Tag: cybercrime
-
Over 100,000 WordPress Plugin VUlnerability Exploited Just 4 Hours After Disclosure
Over 100,000 WordPress websites have been exposed to a critical security vulnerability, following the public disclosure of a flaw in the popular SureTriggers plugin (version 1.0.78 and below) on April 10, 2025. Exploitation attempts were observed within just four hours after the vulnerability was published”, a stark reminder of the speed with which cybercriminals act.…
-
Cybercriminal groups embrace corporate structures to scale, sustain operations
In this Help Net Security interview, Sandy Kronenberg, CEO of Netarx, discusses how cybercriminal groups are adopting corporate structures and employee incentives to scale … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/15/sandy-kronenberg-netarx-cybercriminal-groups-corporate-structures/
-
Cracked cybercrime forum reemerges
Tags: cybercrimeFirst seen on scworld.com Jump to article: www.scworld.com/brief/cracked-cybercrime-forum-reemerges
-
Cybersecurity firm buying hacker forum accounts to spy on cybercriminals
Swiss cybersecurity firm Prodaft has launched a new initiative called ‘Sell your Source’ where the company purchases verified and aged accounts on hacking forums to to spy on cybercriminals. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cybersecurity-firm-buying-hacker-forum-accounts-to-spy-on-cybercriminals/
-
Aufschlüsselung von Ransomware-as-a-Service
Was ist Ransomware-as-a-Service? Ransomware-as-a-Service ist ein Geschäftsmodell, bei dem Ransomware-Betreiber und Dritte, sogenannte ‘Affiliates”, zusammenarbeiten, um Ransomware-Angriffe durchzuführen. RaaS wurde erstmals in 2012 mit der Ransomware-Variante Reveton identifiziert und hat sich im darauffolgenden Jahrzehnt zu einer ausgeklügelten und sich ständig weiterentwickelnden Taktik der Cyberkriminalität entwickelt. Beim Ransomware-as-a-Service-Modell schreiben Ransomware-Entwickler (sowohl Einzelpersonen als auch Organisationen, sogenannte…
-
Prodaft Offers No Judgment Deal to Buy Dark Web Accounts from Cybercrime Forum Users
Through the SYS Initiative, Prodaft is offering a secure, anonymous channel for individuals to share information about ongoing cybercrime activities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/prodaft-buy-dark-web-cybercrime/
-
TraderTraitor: The Kings of the Crypto Heist
Allegedly responsible for the theft of $1.5 billion in cryptocurrency from a single exchange, North Korea’s TraderTraitor is one of the most sophisticated cybercrime groups in the world. First seen on wired.com Jump to article: www.wired.com/story/tradertraitor-north-korea-crypto-theft/
-
Smishing Triad: The Scam Group Stealing the World’s Riches
Millions of scam text messages are sent every month. The Chinese cybercriminals behind many of them are expanding their operations”, and quickly innovating. First seen on wired.com Jump to article: www.wired.com/story/smishing-triad-scam-group/
-
Threat Actors Manipulate Search Results to Lure Users to Malicious Websites
Cybercriminals are increasingly exploiting search engine optimization (SEO) techniques and paid advertisements to manipulate search engine results, pushing malicious websites to the top where unsuspecting users are likely to click. In recent years, this tactic, often known as SEO poisoning or black hat SEO, has seen cybercriminals hijack the reputation of legitimate websites to promote…
-
Moroccan cybercrime group Atlas Lion hiding in plain sight during attacks on retailers
Researchers at Expel said a cybercrime group that specializes in gift card fraud used a novel tactic to hide its activities: signing up its own virtual machines (VMs) within a legitimate corporate cloud domain. First seen on therecord.media Jump to article: therecord.media/atlas-lion-gift-card-cybercrime-hiding-virtual-machines
-
Smokeloader Malware Operators Busted, Servers Seized by Authorities
In a major victory against cybercrime, law enforcement agencies across North America and Europe have dismantled the infrastructure behind the Smokeloader malware, a notorious pay-per-install (PPI) botnet service. This decisive action, a continuation of the groundbreaking Operation Endgame from May 2024, marks yet another blow to the global malware ecosystem. The Smokeloader botnet, operated by…
-
Global führend in der Cyberkriminalität der russische Untergrund
In einem neuen Forschungsbericht beleuchtet Trend Micro die Strukturen und Dynamiken des russischsprachigen Cyber-Untergrunds ein digitales Ökosystem, das sich über die letzten zehn Jahre als treibende Kraft globaler Cyberkriminalität etabliert hat. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/cyberkriminalitaet-russische-untergrund
-
Researchers Uncover Hacking Tools and Techniques Shared on Russian-Speaking Cybercrime Forums
Trend Micro, a cybersecurity firm, has released its 50th installment report on the Russian-speaking cybercriminal underground, revealing the intricate web of tools, techniques, and cultural elements defining this notorious cybercrime ecosystem. The report highlights the sophistication and resilience of this community, which has been a pioneer in cybercriminal innovation. Sophisticated Tools and Techniques The Russian-speaking…
-
Cybercriminals Attacked National Social Security Fund of Morocco – Millions of Digital Identities at Risk of Data Breach
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/cybercriminals-attacked-national-social-security-fund-of-morocco-millions-of-digital-identities-at-risk-of-data-breach
-
Threat Actors Exploit Messaging Services as Lucrative Cybercrime Platforms
Threat actors are exploiting weaknesses in SMS verification systems to generate massive, fraudulent message traffic, costing businesses millions. This type of fraud involves artificially triggering SMS verification requests by creating numerous synthetic identities or using automated bots, thereby inflating the SMS traffic to exploit billing systems. Mechanics of SMS Pumping Fraudsters initiate this scam by…
