Tag: marketplace
-
Empire Market co-founder faces 10 years to life after guilty plea
Empire Market co-founder Raheim Hamilton pleaded guilty to U.S. drug conspiracy charges in Chicago, facing a mandatory 10 years to life in prison. Raheim Hamilton (30) of Virginia, co-creator of the dark web marketplace Empire Market, pleaded guilty in Chicago to a federal drug conspiracy charge. Empire Market allowed users to anonymously buy and sell…
-
Feds get second guilty plea in takedown of dark web Empire Market
Both men charged with co-creating the dark web marketplace Empire Market have now pleaded guilty to federal drug conspiracy charges, closing the book on one of the major cybercrime cases of the early 2020s. First seen on therecord.media Jump to article: therecord.media/feds-second-guilty-plea
-
Crooks are hijacking and reselling AI infrastructure: Report
Tags: access, ai, api, attack, authentication, business, cloud, communications, control, credentials, cybersecurity, data, data-breach, endpoint, exploit, firewall, group, infosec, infrastructure, intelligence, Internet, LLM, malicious, marketplace, risk, service, skills, technology, theft, threat, training, vulnerabilityexposed endpoints on default ports of common LLM inference services;unauthenticated API access without proper access controls;development/staging environments with public IP addresses;MCP servers connecting LLMs to file systems, databases and internal APIs.Common misconfigurations leveraged by these threat actors include:Ollama running on port 11434 without authentication;OpenAI-compatible APIs on port 8000 exposed to the internet;MCP servers accessible without…
-
Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware
Cybersecurity researchers have flagged a new malicious Microsoft Visual Studio Code (VS Code) extension for Moltbot (formerly Clawdbot) on the official Extension Marketplace that claims to be a free artificial intelligence (AI) coding assistant, but stealthily drops a malicious payload on compromised hosts.The extension, named “ClawdBot Agent – AI Coding Assistant” (“clawdbot.clawdbot-agent”) First seen on…
-
Empire cybercrime market owner pleads guilty to drug conspiracy
A Virginia man who co-created Empire Market, one of the largest dark web marketplaces at the time, pleaded guilty to federal drug conspiracy charges for facilitating $430 million in illegal transactions from 2018 to 2020. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/empire-cybercrime-market-owner-pleads-guilty-to-drug-conspiracy/
-
Slovakian man pleads guilty to operating darknet marketplace
A Slovakian national admitted on Tuesday to helping operate a darknet marketplace that sold narcotics, cybercrime tools and services, fake government IDs, and stolen personal information for more than two years. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/slovakian-man-pleads-guilty-to-operating-kingdown-market-cybercrime-marketplace/
-
Researchers Uncover “Haxor” SEO Poisoning Marketplace
Tags: marketplaceFortra researchers have discovered a new SEO poisoning operation known as “HaxorSEO” First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/researchers-haxor-seo-poisoning/
-
Malicious AI extensions on VSCode Marketplace steal developer data
Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-ai-extensions-on-vscode-marketplace-steal-developer-data/
-
PRTG im Siemens-Industrial-Edge-Marketplace verfügbar
Die Netzwerk-Monitoring-Lösung PRTG von Paessler ist ab sofort auch im Industrial-Edge-Marketplace verfügbar. Die moderne IIoT-Plattform von Siemens ermöglicht die Bereitstellung von Software, die sich in großen Maschinen- und Produktionslinien einfach ausrollen und per Fernzugriff verwalten lässt. Diese Partnerschaft hilft dabei, die Lücke zwischen IT- und OT-Umgebungen mit ganzheitlichem Monitoring zu schließen. So erhalten Unternehmen in…
-
$12B Scam Market Tudou Guarantee Shuts Down
Telegram-Based Marketplace Closes After Prince Group Founder’s Arrest. Telegram marketplace Tudou Guarantee, which processed over $12 billion in fraud transactions, has ceased operations following the arrest of Prince Group chairman Chen Zhi, who was extradited to China in January. Elliptic said it was the third-largest illicit marketplace of all time. First seen on govinfosecurity.com Jump…
-
$12B Scam Market Tudou Guarantee Shuts Down
Telegram-Based Marketplace Closes After Prince Group Founder’s Arrest. Telegram marketplace Tudou Guarantee, which processed over $12 billion in fraud transactions, has ceased operations following the arrest of Prince Group chairman Chen Zhi, who was extradited to China in January. Elliptic said it was the third-largest illicit marketplace of all time. First seen on govinfosecurity.com Jump…
-
Telegram-based illicit billionaire marketplace Tudou Guarantee stopped transactions
Major Telegram-based illicit marketplace Tudou Guarantee appears to be shutting down its operations, according to Elliptic. Blockchain cybersecurity firm Elliptic reports that Tudou Guarantee, a major Telegram-based illicit marketplace in Southeast Asia, has stopped transactions in its public groups after handling over $12 billion. The researchers noted that other services still run, so a full…
-
Scam Marketplace Tudou Guarantee Shutters Telegram Ops
A notorious marketplace for fraud, Tudou Guarantee, appears to have closed its public Telegram groups First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/scam-market-tudou-guarantee-shut/
-
Tudou Guarantee Marketplace Halts Telegram Transactions After Processing Over $12 Billion
A Telegram-based guarantee marketplace known for advertising a broad range of illicit services appears to be winding down its operations, according to new findings from Elliptic.The blockchain intelligence company said Tudou Guarantee has effectively ceased transactions through its public Telegram groups following a period of significant growth. The marketplace is estimated to have processed First…
