A Little Sunshine – WindowsTechs.com

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Posted on December 19, 2024 by BrianKrebs

Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix, a powerful commercial web app vulnerability scanner, new research finds. The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. Continue reading Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm→

How to Lose a Fortune with Just One Bad Click

Posted on December 18, 2024 by BrianKrebs

Adam Griffin is still in disbelief over how quickly he was robbed of nearly $500,000 in cryptocurrencies. A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click “yes” to a Google prompt on his mobile device. Continue reading How to Lose a Fortune with Just One Bad Click→

How Cryptocurrency Turns to Cash in Russian Banks

Posted on December 11, 2024 by BrianKrebs

A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. Meanwhile, an investigation into the Vancouver street address used by this company shows it is home to dozens of foreign currency dealers, money transfer businesses, and cryptocurrency exchanges — none of which are physically located there. Continue reading How Cryptocurrency Turns to Cash in Russian Banks→

Why Phishers Love New TLDs Like .shop, .top and .xyz

Posted on December 3, 2024 by BrianKrebs

Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees the domain name industry is moving forward with plans to introduce a slew of new gTLDs. Continue reading Why Phishers Love New TLDs Like .shop, .top and .xyz→

Hacker in Snowflake Extortions May Be a U.S. Soldier

Posted on November 27, 2024 by BrianKrebs

Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect — a prolific hacker known as Kiberphant0m — remains at large and continues to publicly extort victims. However, this person’s identity may not remain a secret for long: A careful review of Kiberphant0m’s daily chats across multiple cybercrime personas suggests they are a U.S. Army soldier who is or was recently stationed in South Korea. Continue reading Hacker in Snowflake Extortions May Be a U.S. Soldier→

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Posted on November 21, 2024 by BrianKrebs

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass, MailChimp, Okta, T-Mobile and Twilio. Continue reading Feds Charge Five Men in ‘Scattered Spider’ Roundup→

An Interview With the Target & Home Depot Hacker

Posted on November 15, 2024 by BrianKrebs

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Moscow resident Mikhail Shefel, who confirmed using the Rescator identity in a recent interview, also admitted reaching out because he is broke and seeking publicity for several new money making schemes. Continue reading An Interview With the Target & Home Depot Hacker→

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Posted on November 9, 2024 by BrianKrebs

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based technology companies. Continue reading FBI: Spike in Hacked Police Emails, Fake Subpoenas→

Canadian Man Arrested in Snowflake Data Extortions

Posted on November 5, 2024 by BrianKrebs

A 26-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake.

On October 30, Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka of Kitchener, Ontario, on a provisional arrest warrant from the United States. Bloomberg first reported Moucka’s alleged ties to the Snowflake hacks on Monday.

At the end of 2023, malicious hackers learned that many large companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with little more than a username and password (no multi-factor authentication required). After scouring darknet markets for stolen Snowflake account credentials, the hackers began raiding the data storage repositories used by some of the world’s largest corporations. Continue reading Canadian Man Arrested in Snowflake Data Extortions→

Booking.com Phishers May Leave You With Reservations

Posted on November 1, 2024 by BrianKrebs

A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans. This story examines a recent spear-phishing campaign that ensued when a California hotel had its booking.com credentials stolen. We’ll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the world’s most visited travel website. Continue reading Booking.com Phishers May Leave You With Reservations→