-
3,2 Millionen Betroffene: Europol zerschlägt Ramnit-Botnet
Wie die europäische Polizeibehörde Europol in einer Pressemitteilung erklärte, konnte das European Cybercrime Centre (EC3) in Zusammenarbeit mit Polizeibehörden in Deutschland, Großbritannien, Italien und den Niederlanden sowie Partnern aus der Wirtschaft das Botnet Ramnit zerschlagen. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2015/02/26/32-millionen-betroffene-europol-zerschlagt-ramnit-botnet/
-
The Invisible Data Battle: How AI Became a Cybersec Professional’s Biggest Friend and Foe
It comes as no surprise that as the incidence of cybercrime increases, cybersec teams are becoming faster at detecting threats.”¯ First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/the-invisible-data-battle-how-ai-became-a-cybersec-professionals-biggest-friend-and-foe/
-
Cyberkriminalität: Trends 2015
Seit ein paar Wochen arbeitet unser Expertenteam aus Lateinamerika an einem ausführlichen Bericht über die Trends im Bereich der Cyberkriminalität für das kommende Jahr. Im letzten Jahr lag unser Schwerpunkt auf Privatsphäre im Internet, neue Angriffe gegen Android und eine neue Welle technisch optimierter Malware. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2014/12/18/cyberkriminalitat-trends-2015/
-
AI tool for cybercrime claims advanced capabilities without jailbreaks
First seen on scworld.com Jump to article: www.scworld.com/news/ai-tool-claims-advanced-capabilities-for-criminals-without-jailbreaks
-
Hackers Conceal NFC Carders Behind Apple Pay and Google Wallet
Tags: apple, cyber, cybercrime, exploit, finance, fraud, google, hacker, mobile, nfc, password, technology, vulnerabilityIn a disturbing evolution of financial fraud, cybercriminals are leveraging advanced techniques to exploit mobile payment systems such as Apple Pay and Google Wallet. Once reliant on magnetic stripe card cloning, fraudsters have adapted to breakthroughs in card security technology like chip cards and one-time passwords, exploiting vulnerabilities in contactless payments and digital wallets. By…
-
Attackers Exploit SourceForge Platform to Distribute Malware
Tags: attack, cyber, cybercrime, cybersecurity, exploit, infection, malicious, malware, russia, softwareA recent malware distribution scheme has been uncovered on SourceForge, the popular software hosting and distribution platform. Cybercriminals have leveraged SourceForge’s subdomain feature to deceive users with fake downloads of software applications, embedding malicious files into the infection chain. This attack, primarily targeting Russian-speaking users, has raised alarms within the cybersecurity community for its level…
-
Over 26,000 Dark Web Discussions Focused on Hacking Financial Organizations
Tags: cyber, cyberattack, cybercrime, cybersecurity, dark-web, finance, hacker, hacking, service, strategy, threat, tool, vulnerabilityRadware’s comprehensive research into the cybersecurity landscape has uncovered significant trends shaping the financial services industry’s vulnerabilities in 2024. The analysis, conducted across 46 deep-web hacker forums, identified over 26,000 threat actors’ discussions that revealed increasingly sophisticated cyberattack methods. The study highlights the adoption of advanced tools and strategies by cybercriminals, underscoring the urgent need…
-
Vincenz Klemm kommentiert Cybercrime-Fälle bei Oracle und Samsung Electronics
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/vincenz-klemm-kommentar-cybercrime-faelle-oracle-samsung
-
Threat Actor Leaks Data from Major Bulletproof Hosting Provider Medialand
Tags: breach, control, cyber, cybercrime, data, data-breach, infrastructure, leak, malware, phishing, ransomware, threatA threat actor disclosed internal data from Medialand, a prominent bulletproof hosting (BPH) provider long associated with Yalishanda, a cybercriminal organization tracked as LARVA-34. The breach has exposed the backend systems and operational infrastructure of Medialand, which has historically facilitated a wide array of illicit cyber activities, including ransomware operations, malware control-and-command systems, phishing campaigns,…
-
Morphing Meerkat: A PhaaS Utilizing DNS Reconnaissance to Generate Targeted Phishing Pages
Originally discovered in 2020 as a Phishing-as-a-Service (PhaaS) platform, Morphing Meerkat has since evolved into a sophisticated cybercriminal tool. Initially capable of mimicking login pages for only five email services, the platform has expanded its capabilities, now encompassing over 100 distinct phishing scams. This advancement highlights its increasing technical sophistication and growing threat to organizations…
-
Smishing Triad Expands Fraud Campaign, Targets Toll Payment Services
A China-based cybercriminal group known as the Smishing Triad is escalating its smishing activities, now targeting consumers in the US and UK with fraudulent text messages related to toll payment services. The Resecurity report reveals that these campaigns involve deceptive text messages that claim unpaid toll bills or payment requests linked to services like FasTrak,…
-
EncryptHub’s dual life: Cybercriminal vs Windows bug-bounty researcher
EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling the line between cybercrime and security research. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/encrypthubs-dual-life-cybercriminal-vs-windows-bug-bounty-researcher/
-
Threat Actors Exploit Toll Payment Services in Widespread Hacking Campaign
In a sophisticated cybercrime operation, the Smishing Triad, a China-based group, has been identified as the orchestrator behind a surge in smishing campaigns targeting consumers in the US and UK. These campaigns exploit toll payment services like FasTrak, E-ZPass, and I-Pass, with expectations of expanding globally. The Smishing Triad’s Modus Operandi The group employs fraudulent…