-
Microsoft seizes RedVDS infrastructure, disrupts fast-growing cybercrime marketplace
Tags: attack, credentials, cybercrime, infrastructure, marketplace, microsoft, phishing, service, theft, toolThe service became a prolific tool for cybercriminals in the past year, as it facilitated thousands of attacks involving credential theft, account takeovers, mass phishing and payment diversion fraud. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-seizes-disrupts-redvds-cybercrime-marketplace/
-
Cloud marketplace Pax8 accidentally exposes data on 1,800 MSP partners
Cloud marketplace and distributor Pax8 has confirmed that it mistakenly sent an email to fewer than 40 UK-based partners containing a spreadsheet with internal business information, including MSP customer and Microsoft licensing data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cloud-marketplace-pax8-accidentally-exposes-data-on-1-800-msp-partners/
-
Cloud marketplace Pax8 accidentally exposes data on 1,800 MSP partners
Cloud marketplace and distributor Pax8 has confirmed that it mistakenly sent an email to fewer than 40 UK-based partners containing a spreadsheet with internal business information, including MSP customer and Microsoft licensing data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cloud-marketplace-pax8-accidentally-exposes-data-on-1-800-msp-partners/
-
GlassWorm Malware Turns VS Code Extensions into an Attack Vector Against macOS
GlassWorm has returned with a dangerous new evolution. The notorious self-propagating malware, which first surfaced in October as an invisible Unicode-based threat in VS Code extensions, has completed a significant platform pivot to macOS with 50,000 downloads and a fully operational infrastructure. Security researchers have identified three malicious extensions on the Open VSX marketplace linked…
-
Bangladeshi Operator of Fake ID Marketplaces Charged in International Fraud Case
A 29-year-old Bangladeshi man has been indicted on federal charges for operating online marketplaces that sold fraudulent identity document templates to customers worldwide, U.S. authorities announced. Zahid Hasan of Dhaka, Bangladesh, faces nine federal counts, including six counts of transferring false identification documents, two counts of false passport use, and one count of social security…
-
FBI Seizes Fake ID Template Domains Operating from Bangladesh
Tags: marketplaceUS authorities have charged Zahid Hasan with running TechTreek, a $2.9 million online marketplace selling fake ID templates. The investigation, involving the FBI and Bangladesh police, uncovered a global scheme selling fraudulent passports and social security cards to over 1,400 customers. First seen on hackread.com Jump to article: hackread.com/fbi-seizes-domains-us-id-templates-bangladesh/
-
Nearly 20 million affected by Prosper, 700Credit data breaches
Fintech company Prosper Marketplace and car dealership services provider 700Credit are the latest financial institutions to report data breaches affecting millions of Americans. First seen on therecord.media Jump to article: therecord.media/data-breaches-affecting-20-million-prosper-700credit
-
Nearly 20 million affected by Prosper, 700Credit data breaches
Fintech company Prosper Marketplace and car dealership services provider 700Credit are the latest financial institutions to report data breaches affecting millions of Americans. First seen on therecord.media Jump to article: therecord.media/data-breaches-affecting-20-million-prosper-700credit
-
Russian Ring Using Ex-Immigrant Data to Fuel Fake ID Sales
Telegram-Based Market Is Exploiting Gaps in US Tracking of Departed Visa Holders. A Russian darknet marketplace is exploiting a major blind spot for U.S. financial institutions by trafficking in the identities of former legal immigrants. Telegram-based group Karma Fullz has built a profitable criminal enterprise with highly convincing synthetic identities. First seen on govinfosecurity.com Jump…
-
Security Alert: 19 Fake PNG Extensions Found in VS Code Marketplace
ReversingLabs (RL) researchers have identified a sophisticated supply chain campaign involving 19 malicious Visual Studio Code (VS Code) extensions. The campaign, which has been active since February 2025 and was uncovered on December 2, 2025, leverages the trust inherent in the developer ecosystem by hiding malware within the dependency folders of otherwise functional extensions. The…
-
Security Alert: 19 Fake PNG Extensions Found in VS Code Marketplace
ReversingLabs (RL) researchers have identified a sophisticated supply chain campaign involving 19 malicious Visual Studio Code (VS Code) extensions. The campaign, which has been active since February 2025 and was uncovered on December 2, 2025, leverages the trust inherent in the developer ecosystem by hiding malware within the dependency folders of otherwise functional extensions. The…
-
Polymorphic AI malware exists, but it’s not what you think
Tags: access, ai, api, attack, authentication, automation, business, ciso, credentials, cryptography, cyber, cybercrime, detection, edr, email, espionage, government, group, identity, infrastructure, malicious, malware, marketplace, mfa, monitoring, phishing, radius, ransomware, risk, soc, technology, theft, threat, toolwhat the code block should do, or how it’s going to evade an antivirus. It’s just working under the assumption that Gemini just instinctively knows how to evade antiviruses (it doesn’t). There’s also no entropy to ensure the ‘self-modifying’ code differs from previous versions, or any guardrails to ensure it actually works. The function was…