Tag: cybercrime
-
VanHelsing ransomware builder leaked on hacking forum
The VanHelsing ransomware-as-a-service operation published the source code for its affiliate panel, data leak blog, and Windows encryptor builder after an old developer tried to sell it on the RAMP cybercrime forum. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/vanhelsing-ransomware-builder-leaked-on-hacking-forum/
-
‘Hazy Hawk’ Cybercrime Gang Swoops In for Cloud Resources
Since December 2023, the threat group has preyed on domains belonging to the US Centers for Disease Control and Prevention (CDC) and numerous other reputable organizations worldwide to redirect users to malicious sites. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/hazy-hawk-cybercrime-gang-cloud-resources
-
Hackers Abuse TikTok and Instagram APIs to Verify Stolen Account Credentials
Cybercriminals are leveraging the Python Package Index (PyPI) to distribute malicious tools designed to exploit TikTok and Instagram APIs for verifying stolen account credentials. Security researchers at Socket have identified three such packages checker-SaGaF, steinlurks, and sinnercore that automate the process of validating emails and usernames against social media platforms. Released between April 2023 and…
-
Hackers Use Weaponized RAR Archives to Deliver Pure Malware in Targeted Attacks
Russian organizations have become prime targets of a sophisticated malware campaign deploying the Pure malware family, first identified in mid-2022. Distributed via a Malware-as-a-Service (MaaS) model, Pure malware allows cybercriminals to purchase and deploy it with ease. While the campaign began in March 2023, the first third of 2025 witnessed a staggering fourfold increase in…
-
UK government confirms massive data breach following hack of Legal Aid Agency
A large cache of sensitive data about people who applied for legal aid in the U.K. is potentially in the possession of cybercriminals, the government said. First seen on therecord.media Jump to article: therecord.media/uk-legal-aid-agency-data-breach
-
Millions at risk after attackers steal UK legal aid data dating back 15 years
Cybercriminals lifted info including addresses, ID numbers, and financial records from agency systems First seen on theregister.com Jump to article: www.theregister.com/2025/05/19/legal_aid_agency_data_theft/
-
Health Care Data Breach Costs BreachForums Admin $700,000 Fine
Conor Brian Fitzpatrick, the 22-year-old former administrator of cybercrime forum Breachforums, will forfeit approximately $700,000 to settle a civil lawsuit stemming from a healthcare data breach. The settlement marks a rare instance where a cybercriminal’s assets will directly compensate victims of a data breach. Fitzpatrick, known online as >>Pompompurin,
-
Coinbase flips $20M extortion demand into bounty for info on attackers
The largest cryptocurrency exchange in the U.S. said cybercriminals bribed insiders to steal data on customers, some of whom were duped into handing over crypto assets. First seen on cyberscoop.com Jump to article: cyberscoop.com/coinbase-cyberattack-extortion-counter-reward/
-
Cybercriminal Andrei Tarasov Escapes US Extradition, Returns to Russia
Andrei Vladimirovich Tarasov, a 33-year-old Russian cybercrime figure known online as >>Aels,
-
Researchers Replicate Advanced Tactics and Tools of VanHelsing Ransomware
Cybersecurity researchers at AttackIQ have meticulously emulated the intricate tactics, techniques, and procedures (TTPs) of the VanHelsing ransomware, a potent ransomware-as-a-service (RaaS) operation that surfaced in March 2025. This cyber threat has rapidly gained notoriety within the cybercriminal underworld for its advanced cross-platform capabilities and aggressive double extortion model. VanHelsing targets a wide array of…
-
FBI: US officials targeted in voice deepfake attacks since April
The FBI warned that cybercriminals using AI-generated audio deepfakes to target U.S. officials in voice phishing attacks that started in April. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-us-officials-targeted-in-voice-deepfake-attacks-since-april/
-
Coinbase Offers $20m Bounty to Take Down Cybercrime Ring Behind Hack
Coinbase is offering a $20m reward to help catch the threat actor behind a cyber-attack that could cost it between $180-$400m First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/coinbase-offers-20m-bounty/
-
Xanthorox Emerging BlackHat AI Tool Empowering Hackers in Phishing and Malware Campaigns
Tags: ai, conference, crypto, cyber, cybercrime, cybersecurity, dark-web, github, hacker, intelligence, malware, phishing, toolArtificial intelligence platform named Xanthorox has emerged as a potent new tool for cybercriminals, enabling the automated generation of phishing campaigns, malware, and hyperrealistic deepfakes. Unlike traditional dark-web tools restricted to hidden forums, Xanthorox’s developer openly advertises its capabilities on public platforms like GitHub, YouTube, and Telegram while accepting cryptocurrency payments for access. Cybersecurity experts…
-
Coinbase data breach exposes customer info and government IDs
Coinbase, a cryptocurrency exchange with over 100 million customers, has disclosed that cybercriminals working with rogue support agents stole customer data and demanded a $20 million ransom not to publish the stolen information. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/coinbase-discloses-breach-faces-up-to-400-million-in-losses/
-
