69 matches found
The Internet’s Biggest-Ever Black Market Just Shut Down Amid a Telegram Purge
Following a WIRED inquiry, Telegram banned thousands of accounts used for crypto-scam money laundering, including those of Haowang Guarantee, a black market that enabled over $27 billion in transactions...
Customer Account Takeovers: The Multi-Billion Dollar Problem You Don't Know About
Everyone has cybersecurity stories involving family members. Here's a relatively common one. The conversation usually goes something like this: "The strangest thing happened to my streaming account. I got locked out of my account, so I had to change my password. When I logged back in, all my show...
Hackers Monetize LLMjacking, Selling Stolen AI Access for $30 per Month
LLMjacking attacks target DeepSeek, racking up huge cloud costs. Sysdig reveals a black market for LLM access has…...
China’s Surveillance State Is Selling Citizen Data as a Side Hustle
Chinese black market operators are openly recruiting government agency insiders, paying them for access to surveillance data and then reselling it online—no questions asked...
He Trained Cops to Fight Crypto Crime—and Allegedly Ran a $100M Dark-Web Drug Market
The strange journey of Lin Rui-siang, the 23-year-old accused of running the Incognito black market, extorting his own site’s users—and then refashioning himself as a legit crypto crime expert...
Beware: GitHub's Fake Popularity Scam Tricking Developers into Downloading Malware
Threat actors are now taking advantage of GitHub's search functionality to trick unsuspecting users looking for popular repositories into downloading spurious counterparts that serve malware. The latest assault on the open-source software supply chain involves concealing malicious code within...
Scammers Selling Twitter (X) Gold Accounts Fueling Disinfo, Phishing
By Deeba Ahmed Buy Your Verified Scam: Researchers Expose Twitter Gold Account Black Market. This is a post from HackRead.com Read the original post: Scammers Selling Twitter X Gold Accounts Fueling Disinfo, Phishing...
Russian Reshipping Service ‘SWAT USA Drop’ Exposed
The login page for the criminal reshipping service SWAT USA Drop. One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Heres a closer look at the Russia-based SWAT USA Drop Service,...
Criminals Are Using Tiny Devices to Hack and Steal Cars
Apple thwarts NSO’s spyware, the rise of a GPT-4 black market, Russia targets Starlink internet connections, and more...
BloodyStealer and gaming assets for sale
Earlier this year, we covered the threats related to gaming, and looked at the changes from 2020 and the first half of 2021 in mobile and PC games as well as various phishing schemes that capitalize on video games. Many of the threats faced by gamers are associated with loss of personal data, and...
Airline Credential-Theft Takes Off in Widening Campaign
A two-year-old espionage campaign against the airline industry is ongoing, with AsyncRAT and other commodity remote-access trojans RATs helping those efforts take flight. The campaign can effectively be a bird strike to the business engine, so to speak, resulting in data theft, financial fraud or...
“BriansClub” Hack Rescues 26M Stolen Cards
"BriansClub," one of the largest underground stores for buying stolen credit card data, has itself been hacked. The data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, includin...
Meet Bluetana, the Scourge of Pump Skimmers
"Bluetana," a new mobile app that looks for Bluetooth-based payment card skimmers hidden inside gas pumps, is helping police and state employees more rapidly and accurately locate compromised fuel stations across the nation, a study released this week suggests. Data collected in the course of the...
Malware Infests Popular Pirate Streaming Hardware
You get what you pay for when you pirate content. That’s the takeaway from the latest report by Digital Citizens Alliance. It found that pirating hardware, which enables free streaming copyright-protected content, comes packed with malicious malware. The devices give criminals easy access to rout...
Old Tech Spills Digital Dirt on Past Owners
In a test of how well businesses wipe data on old devices, Rapid7 researcher Josh Frantz purchased 85 old gadgets from businesses. In total, he paid $600 for an aging collection of old computers, flash drives, phones and hard drives. What he discovered was that despite decades of the infosec...
Fortnite Hacked Via Insecure Single Sign-On
Epic Games patched a bug that could have allowed hackers to break into millions of Fortnite accounts and steal virtual currency or resell virtual goods. The vulnerability is tied to an insecure Fortnite application program interface API used by players to log into their accounts using third-party...
whitehouseblackmarket.com XSS vulnerability
Open Bug Bounty ID: OBB-627410 Description| Value ---|--- Affected Website:| whitehouseblackmarket.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
SEO poisoning: Is it worth it?
Search Engine Optimization SEO poisoning basically comes down to getting your web page high in the rankings for relevant search results without buying advertisements or using legitimate, but tedious, SEO best practices. Instead, threat actors use illegal means to push their page to the top...
GreyKey iPhone Unlocker
Some details about the iPhone unlocker from the US company Greyshift, with photos. Little is known about Grayshift or its sales model at this point. We don't know whether sales are limited to US law enforcement, or if it is also selling in other parts of the world. Regardless of that, it's highly...
Phishing Biggest Threat to Google Account Security
Last year may have been mostly about ransomware, but it’s difficult to forget the billion or so passwords that were spilled in high-profile breaches and credential leaks. Google and researchers from the University of California Berkeley attempted to ease some of that pain, and teamed up to analyz...