Lucene search
K
KrebsMost viewed

1093 matches found

Krebs on Security
Krebs on Security
added 2023/02/05 4:14 p.m.25 views

Finland’s Most-Wanted Hacker Nabbed in France

Julius "Zeekill" Kivimäki, a 25-year-old Finnish man charged with extorting a local online psychotherapy practice and leaking therapy notes for more than 22,000 patients online, was arrested this week in France. A notorious hacker convicted of perpetrating tens of thousands of cybercrimes, Kivimä...

7.3AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/11/28 10:8 p.m.25 views

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

A recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention CDC were integrating software that sends visitor data to a Russian company called Pushwoosh, which claims to be based in the United States. But that story omitted an important...

7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/11/04 9:9 p.m.25 views

LinkedIn Adds Verified Emails, Profile Creation Dates

Responding to a recent surge in AI-generated bot accounts, LinkedIn is rolling out new features that it hopes will help users make more informed decisions about with whom they choose to connect. Many LinkedIn profiles now display a creation date, and the company is expanding its domain validation...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/10/15 2:8 p.m.25 views

Anti-Money Laundering Service AMLBot Cleans House

AMLBot, a service that helps businesses avoid transacting with cryptocurrency wallets that have been sanctioned for cybercrime activity, said an investigation published by KrebsOnSecurity last year helped it shut down three dark web services that secretly resold its technology to help cybercrooks...

7.3AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/09/14 9:46 p.m.25 views

Say Hello to Crazy Thin ‘Deep Insert’ ATM Skimmers

A number of financial institutions in and around New York City are dealing with a rash of super-thin "deep insert" skimming devices designed to fit inside the mouth of an ATMs card acceptance slot. The card skimmers are paired with tiny pinhole cameras that are cleverly disguised as part of the...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/08/06 1:54 a.m.25 views

Class Action Targets Experian Over Account Security

A class action lawsuit has been filed against big-three consumer credit bureau Experian over reports that the company did little to prevent identity thieves from hijacking consumer accounts. The legal filing cites liberally from an investigation KrebsOnSecurity published in July, which found that...

7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/07/28 6:52 p.m.25 views

Breach Exposes Users of Microleaves Proxy Service

Microleaves, a ten-year-old proxy service that lets customers route their web traffic through millions of Microsoft Windows computers, recently fixed a vulnerability in their website that exposed their entire user database. Microleaves claims its proxy software is installed with user consent, but...

6.7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/06/11 12:4 a.m.25 views

Adconion Execs Plead Guilty in Federal Anti-Spam Case

At the outset of their federal criminal trial for hijacking vast swaths of Internet addresses for use in large-scale email spam campaigns, three current or former executives at online advertising firm Adconion Direct now Amobee have pleaded guilty to lesser misdemeanor charges of fraud and...

0.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/04/12 5:29 p.m.25 views

RaidForums Gets Raided, Alleged Admin Arrested

The U.S. Department of Justice DOJ said today it seized the website and user database for RaidForums, an extremely popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the worlds largest data breaches since 2015. The DOJ also charge...

7.5AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/01/21 5:11 p.m.25 views

Crime Shop Sells Hacked Logins to Other Crime Shops

Up for the "Most Meta Cybercrime Offering" award this year is Accountz Club, a new cybercrime store that sells access to purloined accounts at services built for cybercriminals, including shops peddling stolen payment cards and identities, spamming tools, email and phone bombing services, and tho...

7.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/11/09 2:5 a.m.25 views

REvil Ransom Arrest, $6M Seizure, and $10M Reward

The U.S. Department of Justice today announced the arrest of Ukrainian man accused of deploying ransomware on behalf of the REvil ransomware gang, a Russian-speaking cybercriminal collective that has extorted hundreds of millions from victim organizations. The DOJ also said it had seized $6.1...

