1094 matches found
Scary Fraud Ensues When ID Theft & Usury Collide
Whats worse than finding out that identity thieves took out a 546 percent interest payday loan in your name? How about a 900 percent interest loan? Or how about not learning of the fraudulent loan until it gets handed off to collection agents? One readers nightmare experience spotlights what can...
Omitting the “o” in .com Could Be Costly
Take care when typing a domain name into a browser address bar, because it's far too easy to fat-finger a key and wind up somewhere you don't want to go. For example, if you try to visit some of the most popular destinations on the Web but omit the "o" in .com and type .cm instead, there's a good...
Scattered Spider Hackers Plead Guilty on Day 1 of Trial
Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London , the entity responsible for the public transport network in the Greater London area. The duo were key members of a prolific cybercrime group know...
A Record-Breaking Patch Tuesday for June 2026
Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's monthly Patch Tuesday cycle. Nearly three dozen of those bugs earned Microsoft's most dire "critical" rating, and...
Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts
The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta's "AI support assistant" bot into resetting...
Microsoft Patch Tuesday, December 2025 Edition
Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This final Patch Tuesday of 2025 tackles one zero-day bug that is already being exploited, as well as two publicly disclosed vulnerabilities. Despite releasing a...
Is Your Android TV Streaming Box Part of a Botnet?
On the surface, the Superbox media streaming devices for sale at retailers like BestBuy and Walmart may seem like a steal: They offer unlimited access to more than 2,200 pay-per-view and streaming services like Netflix , ESPN and Hulu , all for a one-time fee of around $400. But security experts...
Canada Fines Cybercrime Friendly Cryptomus $176M
Financial regulators in Canada this week levied $176 million in fines against Cryptomus , a digital payments platform that supports dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services. The penalties for violating Canada's anti money-laundering laws come ten months...
Trump Revenge Tour Targets Cyber Leaders, Elections
President Trump last week revoked security clearances for Chris Krebs , the former director of the Cybersecurity and Infrastructure Security Agency CISA who was fired by Trump after declaring the 2020 election the most secure in U.S. history. The White House memo, which also suspended clearances...
Owners of 1-Time Passcode Theft Service Plead Guilty
Three men in the United Kingdom have pleaded guilty to operating otp.agency , a once popular online service that helped attackers intercept the one-time passcodes OTPs that many websites require as a second authentication factor in addition to passwords. Launched in November 2019, OTP Agency was ...
Who’s Behind the SWAT USA Reshipping Service?
Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. In todays Part II, well examine clues about the real-life identity of "Fearlless,"...
Tech CEO Sentenced to 5 Years in IP Address Scheme
Amir Golestan, the 40-year-old CEO of the Charleston, S.C. based technology company Micfo LLC, has been sentenced to five years in prison for wire fraud. Golestans sentencing comes nearly two years after he pleaded guilty to using an elaborate network of phony companies to secure more than 735,00...
FBI Seizes Bot Shop ‘Genesis Market’ Amid Arrests Targeting Operators, Suppliers
Several domain names tied to Genesis Market, a bustling cybercrime store that sold access to passwords and other data stolen from millions of computers infected with malicious software, were seized by the Federal Bureau of Investigation FBI today. The domain seizures coincided with more than a...
Thinking of Hiring or Running a Booter Service? Think Again.
Most people who operate DDoS-for-hire businesses attempt to hide their true identities and location. Proprietors of these so-called "booter" or "stresser" services -- designed to knock websites and users offline -- have long operated in a legally murky area of cybercrime law. But until recently,...
Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn
On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. The next day, half of those profiles no longer existed. A similarly dramatic drop in the number of LinkedIn profiles claiming employment at Amazon comes as LinkedIn is struggling to combat a...
Russia to Rent Tech-Savvy Prisoners to Corporate IT?
