BrianKrebs – Page 27 – WindowsTechs.com

Service Rents Email Addresses for Account Signups

Posted on June 6, 2023 by BrianKrebs

One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to create large numbers of new throwaway email accounts. Now a new service offers to help dramatically cut costs associated with large-scale spam and account creation campaigns, by paying people to sell their email account credentials and letting customers temporarily rent access to a vast pool of established accounts at major providers. Continue reading Service Rents Email Addresses for Account Signups→

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Posted on June 1, 2023 by BrianKrebs

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. This post is a deep dive on “Megatraffer,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. Continue reading Ask Fitis, the Bear: Real Crooks Sign Their Malware→

Discord Admins Hacked by Malicious Bookmarks

Posted on May 31, 2023 by BrianKrebs

A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark. Continue reading Discord Admins Hacked by Malicious Bookmarks→

Phishing Domains Tanked After Meta Sued Freenom

Posted on May 26, 2023 by BrianKrebs

The number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit from social networking giant Meta, which alleged the free domain name provider has a long history of ignoring abuse complaints about phishing websites while monetizing traffic to those abusive domains. Continue reading Phishing Domains Tanked After Meta Sued Freenom→

Interview With a Crypto Scam Investment Spammer

Posted on May 23, 2023 by BrianKrebs

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. What follows is an interview with a Russian hacker responsible for a series of aggressive crypto spam campaigns that recently prompted several large Mastodon communities to temporarily halt new registrations. According to the hacker, their spam software has been in private use until the last few weeks, when it was released as open source code. Continue reading Interview With a Crypto Scam Investment Spammer→

Russian Hacker “Wazawaka” Indicted for Ransomware

Posted on May 16, 2023 by BrianKrebs

A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and vocal member of several top ransomware groups was the subject of two indictments unsealed by the Justice Department today. U.S. prosecutors say Mikhail Pavolovich Matveev, a.k.a. “Wazawaka” and “Boriselcin” worked with three different ransomware gangs that extorted hundreds of millions of dollars from companies, schools, hospitals and government agencies. Continue reading Russian Hacker “Wazawaka” Indicted for Ransomware→

Re-Victimization from Police-Auctioned Cell Phones

Posted on May 16, 2023 by BrianKrebs

Countless smartphones seized in arrests and searches by police forces across the United States are being auctioned online without first having the data on them erased, a practice that can lead to crime victims being re-victimized, a new study found. In response, the largest online marketplace for items seized in U.S. law enforcement investigations says it now ensures that all phones sold through its platform will be data-wiped prior to auction. Continue reading Re-Victimization from Police-Auctioned Cell Phones→

Microsoft Patch Tuesday, May 2023 Edition

Posted on May 10, 2023 by BrianKrebs

Microsoft today released software updates to fix at least four dozen security holes in its Windows operating systems and other software, including patches for two zero-day vulnerabilities that are already being exploited in active attacks. Continue reading Microsoft Patch Tuesday, May 2023 Edition→

Feds Take Down 13 More DDoS-for-Hire Services

Posted on May 9, 2023 by BrianKrebs

The U.S. Federal Bureau of Investigation (FBI) this week seized 13 domain names connected to “booter” services that let paying customers launch crippling distributed denial-of-service (DDoS) attacks. Ten of the domains are reincarnations of DDoS-for-hire services the FBI seized in December 2022, when it charged six U.S. men with computer crimes for allegedly operating booters. Continue reading Feds Take Down 13 More DDoS-for-Hire Services→

$10M Is Yours If You Can Get This Guy to Leave Russia

Posted on May 5, 2023 by BrianKrebs

The U.S. government this week put a $10 million bounty on the head of a Russian man who for the past 18 years operated Try2Check, one of the cybercrime underground’s most trusted services for checking the validity of stolen credit card data. U.S. authorities say 43-year-old Denis Kulkov’s card-checking service made him at least $18 million, which he used to buy a Ferrari, Land Rover, and other luxury items. Continue reading $10M Is Yours If You Can Get This Guy to Leave Russia→