6.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/10/28 6:54 p.m.25 views

Zales.com Leaked Customer Data, Just Like Sister Firms Jared, Kay Jewelers Did in 2018

In December 2018, bling vendor Signet Jewelers fixed a weakness in their Kay Jewelers and Jared websites that exposed the order information for all of their online customers. This week, Signet subsidiary Zales.com updated its website to remediate a nearly identical customer data exposure. Last...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2020/01/09 7:44 p.m.25 views

Lawmakers Prod FCC to Act on SIM Swapping

Crooks have stolen tens of millions of dollars and other valuable commodities from thousands of consumers via "SIM swapping," a particularly invasive form of fraud that involves tricking a target's mobile carrier into transferring someone's wireless service to a device they control. But the U.S...

6.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/08/28 1:27 p.m.25 views

Fiserv Flaw Exposed Customer Data at Hundreds of Banks

Fiserv, Inc., a major provider of technology services to financial institutions, just fixed a glaring weakness in its Web platform that exposed personal and financial details of countless customers across hundreds of bank Web sites, KrebsOnSecurity has learned. Brookfield, Wisc.-based Fiserv...

6.5AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/01/11 6:25 p.m.25 views

Bitcoin Blackmail by Snail Mail Preys on Those with Guilty Conscience

KrebsOnSecurity heard from a reader whose friend recently received a remarkably customized extortion letter via snail mail that threatened to tell the recipient's wife about his supposed extramarital affairs unless he paid $3,600 in bitcoin. The friend said he had nothing to hide and suspects thi...

6.5AI score
Exploits0
Krebs on Security
Krebs on Security
added 2025/05/22 9:53 p.m.24 views

Oops: DanaBot Malware Devs Infected Their Own PCs

The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot , a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer version of DanaBot was used for espionage, and...

6.7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2025/03/11 4:49 p.m.24 views

Alleged Co-Founder of Garantex Arrested in India

Authorities in India today arrested the alleged co-founder of Garantex , a cryptocurrency exchange sanctioned by the U.S. government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Sources close to the investigati...

7.2AI score
Exploits0
Krebs on Security
Krebs on Security
added 2024/09/13 12:16 p.m.24 views

The Dark Nexus Between Harm Groups and ‘The Com’

A cyberattack that shut down two of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023. It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. But that...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2024/03/22 7:2 p.m.24 views

Mozilla Drops Onerep After CEO Admits to Running People-Search Networks

The nonprofit organization that supports the Firefox web browser said today it is winding down its new partnership with Onerep, an identity protection service recently bundled with Firefox that offers to remove users from hundreds of people-search sites. The move comes just days after a report by...

7.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2024/01/26 6:12 p.m.24 views

Who is Alleged Medibank Hacker Aleksandr Ermakov?

Authorities in Australia, the United Kingdom and the United States this week levied financial sanctions against a Russian man accused of stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. 33-year-old Aleksandr Ermakov allegedly stole and leaked the...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2023/09/01 3:38 p.m.24 views

Why is .US Being Used to Phish So Many of Us?

Domain names ending in ".US" -- the top-level domain for the United States -- are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the target of phishing domains ending in .US. Also, .US domains...

6.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2023/03/17 11:39 p.m.24 views

Feds Charge NY Man as BreachForums Boss “Pompompurin”

The U.S. Federal Bureau of Investigation FBI this week arrested a New York man on suspicion of running BreachForums, a popular English-language cybercrime forum where some of the world biggest hacked databases routinely show up for sale. The forums administrator "Pompompurin" has been a thorn in...

0.5AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/06/28 6:33 p.m.24 views

The Link Between AWM Proxy & the Glupteba Botnet

On December 7, 2021, Google announced it was suing two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. That same day, AWM Proxy -- a 14-year-old anonymity service that rents hacked PCs to...

7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/05/31 7:57 p.m.24 views

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Costa Ricas national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware...

0.7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/03/29 2:7 p.m.24 views

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

There is a terrifying and highly effective "method" that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. It involves compromising email accounts and websites tied to police departments and government...

