A Little Sunshine – Page 12

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Posted on January 24, 2023 by BrianKrebs

Denis Emelyantsev, a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.” Continue reading Administrator of RSOCKS Proxy Botnet Pleads Guilty→

Identity Thieves Bypassed Experian Security to View Credit Reports

Posted on January 9, 2023 by BrianKrebs

Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history. But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. All that was needed was the person’s name, address, birthday and Social Security number. Continue reading Identity Thieves Bypassed Experian Security to View Credit Reports→

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Posted on December 13, 2022 by BrianKrebs

InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online — using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself. Continue reading FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked→

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

Posted on December 5, 2022 by BrianKrebs

In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba, one of the Internet’s largest and oldest botnets. The defendants, who initially pursued a strategy of counter suing Google for tortious interference in their sprawling cybercrime business, later brazenly offered to dismantle the botnet in exchange for payment from Google. The judge in the case was not amused, found for the plaintiff, and ordered the defendants and their U.S. attorney to pay Google’s legal fees. Continue reading Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google→

ConnectWise Quietly Patches Flaw That Helps Phishers

Posted on December 1, 2022 by BrianKrebs

ConnectWise, a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link. The warning comes just days after the company quietly patched a vulnerability that makes it easier for phishers to launch these attacks. Continue reading ConnectWise Quietly Patches Flaw That Helps Phishers→

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

Posted on November 28, 2022 by BrianKrebs

A recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention (CDC) were integrating software that sends visitor data to a Russian company called Pushwoosh, which claims to be based in the United States. But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan, malware designed to surreptitiously intercept and forward text messages from Android mobile devices. Continue reading U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer→

Researchers Quietly Cracked Zeppelin Ransomware Keys

Posted on November 18, 2022 by BrianKrebs

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “Zeppelin” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things,… Read More » Continue reading Researchers Quietly Cracked Zeppelin Ransomware Keys→

Disneyland Malware Team: It’s a Puny World After All

Posted on November 16, 2022 by BrianKrebs

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode, an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic and Ukrainian. Continue reading Disneyland Malware Team: It’s a Puny World After All→

LinkedIn Adds Verified Emails, Profile Creation Dates

Posted on November 4, 2022 by BrianKrebs

For whatever reason, the majority of the phony LinkedIn profiles reviewed by this author have involved young women with profile photos that appear to be generated by artificial intelligence (AI) tools.

We’re seeing rapid advances in AI-based synthetic image generation technology and we’ve created a deep learning model to better catch profiles made with this technology. AI-based image generators can create an unlimited number of unique, high-quality profile photos that do not correspond to real people. Fake accounts sometimes use these convincing, AI-generated profile photos to make their fake LinkedIn profile appear more authentic. Continue reading LinkedIn Adds Verified Emails, Profile Creation Dates→