Image: Proxima Studios, via Shutterstock. Faced with a brain drain of smart people fleeing the country following its invasion of Ukraine, the Russian Federation is floating a new strategy to address a worsening shortage of qualified information technology experts: Forcing tech-savvy people within...
Fighting Fake EDRs With ‘Credit Ratings’ for Police
When KrebsOnSecurity recently explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests EDRs from social media firms and technology providers, many security experts called it a fundamentally unfixable problem. But do...
Report: Recent 10x Increase in Cyberattacks on Ukraine
As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians...
IRS: Selfies Now Optional, Biometric Data to Be Deleted
The U.S. Internal Revenue Service IRS said Monday that taxpayers are no longer required to provide facial scans to create an account online at irs.gov. In lieu of providing biometric data, taxpayers can now opt for a live video interview with ID.me, the privately-held Virginia company that runs t...
The ‘Groove’ Ransomware Gang Was a Hoax
A number of publications in September warned about the emergence of "Groove," a new ransomware group that called on competing extortion gangs to unite in attacking U.S. government interests online. It now appears that Groove was all a big hoax designed to toy with security firms and journalists...
Data: E-Retail Hacks More Lucrative Than Ever
For many years and until quite recently, credit card data stolen from online merchants has been worth far less in the cybercrime underground than cards pilfered from hacked brick-and-mortar stores. But new data suggests that over the past year, the economics of supply-and-demand have helped to...
Alleged Spam Kingpin ‘Severa’ Extradited to US
Peter Yuryevich Levashov, a 37-year-old Russian computer programmer thought to be one of the world's most notorious spam kingpins, has been extradited to the United States to face federal hacking and spamming charges. Levashov, in an undated photo. Levashov, who allegedly went by the hacker names...
Fake News at Work in Spam Kingpin’s Arrest?
Over the past several days, many Western news media outlets have predictably devoured thinly-sourced reporting from a Russian publication that the arrest last week of a Russian spam kingpin in Spain was related to hacking attacks linked to last year’s U.S. election. While there is scant evidence...
Microsoft Fix Targets Attacks on SharePoint Zero-Day
On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the SharePoint flaw to breach U.S. federal and...
Inside a Dark Adtech Empire Fed by Fake CAPTCHAs
Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by leveraging the same malicious advertising technology that powers a sprawling ecosystem of online hucksters and website hackers. A new...
U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
Image: Shutterstock, ArtHead. The U.S. government today imposed economic sanctions on Funnull Technology Inc. , a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams known as “pig butchering." In Janua...
China-based SMS Phishing Triad Pivots to Banks
China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called "Smishing Triad " mainly impersonated toll road operators and shipping companies. But experts say these groups a...
How Each Pillar of the 1st Amendment is Under Attack
" Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances." -U.S. Constitution,...
Teen on Musk’s DOGE Team Graduated from ‘The Com’
Wired reported this week that a 19-year-old working for Elon Musk 's so-called Department of Government Efficiency DOGE was given access to sensitive US government systems even though his past association with cybercrime communities should have precluded him from gaining the necessary security...
Experts Flag Security, Privacy Risks in DeepSeek AI App
New mobile apps from the Chinese artificial intelligence AI company DeepSeek have remained among the top three "free" downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek's design choices -- such as using hard-coded encryption keys,...
Booking.com Phishers May Leave You With Reservations
A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans. This story examines a recent spear-phishing campaign that ensued when a California hotel had its booking.com credentials stolen. We'll also explore an array of cybercrime services aim...
Don’t Let Your Domain Name Become a “Sitting Duck”
More than a million domain names -- including many registered by Fortune 100 firms and brand protection companies -- are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars, new research finds. Image:...
Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services
Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google Workspace account, and leverage that to impersonate a domain holder at third-party services that allow logins through Googles "Sign in with Google" feature...
Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks
At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still havent set up their new accounts. Experts say malicious hackers learned they could commandee...
The Stark Truth Behind the Resurgence of Russia’s Fin7
The Russia-based cybercrime group dubbed "Fin7," known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 -- setting up thousands o...