Exploits0
Krebs on Security
Krebs on Security
added 2021/11/13 10:46 p.m.24 views

Hoax Email Blast Abused Poor Coding in FBI Website

The Federal Bureau of Investigation FBI confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. According to an interview with the person who claimed responsibility for the hoax, the spam messages were sen...

6.6AI score
Exploits0
Krebs on Security
Krebs on Security
added 2020/06/27 5:27 p.m.24 views

Russian Cybercrime Boss Burkov Gets 9 Years

A well-connected Russian hacker once described as “an asset of supreme importance” to Moscow was sentenced on Friday to nine years in a U.S. prison after pleading guilty to running a site that sold stolen payment card data, and to administering a highly secretive crime forum that counted among it...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2020/06/19 7:19 p.m.24 views

Turn on MFA Before Crooks Do It For You

Hundreds of popular websites now offer some form of multi-factor authentication MFA, which can help users safeguard access to accounts when their password is breached or stolen. But people who don't take advantage of these added safeguards may find it far more difficult to regain access when thei...

6.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2020/06/03 10:0 p.m.24 views

Romanian Skimmer Gang in Mexico Outed by KrebsOnSecurity Stole $1.2 Billion

An exhaustive inquiry published today by a consortium of investigative journalists says a three-part series KrebsOnSecurity published in 2015 on a Romanian ATM skimming gang operating in Mexico's top tourist destinations disrupted their highly profitable business, which raked in an estimated $1.2...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/02/08 6:4 p.m.24 views

U.S. Arrests 13, Charges 36 in ‘Infraud’ Cybercrime Forum Bust

The U.S. Justice Department announced charges on Wednesday against three dozen individuals thought to be key members of 'Infraud," a long-running cybercrime forum that federal prosecutors say cost consumers more than a half billion dollars. In conjunction with the forum takedown, 13 alleged Infra...

7.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2017/07/20 4:23 p.m.24 views

After AlphaBay’s Demise, Customers Flocked to Dark Market Run by Dutch Police

Earlier this month, news broke that authorities had seized the Dark Web marketplace AlphaBay, an online black market that peddled everything from heroin to stolen identity and credit card data. But it wasn't until today, when the U.S. Justice Department held a press conference to detail the...

7.2AI score
Exploits0
Krebs on Security
Krebs on Security
added 2017/06/23 2:9 p.m.24 views

FBI: Extortion, CEO Fraud Among Top Online Fraud Complaints in 2016

Online extortion, tech support scams and phishing attacks that spoof the boss were among the most costly cyber scams reported by consumers and businesses last year, according to new figures from the FBI's Internet Crime Complaint Center IC3. The IC3 report released Thursday correctly identifies...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2017/05/09 3:13 a.m.24 views

Website Flaw Let True Health Diagnostics Users View All Medical Records

Over the past two weeks readers have pointed KrebsOnSecurity to no fewer than three different healthcare providers that failed to provide the most basic care to protect their patients' records online. Only one of the three companies -- the subject of today's story -- required users to be logged o...

6.8AI score
Exploits0
Krebs on Security
Krebs on Security
added 2024/11/27 12:45 a.m.23 views

Hacker in Snowflake Extortions May Be a U.S. Soldier

Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake , but a third suspect -- a prolific hacker known as Kiberphant0m -- remains at large and continues to publicly extort victims. However, this person's...

7.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2024/07/23 7:41 p.m.23 views

Phish-Friendly Domain Registry “.top” Put on Notice

The Chinese company in charge of handing out domain names ending in ".top" has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the release of...

7.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2024/07/03 4:41 p.m.23 views

The Not-So-Secret Network Access Broker x999xx

Most accomplished cybercriminals go out of their way to separate their real names from their hacker handles. But among certain old-school Russian hackers it is not uncommon to find major players who have done little to prevent people from figuring out who they are in real life. A case study in th...

7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2024/05/28 8:38 p.m.23 views

Treasury Sanctions Creators of 911 S5 Proxy Botnet

The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5, an online anonymity service that for many years was the easiest and cheapest way to route ones Web traffic through malware-infected computers around the globe...

