Darknet hosting provider in underground NATO bunker busted

Police overcame not only digital defenses of the “bulletproof” provider CyberBunker but also barbed wire fences and surveillance cams. Continue reading Darknet hosting provider in underground NATO bunker busted

Feds Allege Adconion Employees Hijacked IP Addresses for Spamming

Federal prosecutors in California have filed criminal charges against four employees of Adconion Direct, an email advertising firm, alleging they unlawfully hijacked vast swaths of Internet addresses and used them in large-scale spam campaigns. KrebsOn… Continue reading Feds Allege Adconion Employees Hijacked IP Addresses for Spamming

Cloud company CEO accused of orchestrating million-dollar IP fraud scheme

U.S. attorneys have charged a South Carolina man with operating a scheme that fraudulently obtained internet addresses worth roughly $14 million that later were used by spammers. Amir Golestan was charged this week with 20 counts of wire fraud for his alleged role in a plot to create fictitious companies, then use those firms to obtain more than 750,000 IP addresses. Golestan’s data center company, Micfo LLC, obtained those addresses from the American Registry for Internet Numbers, a nonprofit that oversees the release of IP addresses only to companies that meet ARIN criteria. By impersonating at least 10 companies, the indictment alleges, Golestan created his own secondary market for the IPv4 addresses, which the government alleges are worth $13 to $19 apiece. Then, he sold many of those IP addresses via a third party, according to the indictment. Many of those addresses later appeared on a blocklist of known spammers […]

The post Cloud company CEO accused of orchestrating million-dollar IP fraud scheme appeared first on CyberScoop.

Continue reading Cloud company CEO accused of orchestrating million-dollar IP fraud scheme

Who’s Behind the Screencam Extortion Scam?

The sextortion email scam last month that invoked a real password used by each recipient and threatened to release embarrassing Webcam videos almost certainly was not the work of one criminal or even one group of criminals. Rather, it’s likely that additional spammers and scammers piled on with their own versions of the phishing email after noticing that some recipients were actually paying up. The truth is we may never find out who’s responsible, but it’s still fun to follow some promising early leads and see where they take us. Continue reading Who’s Behind the Screencam Extortion Scam?

Bad .Men at .Work. Please Don’t .Click

Web site names ending in new top-level domains (TLDs) like .men, .work and .click are some of the riskiest and spammy-est on the Internet, according to experts who track such concentrations of badness online. Not that there still aren’t a whole mess of nasty .com, .net and .biz domains out there, but relative to their size (i.e. overall number of domains) these newer TLDs are far dicier to visit than most online destinations. Continue reading Bad .Men at .Work. Please Don’t .Click

Omitting the “o” in .com Could Be Costly

Take care when typing a domain name into a browser address bar, because it’s far too easy to fat-finger a key and wind up somewhere you don’t want to go. For example, if you try to visit some of the most popular destinations on the Web but omit the “o”… Continue reading Omitting the “o” in .com Could Be Costly

Inside a Porn-Pimping Spam Botnet

For several months I’ve been poking at a decent-sized spam botnet that appears to be used mainly for promoting adult dating sites. Having hit a wall in my research, I decided it might be good to publish what I’ve unearthed so far to see if this dovetails with any other research out there.

In late October 2016, an anonymous source shared with KrebsOnSecurity.com a list of nearly 100 URLs that — when loaded into a Firefox browser — each displayed what appeared to be a crude but otherwise effective “counter” designed to report in real time how many “bots” were reporting in for duty.

Here’s a set of archived screenshots of those counters illustrating how these various botnet controllers keep a running tab of how many “activebots” — hacked servers set up to relay spam — are sitting idly by and waiting for instructions. Continue reading Inside a Porn-Pimping Spam Botnet

Alleged Spam King Pyotr Levashov Arrested

Authorities in Spain have arrested a Russian computer programmer thought to be one of the world’s most notorious spam kingpins.

Spanish police arrested Pyotr Levashov under an international warrant executed in the city of Barcelona, according to Reuters. Russian state-run television station RT (formerly Russia Today) reported that Levashov was arrested while vacationing in Spain with his family.

According to numerous stories here at KrebsOnSecurity, Levashov was better known as “Severa,” the hacker moniker used by a pivotal figure in many popular Russian-language cybercrime forums. Severa was the moderator for the spam subsection of multiple online communities, and in this role served as the virtual linchpin connecting virus writers with huge spam networks that Severa allegedly created and sold himself. Continue reading Alleged Spam King Pyotr Levashov Arrested

Adobe Fined $1M in Multistate Suit Over 2013 Breach; No Jail for Spamhaus Attacker

Adobe will pay just $1 million to settle a lawsuit filed by 15 state attorneys general over its huge 2013 data breach that exposed payment records on approximately 38 million people. In other news, the 39-year-old Dutchman responsible for coordinating an epic, weeks-long distributed denial-of-service attack against anti-spam provider Spamhaus in 2013 will avoid any jail time for his crimes thanks to a court ruling in Amsterdam this week. Continue reading Adobe Fined $1M in Multistate Suit Over 2013 Breach; No Jail for Spamhaus Attacker