Ne’er-Do-Well News – WindowsTechs.com

Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme

Posted on April 22, 2024 by BrianKrebs

The head of counterintelligence for a division of the Russian Federal Security Service (FSB) was sentenced last week to nine years in a penal colony for accepting a USD $1.7 million bribe to ignore the activities of a prolific Russian cybercrime group that hacked thousands of e-commerce websites. The protection scheme was exposed in 2022 when Russian authorities arrested six members of the group, which sold millions of stolen payment cards at flashy online shops like Trump’s Dumps. Continue reading Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme→

Who Stole 3.6M Tax Records from South Carolina?

Posted on April 16, 2024 by BrianKrebs

For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the state’s revenue department in 2012 and stealing tax and bank account information for 3.6 million people. The answer may no longer be a mystery: KrebsOnSecurity found compelling clues suggesting the intrusion was carried out by the same Russian hacking crew that stole of millions of payment card records from big box retailers like Home Depot and Target in the years that followed. Continue reading Who Stole 3.6M Tax Records from South Carolina?→

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Posted on April 3, 2024 by BrianKrebs

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “The Manipulaters,” a sprawling web hosting network of phishing and spam delivery platforms. In January 2024, The Manipulaters pleaded with this author to unpublish previous stories about their work, claiming the group had turned over a new leaf and gone legitimate. But new research suggests that while they have improved the quality of their products and services, these nitwits still fail spectacularly at hiding their illegal activities. Continue reading ‘The Manipulaters’ Improve Phishing, Still Fail at Opsec→

Thread Hijacking: Phishes That Prey on Your Curiosity

Posted on March 28, 2024 by BrianKrebs

Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. These missives draw on the recipient’s natural curiosity about being copied on a private discussion, which is modified to include a malicious link or attachment. Here’s the story of a recent thread hijacking attack in which a journalist was copied on a phishing email from the unwilling subject of a recent scoop. Continue reading Thread Hijacking: Phishes That Prey on Your Curiosity→

Mozilla Drops Onerep After CEO Admits to Running People-Search Networks

Posted on March 22, 2024 by BrianKrebs

The nonprofit organization that supports the Firefox web browser said today it is winding down its new partnership with Onerep, an identity protection service recently bundled with Firefox that offers to remove users from hundreds of people-search sites. The move comes just days after a report by KrebsOnSecurity forced Onerep’s CEO to admit that he has founded dozens of people-search networks over the years. Continue reading Mozilla Drops Onerep After CEO Admits to Running People-Search Networks→

Incognito Darknet Market Mass-Extorts Buyers, Sellers

Posted on March 11, 2024 by BrianKrebs

Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass extortion attempt comes just days after Incognito Market administrators reportedly pulled an “exit scam” that left users unable to withdraw millions of dollars worth of funds from the platform. Continue reading Incognito Darknet Market Mass-Extorts Buyers, Sellers→

FBI’s LockBit Takedown Postponed a Ticking Time Bomb in Fulton County, Ga.

Posted on February 26, 2024 by BrianKrebs

The FBI’s takedown of the LockBit ransomware group last week came as LockBit was preparing to release sensitive data stolen from government computer systems in Fulton County, Ga. But LockBit is now regrouping, and the gang says it will publish the stolen Fulton County data on March 2 unless paid a ransom. LockBit claims the cache includes documents tied to the county’s ongoing criminal prosecution of former President Trump, but court watchers say teaser documents published by the crime gang suggest a total leak of the Fulton County data could put lives at risk and jeopardize a number of other criminal trials. Continue reading FBI’s LockBit Takedown Postponed a Ticking Time Bomb in Fulton County, Ga.→

New Leak Shows Business Side of China’s APT Menace

Posted on February 22, 2024 by BrianKrebs

A new data leak that appears to have come from one of China’s top private cybersecurity firms provides a rare glimpse into the commercial side of China’s many state-sponsored hacking groups. Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign espionage campaigns to the nation’s burgeoning and highly competitive cybersecurity industry. Continue reading New Leak Shows Business Side of China’s APT Menace→

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

Posted on February 20, 2024 by BrianKrebs

U.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ransomware victims who didn’t pay, LockBit’s victim shaming website now offers free recovery tools, as well as news about arrests and criminal charges involving LockBit affiliates. Continue reading Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates→

From Cybercrime Saul Goodman to the Russian GRU

Posted on February 7, 2024 by BrianKrebs

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. The leaked user database shows one of the forum’s founders was an attorney who advised Russia’s top hackers on the legal risks of their work, and what to do if they got caught. A review of this user’s hacker identities shows that during his time on the forums he served as an officer in the special forces of the GRU, the foreign military intelligence agency of the Russian Federation. Continue reading From Cybercrime Saul Goodman to the Russian GRU→