7.3AI score
Exploits0
Krebs on Security
Krebs on Security
added 2024/02/22 1:27 p.m.23 views

New Leak Shows Business Side of China’s APT Menace

A new data leak that appears to have come from one of Chinas top private cybersecurity firms provides a rare glimpse into the commercial side of Chinas many state-sponsored hacking groups. Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign...

7.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2024/01/30 7:7 p.m.23 views

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacki...

7.3AI score
Exploits0
Krebs on Security
Krebs on Security
added 2023/07/13 9:45 p.m.23 views

SEO Expert Hired and Fired By Ashley Madison Turned on Company, Promising Revenge

This is Part II of a story published here last week on reporting that went into a new Hulu documentary series on the 2015 Ashley Madison hack. It was around 9 p.m. on Sunday, July 19, when I received a message through the contact form on KrebsOnSecurity.com that the marital infidelity website...

6.9AI score
Exploits0
Krebs on Security
Krebs on Security
added 2023/02/07 10:16 p.m.23 views

KrebsOnSecurity in Upcoming Hulu Series on Ashley Madison Breach

KrebsOnSecurity will likely have a decent amount of screen time in an upcoming Hulu documentary series about the 2015 megabreach at marital infidelity site Ashley Madison. While I cant predict what the producers will do with the video interviews we shot, its fair to say the series will explore...

7.2AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/12/05 7:44 p.m.23 views

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba, one of the Internets largest and oldest botnets. The defendants, who initially pursued a strategy of counter suing Google for interfering in their sprawling cybercrime business...

7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/07/15 7:43 p.m.23 views

Why 8kun Went Offline During the January 6 Hearings

The latest Jan. 6 committee hearing on Tuesday examined the role of conspiracy theory communities like 8kun.top and TheDonald.win in helping to organize and galvanize supporters who responded to former President Trumps invitation to "be wild" in Washington, D.C. on that chaotic day. At the same...

1.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/06/03 7:33 p.m.23 views

What Counts as “Good Faith Security Research?”

The U.S. Department of Justice DOJ recently revised its policy on charging violations of the Computer Fraud and Abuse Act CFAA, a 1986 law that remains the primary statute by which federal prosecutors pursue cybercrime cases. The new guidelines state that prosecutors should avoid charging securit...

7.2AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/04/18 8:41 p.m.23 views

Conti’s Ransomware Toll on the Healthcare Industry

Conti -- one of the most ruthless and successful Russian ransomware groups -- publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 20...

7.2AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/02/22 4:18 p.m.23 views

Report: Missouri Governor’s Office Responsible for Teacher Data Leak

Missouri Governor Mike Parson made headlines last year when he vowed to criminally prosecute a journalist for reporting a security flaw in a state website that exposed personal information of more than 100,000 teachers. But Missouri prosecutors now say they will not pursue charges following...

0.6AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/01/14 10:41 p.m.23 views

At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates

The Russian government said today it arrested 14 people accused of working for "REvil," a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service FSB said the actions were taken in response to a...

6.7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/09/10 6:12 p.m.23 views

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

On Thursday evening, KrebsOnSecurity was the subject of a rather massive and mercifully brief distributed denial-of-service DDoS attack. The assault came from "Meris," the same new botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure fi...

7.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/06/16 2:42 p.m.23 views

Ukrainian Police Nab Six Tied to CLOP Ransomware

Authorities in Ukraine this week charged six people alleged to be part of the CLOP ransomware group, a cybercriminal gang said to have extorted more than half a billion dollars from victims. Some of CLOPs victims this year alone include Stanford University Medical School, the University of...

7.1AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/01/29 6:56 p.m.23 views

The Taxman Cometh for ID Theft Victims

The unprecedented volume of unemployment insurance fraud witnessed in 2020 hasnt abated, although news coverage of the issue has largely been pushed off the front pages by other events. But the ID theft problem is coming to the fore once again: Countless Americans will soon be receiving notices...

6.7AI score
Exploits0
Total number of security vulnerabilities1093