Who needs VC funding? How cybercriminals spread their ill-gotten gains to everyday business ventures
The benefits of cybercrime aren’t all flashy cars and watches. Sophos X-Ops researchers discovered it also fuels a far-reaching mix of ordinary, sometimes unremarkable businesses. First seen on cyberscoop.com Jump to article: cyberscoop.com/what-cybercriminals-do-with-their-money-sophos/
-
5 BCDR Essentials for Effective Ransomware Defense
Ransomware has evolved into a deceptive, highly coordinated and dangerously sophisticated threat capable of crippling organizations of any size. Cybercriminals now exploit even legitimate IT tools to infiltrate networks and launch ransomware attacks. In a chilling example, Microsoft recently disclosed how threat actors misused its Quick Assist remote assistance tool to deploy the destructive First…
-
BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan
At least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver, indicating that multiple threat actors are taking advantage of the bug.Cybersecurity firm ReliaQuest, in a new update published today, said it uncovered evidence suggesting involvement from the BianLian data extortion crew and the…
-
“Dance of the Hillary” and the Expanding Use of Malware in Regional Cyber Conflict
A recent advisory from the Punjab Police’s cybercrime wing warns of a new wave of malware attacks potentially originating from Pakistan, with a tool known as “Dance of the Hillary” at the center of the campaign. Targeting users through phishing links and malicious attachments, this strain of malware is designed to steal sensitive data and…
-
Kosovo extradites BlackDB admin to face US cybercrime charges
A Kosovo national has been extradited to the United States to face charges of running an online cybercrime marketplace active since 2018. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kosovo-extradites-blackdb-admin-to-face-us-cybercrime-charges/
-
Cybercrime & Kryptowährungen Teil 1 – So erkennen IT-Security-Experten Krypto-Risiken rechtzeitig
First seen on security-insider.de Jump to article: www.security-insider.de/cyberkriminalitaet-krypto-boersen-risiken-erkennen-a-ab884215956d0c34c9248509ddf611f3/
-
First-Party-Fraud übertrifft Scams und wird zur häufigsten Form globaler Angriffe
Inflation und steigende Lebenshaltungskosten tragen voraussichtlich zu einer Zunahme opportunistischer Betrugsfälle in den Bereichen Finanzdienstleistungen, E-Commerce und anderen Branchen bei. KI-gestützter Betrug wird voraussichtlich im Jahr 2025 zunehmen. LexisNexis Risk Solutions veröffentlicht seinen jährlichen Cybercrime-Report, eine Analyse von über 104 Milliarden globalen Transaktionen auf der »LexisNexis Digital Identity Network Plattform« im Jahr 2024 [1]…. First…
-
Ransomware spreads faster, not smarter
The fall of two of the most dominant ransomware syndicates, LockBit and AlphV, triggered a power vacuum across the cybercriminal landscape, acccording to a Black Kite survey. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/14/ransomware-landscape-shift-2025/
-
LexisNexis® Risk Solutions Cybercrime Report 2025: Ruhe vor dem Sturm
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/lexisnexis-risk-solutions-cybercrime-report-2025-ruhe-vor-dem-sturm
-
Federal prosecutors extradite alleged leader of BlackBD.cc cybercrime marketplace
Authorities arrested Kosovo citizen Liridon Masurica in late 2024. He faces six charges that could keep him behind bars for 55 years. First seen on cyberscoop.com Jump to article: cyberscoop.com/blackdb-administrator-liridon-masurica-extradited-charged/
-
Ransomware Attacks Surge by 123% Amid Evolving Tactics and Strategies
The 2025 Third-Party Breach Report from Black Kite highlights a staggering 123% surge in ransomware attacks during 2024, driven largely by sophisticated exploitation of third-party vendor ecosystems. As cybercriminals refine their tactics, third-party vendors have emerged as the predominant entry point for some of the most catastrophic breaches in recent history. The report underscores how…
-
Moldovan Police arrested a 45-year-old foreign man participating in ransomware attacks on Dutch companies
A 45-year-old foreign man has been arrested in Moldova for allegedly participating in ransomware attacks on Dutch companies in 2021. Moldovan police arrested a 45-year-old foreign man as a result of a joint international operation involving Moldovan and Dutch authorities. He is internationally wanted for multiple cybercrime, including ransomware attacks, blackmail, and money laundering, targeting…
-
Four Hackers Caught Exploiting Old Routers as Proxy Servers
U.S. authorities unsealed charges against four foreign nationals accused of operating a global cybercrime scheme that hijacked outdated wireless routers to create malicious proxy networks. Russian nationals Alexey Viktorovich Chertkov (37), Kirill Vladimirovich Morozov (41), Aleksandr Aleksandrovich Shishkin (36), and Kazakhstani Dmitriy Rubtsov (38) face conspiracy and computer crime charges for allegedly profiting from botnets…
-
Hackers Abuse PyInstaller to Deploy Stealthy macOS Infostealer
Jamf Threat Labs has identified a novel macOS infostealer that exploits PyInstaller, a legitimate open-source tool used to bundle Python scripts into standalone Mach-O executables. This marks the first documented instance of PyInstaller being weaponized to deploy infostealers on macOS, highlighting a sophisticated evolution in the tactics of cybercriminals targeting Apple’s ecosystem. Discovered in April…