First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

Authorities in Europe and North America have announced the dismantling of a criminal virtual private network VPN service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks. Codenamed Operation Saffron, the disruption of First...

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. An investigation into the history of these communities shows their apparent...

Cybercrime gets a few punches on the nose

It’s not often that we get to share good news, so we wanted to grab this opportunity and showcase some progress made by law enforcement actions against cybercrime with you. Europol notified us about the take-down of two of the largest cybercrime forums in the world. With over 10 million users,...

Operation Talent: FBI Seizes Nulled.to, Cracked.to, Sellix.io and more

The FBI has seized Nulled.to, Cracked.to, Sellix.io, and StarkRDP.io in Operation Talent, targeting cybercrime forums and illicit marketplaces.…...

U.S. Offered $10M for Hacker Just Arrested by Russia

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as "Wazawaka ," a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The U.S. government indicted Matveev as a top ransomware purveyor a year later, offering $10 millio...

FBI: Spike in Hacked Police Emails, Fake Subpoenas

The Federal Bureau of Investigation FBI is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to...

U.S. Sentences 31-Year-Old to 10 Years for Laundering $4.5M in Email Scams

The U.S. Department of Justice DoJ has sentenced a 31-year-old man to 10 years in prison for laundering more than $4.5 million through business email compromise BEC schemes and romance scams. Malachi Mullings, 31, of Sandy Springs, Georgia pleaded guilty to the money laundering offenses in Januar...

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

The login page for the criminal reshipping service SWAT USA Drop. One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Heres a closer look at the Russia-based SWAT USA Drop Service,...

Chinese-Speaking Cybercriminals Launch Large-Scale iMessage Smishing Campaign in U.S.

A new large-scale smishing campaign is targeting the U.S. by sending iMessages from compromised Apple iCloud accounts with an aim to conduct identity theft and financial fraud. "The Chinese-speaking threat actors behind this campaign are operating a package-tracking text scam sent via iMessage to...

Over 120,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums

A "staggering" 120,000 computers infected by stealer malware have credentials associated with cybercrime forums, many of them belonging to malicious actors. The findings come from Hudson Rock, which analyzed data collected from computers compromised between 2018 to 2023. "Hackers around the world...

New All-in-One "EvilExtractor" Stealer for Windows Systems Surfaces on the Dark Web

A new "all-in-one" stealer malware named EvilExtractor also spelled Evil Extractor is being marketed for sale for other threat actors to steal data and files from Windows systems. "It includes several modules that all work via an FTP service," Fortinet FortiGuard Labs researcher Cara Lin said. "I...

BreachForums Administrator Baphomet Shuts Down Infamous Hacking Forum

In a sudden turn of events, Baphomet, the current administrator of BreachForums, said in an update on March 21, 2023, that the hacking forum has been officially taken down but emphasized that "it's not the end." "You are allowed to hate me, and disagree with my decision but I promise what is to...

Weee! Grocery Service Hacked, 1.1m Accounts Leaked

By Habiba Rashid The stolen Weee! database has been leaked on the infamous BreachForums and Russian-speaking cybercrime forums. This is a post from HackRead.com Read the original post: Weee! Grocery Service Hacked, 1.1m Accounts Leaked...

ChatGPT-Written Malware

I dont know how much of a thing this will end up being, but we are seeing ChatGPT-written malware in the wild. …within a few weeks of ChatGPT going live, participants in cybercrime forums--­some with little or no coding experience­--were using it to write software and emails that could be used fo...

Cyber Security Firm CloudSEK Points Finger at Rival Over Breach

By Waqas As seen by Hackread.com, a hacker is selling access to the CloudSEK infrastructure on multiple cybercrime forums. This is a post from HackRead.com Read the original post: Cyber Security Firm CloudSEK Points Finger at Rival Over Breach...

Scammers Are Scamming Other Scammers Out of Millions of Dollars

On cybercrime forums, user complaints about being duped may accidentally expose their real identities...

Researchers Warn of 'Matanbuchus' Malware Campaign Dropping Cobalt Strike Beacons

A malware-as-a-service Maas dubbed Matanbuchus has been observed spreading through phishing campaigns, ultimately dropping the Cobalt Strike post-exploitation framework on compromised machines. Matanbuchus, like other malware loaders such as BazarLoader, Bumblebee, and Colibri, is engineered to...

Low-rent RAT Worries Researchers

For about the price of a cup of Starbucks latte, a hacker is renting out a remote access trojan designed to backdoor targeted networks. Dubbed as Dark Crystal RAT or DCRat, the malware is being peddled online to hackers in Russian by a lone rookie malware writer with a penchant for cut-rate...

Who Is the Network Access Broker ‘Babam’?

Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials -- such as usernames and passwords needed to remotely connect to the...

Top CVEs Trending with Cybercriminals

Criminal small talk in underground forums offer critical clues about which known Common Vulnerabilities and Exposures CVEs threat actors are most focused on. This, in turn, offers defenders clues on what to watch out for. An analysis of such chatter, by Cognyte, examined 15 cybercrime forums...