Lucene search
K

18 matches found

Talos Blog
Talos Blog
added 2025/11/13 11:0 a.m.10 views

Unleashing the Kraken ransomware group

In August 2025, Cisco Talos observed big-game hunting and double extortion attacks carried out by Kraken, a Russian-speaking group that has emerged from the remnants of the HelloKitty ransomware cartel. Talos observed in one intrusion that the Kraken actor exploited Server Message Block SMB...

7.5AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/06/26 5:3 p.m.26 views

Episode 2: Behind the Scenes of a Tailor-Made Massive Phishing Campaign Part 2

Executive Summary Last summer, we investigated a massive, global phishing campaign impersonating almost 350 legitimate companies. Our continued investigation into this expansive phishing campaign revealed leaked backend source code, shedding light on the infrastructure behind the operation. This...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/01 6:31 a.m.51 views

Australian Hacker Charged with Creating, Selling Spyware to Cyber Criminals

A 24-year-old Australian national has been charged for his purported role in the creation and sale of spyware for use by domestic violence perpetrators and child sex offenders. Jacob Wayne John Keen, who currently resides at Frankston, Melbourne, is said to have created the remote access trojan R...

2AI score
Exploits0
ThreatPost
ThreatPost
added 2021/08/16 3:12 p.m.102 views

100m T-Mobile Customer Records Purportedly Up for Sale

A threat actor is selling what they claim to be 30 million T-Mobile customers’ Social Security and driver license numbers on an underground web forum. The collection is a subset of the purported 100 million records contained in stolen databases. The seller told Motherboard – which first reported...

6.7AI score
Exploits0References10
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/08/10 12:0 a.m.22 views

Chaos Ransomware: A Proof of Concept With Potentially Dangerous Applications

Since June 2021, we’ve been monitoring an in-development ransomware builder called Chaos, which is being offered for testing on an underground forum...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/06/02 12:45 p.m.209 views

Cybercriminals Hold $115,000-Prize Contest to Find New Cryptocurrency Hacks

A top Russian-language underground forum has been running a "contest" for the past month, calling on its community to submit "unorthodox" ways to conduct cryptocurrency attacks. The forum's administrator, in an announcement made on April 20, 2021, invited members to submit papers that assess the...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2020/09/01 1:35 p.m.1868 views

Pioneer Kitten APT Sells Corporate Network Access

An APT group known as Pioneer Kitten, linked to Iran, has been spotted selling corporate-network credentials on hacker forums. The credentials would let other cybercriminal groups and APTs perform cyberespionage and other nefarious cyber-activity. Pioneer Kitten is a hacker group that specializes...

10CVSS0.3AI score0.99999EPSS
Exploits129References13
ThreatPost
ThreatPost
added 2020/05/08 4:1 p.m.61 views

Hackers Breach 3.5 Million MobiFriends Dating App Credentials

The credentials of 3.5 million users of MobiFriends, a popular dating app, have surfaced on a prominent deep web hacking forum, according to researchers. MobiFriends is an online service and Android app designed to help users worldwide meet new people online. The Barcelona-based developer of...

0.6AI score
Exploits0References9
Krebs on Security
Krebs on Security
added 2019/02/06 5:50 a.m.109 views

More Alleged SIM Swappers Face Justice

Prosecutors in Northern California have charged two men with using unauthorized SIM swaps to steal and extort money from victims. One of the individuals charged allegedly used a hacker nickname belonging to a key figure in the underground who's built a solid reputation hijacking mobile phone...

7.2AI score
Exploits0
Krebs on Security
Krebs on Security
added 2019/01/17 8:11 p.m.89 views

773M Password ‘Megabreach’ is Years Old

My inbox and Twitter messages positively lit up today with people forwarding stories from Wired and other publications about a supposedly new trove of nearly 773 million unique email addresses and 21 million unique passwords that were posted to a hacking forum. A story in The Guardian breathlessl...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2018/10/31 3:38 p.m.479 views

Kraken Ransomware Upgrades Distribution with RaaS Model

The Kraken ransomware author has released a second version of the malicious code, along with a unique affiliate program on the Dark Web. According to research into Kraken v.2 the new version is being promoted in a ransomware-as-a-service RaaS model to underground forum customers, via a video...

0.8AI score
Exploits0References2
ThreatPost
ThreatPost
added 2017/10/25 2:33 p.m.59 views

Hackers Prepping IOTroop Botnet with Exploits

Hackers moved one step closer to launching full-scale DDoS attacks using millions of IoT devices herded into the botnet known as Reaper or IOTroop. Researchers at NewSky Security warn that hackers are swapping scripts on forums that can scan the internet for vulnerable IoT devices and dump defaul...

7.5CVSS9.9AI score0.18005EPSS
Exploits4References6
ThreatPost
ThreatPost
added 2016/09/29 2:15 p.m.6 views

Yahoo Challenged on Claims Breach Was State-Sponsored Attack

As challenges mount against Yahoo’s attribution of a massive 2014 data breach to state-sponsored hackers, CISO Bob Lord yesterday confirmed that a cache of 200 million Yahoo accounts marketed this summer in an underground forum is unrelated to the breach. Speaking at the Structure Security...

7.8AI score
Exploits0References5
The Hacker News
The Hacker News
added 2014/07/11 11:42 p.m.17 views

'Tinba' Banking Malware Source Code Leaked Online

The source code for the smallest but sophisticated banking Trojan Tinba has been leaked through an online post in an underground forum, which make it available for anyone who knows where to look for free malware generation tools. The files posted on the closed russian underground forum turned out...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2014/03/06 1:49 p.m.327 views

Microsoft, Kaspersky Shed Light on Sefnit Tor Botnet

Alarm bells went off last August when spikes in Tor client downloads were traced to a large click-fraud and Bitcoin-mining botnet called Sefnit. The malware was using the popular anonymity network to communicate with hackers in order to transmit stolen data and receive additional commands. In...

9.3CVSS8.5AI score0.99945EPSS
Exploits33References7
ThreatPost
ThreatPost
added 2013/07/23 1:30 p.m.14 views

KINS Banking Trojan For Sale in Underground Forum

It seems the cybercrime underground is pining for a new breed of banking Trojan. With heavyweights such as Citadel no longer generally available for purchase, rumblings on forums for months have indicated that a new project would be welcomed and financed. Since February, researchers at RSA’s...

0.2AI score
Exploits0References5
The Hacker News
The Hacker News
added 2013/01/17 4:35 p.m.10 views

New Java exploit sells for $5000 on Black market

We continues to recommend users disable the Java program in their Web browsers, because it remains vulnerable to attacks that could result in identity theft and other cyber crimes and less than 24 hours after Oracle Sunday released a security update that addresses two critical zero-day...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2013/01/17 5:35 a.m.13 views

New Java exploit sells for $5000 on Black market

We continues to recommend users disable the Java program in their Web browsers, because it remains vulnerable to attacks that could result in identity theft and other cyber crimes and less than 24 hours after Oracle Sunday released a security update that addresses two critical zero-day...

6.9AI score
Exploits0
Rows per page
Query Builder