Is Your Computer Part of ‘The Largest Botnet Ever?’
The U.S. Department of Justice DOJ today said they arrested the alleged operator of 911 S5, a ten-year-old online anonymity service that was powered by what the director of the FBI called "likely the worlds largest botnet ever." The arrest coincided with the seizure of the 911 S5 website and...
Happy 14th Birthday, KrebsOnSecurity!
KrebsOnSecurity celebrates its 14th year of existence today! I promised myself this post wouldnt devolve into yet another Cybersecurity Year in Review. Nor do I wish to hold forth about whatever cyber horrors may await us in 2024. But I do want to thank you all for your continued readership,...
Re-Victimization from Police-Auctioned Cell Phones
Countless smartphones seized in arrests and searches by police forces across the United States are being auctioned online without first having the data on them erased, a practice that can lead to crime victims being re-victimized, a new study found. In response, the largest online marketplace for...
ConnectWise Quietly Patches Flaw That Helps Phishers
ConnectWise, which offers a self-hosted, remote desktop software application that is widely used by Managed Service Providers MSPs, is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link. The...
Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire
A 21-year-old New Jersey man has been arrested and charged with stalking in connection with a federal investigation into groups of cybercriminals who are settling scores by hiring people to carry out physical attacks on their rivals. Prosecutors say the defendant recently participated in several ...
Ransomware Group Debuts Searchable Victim Data
Cybercrime groups that specialize in stealing corporate data and demanding a ransom not to publish it have tried countless approaches to shaming their victims into paying. The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group, which has traditionally...
Inside Ireland’s Public Healthcare Ransomware Scare
The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Irelands public health system. The unusually candid post-mortem found that nearly two months elapsed between the initial intrusion and the launching of the...
Wipro Intruders Targeted Other Major IT Firms
The crooks responsible for launching phishing campaigns that netted dozens of employees and more than 100 computer systems last month at Wipro, India's third-largest IT outsourcing firm, also appear to have targeted a number of other competing providers, including Infosys and Cognizant, new...
State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China
Here's a timely reminder that email isn't the only vector for phishing attacks: Several U.S. state and local government agencies have reported receiving strange letters via snail mail that include malware-laden compact discs CDs apparently sent from China, KrebsOnSecurity has learned. This...
Buyers Beware of Tampered Gift Cards
Prepaid gift cards make popular presents and no-brainer stocking stuffers, but before you purchase one be on the lookout for signs that someone may have tampered with it. A perennial scam that picks up around the holidays involves thieves who pull back and then replace the decals that obscure the...
The Market for Stolen Account Credentials
Past stories here have explored the myriad criminal uses of a hacked computer, the various ways that your inbox can be spliced and diced to help cybercrooks ply their trade, and the value of a hacked company. Today's post looks at the price of stolen credentials for just about any e-commerce, ban...
UK Man Gets Two Years in Jail for Running ‘Titanium Stresser’ Attack-for-Hire Service
A 20-year-old man from the United Kingdom was sentenced to two years in prison today after admitting to operating and selling access to "Titanium Stresser," a simple-to-use service that let paying customers launch crippling online attacks against Web sites and individual Internet users. Adam Mudd...
Tracing Spam: Diet Pills from Beltway Bandits
Reading junk spam messages isn't exactly my idea of a good time, but sometimes fun can be had when you take a moment to check who really sent the email. Here's the simple story of how a recent spam email advertising celebrity "diet pills" was traced back to a Washington, D.C.-area defense...
Alleged Spam King Pyotr Levashov Arrested
Authorities in Spain have arrested a Russian computer programmer thought to be one of the world's most notorious spam kingpins. Spanish police arrested Pyotr Levashov under an international warrant executed in the city of Barcelona, according to Reuters. Russian state-run television station RT...
Who Runs the Ransomware Group ‘The Gentlemen?’
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by victims. This post examines clues...