogether, hijacking their digital identities and draining accounts from within. First seen on govinfosecurity.com Jump to…