U.S. Department of Justice – WindowsTechs.com

A Close Up Look at the Consumer Data Broker Radaris

Posted on March 8, 2024 by BrianKrebs

If you live in the United States, the data broker Radaris likely knows a great deal about you, and they are happy to sell what they know to anyone. But how much do we know about Radaris? Publicly available data indicates that in addition to running a dizzying array of people-search websites, the co-founders of Radaris operate multiple Russian-language dating services and affiliate programs. It also appears many of their businesses have ties to a California marketing firm that works with a Russian state-run media conglomerate currently sanctioned by the U.S. government. Continue reading A Close Up Look at the Consumer Data Broker Radaris→

New Leak Shows Business Side of China’s APT Menace

Posted on February 22, 2024 by BrianKrebs

A new data leak that appears to have come from one of China’s top private cybersecurity firms provides a rare glimpse into the commercial side of China’s many state-sponsored hacking groups. Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign espionage campaigns to the nation’s burgeoning and highly competitive cybersecurity industry. Continue reading New Leak Shows Business Side of China’s APT Menace→

Botnet Attack Targeted Routers: A Wake-Up Call for Securing Remote Employees’ Hardware

Posted on February 2, 2024 by Megan Crouse

The FBI spotted this state-sponsored attack that highlights how home office setups can be overlooked when it comes to employees’ cybersecurity. Continue reading Botnet Attack Targeted Routers: A Wake-Up Call for Securing Remote Employees’ Hardware→

BlackCat Ransomware Raises Ante After FBI Disruption

Posted on December 19, 2023 by BrianKrebs

The U.S. Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world’s second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang’s darknet website, and released a decryption tool that hundreds of victim companies can use to recover systems. Meanwhile, BlackCat responded by briefly “unseizing” its darknet site with a message promising 90 percent commissions for affiliates who continue to work with the crime group, and open season on everything from hospitals to nuclear power plants. Continue reading BlackCat Ransomware Raises Ante After FBI Disruption→

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Posted on August 29, 2023 by BrianKrebs

The U.S. government today announced a coordinated crackdown against QakBot, a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. The international law enforcement operation involved seizing control over the botnet’s online infrastructure, and quietly removing the Qakbot malware from tens of thousands of infected Microsoft Windows computer systems. Continue reading U.S. Hacks QakBot, Quietly Removes Botnet Infections→

Feds Take Down 13 More DDoS-for-Hire Services

Posted on May 9, 2023 by BrianKrebs

The U.S. Federal Bureau of Investigation (FBI) this week seized 13 domain names connected to “booter” services that let paying customers launch crippling distributed denial-of-service (DDoS) attacks. Ten of the domains are reincarnations of DDoS-for-hire services the FBI seized in December 2022, when it charged six U.S. men with computer crimes for allegedly operating booters. Continue reading Feds Take Down 13 More DDoS-for-Hire Services→

$10M Is Yours If You Can Get This Guy to Leave Russia

Posted on May 5, 2023 by BrianKrebs

The U.S. government this week put a $10 million bounty on the head of a Russian man who for the past 18 years operated Try2Check, one of the cybercrime underground’s most trusted services for checking the validity of stolen credit card data. U.S. authorities say 43-year-old Denis Kulkov’s card-checking service made him at least $18 million, which he used to buy a Ferrari, Land Rover, and other luxury items. Continue reading $10M Is Yours If You Can Get This Guy to Leave Russia→

UK Sets Up Fake Booter Sites To Muddy DDoS Market

Posted on March 28, 2023 by BrianKrebs

The United Kingdom’s National Crime Agency (NCA) has been busy setting up phony DDoS-for-hire websites that seek to collect information on users, remind them that launching DDoS attacks is illegal, and generally increase the level of paranoia for people looking to hire such services. Continue reading UK Sets Up Fake Booter Sites To Muddy DDoS Market→

Meet the Administrators of the RSOCKS Proxy Botnet

Posted on June 22, 2022 by BrianKrebs

Authorities in the United States, Germany, the Netherlands and the U.K. last week said they dismantled the “RSOCKS” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. While the coordinated action did not name the Russian hackers allegedly behind RSOCKS, KrebsOnSecurity has identified its owner as a Russian man living abroad who also runs the world’s top Russian spamming forum. Continue reading Meet the Administrators of the RSOCKS Proxy Botnet→

RaidForums Gets Raided, Alleged Admin Arrested

Posted on April 12, 2022 by BrianKrebs

The U.S. Department of Justice (DOJ) said today it seized the website and user database for RaidForums, an extremely popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the world’s largest data breaches since 2015. The DOJ also charged the alleged administrator of RaidForums — 21-year-old Diogo Santos Coelho, of Portugal — with six criminal counts, including conspiracy, access device fraud and aggravated identity theft. Continue reading RaidForums Gets Raided, Alleged Admin Arrested→