1092 matches found
Joker’s Stash Carding Market to Call it Quits
Jokers Stash, by some accounts the largest underground shop for selling stolen credit card and identity data, says its closing up shop effective mid-February 2021. The announcement came on the heels of a turbulent year for the major cybercrime store, and just weeks after U.S. and European...
GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services
Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the worlds largest domain name registrar, KrebsOnSecurity has learned. The incident is the latest incursion a...
U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs
A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S. Secret Service. A memo seen by...
Bot Roundup: Avalanche, Kronos, NanoCore
It's been a busy few weeks in cybercrime news, justifying updates to a couple of cases we've been following closely at KrebsOnSecurity. In Ukraine, the alleged ringleader of the Avalanche malware spam botnet was arrested after eluding authorities in the wake of a global cybercrime crackdown there...
Fear the Reaper, or Reaper Madness?
Last week we looked at reports from China and Israel about a new "Internet of Things" malware strain called "Reaper" that researchers said infected more than a million organizations by targeting newfound security weaknesses in countless Internet routers, security cameras and digital video recorde...
How a Citadel Trojan Developer Got Busted
A U.S. District Court judge in Atlanta last week handed a five year prison sentence to Mark Vartanyan, a Russian hacker who helped develop and sell the once infamous and widespread Citadel banking trojan. This fact has been reported by countless media outlets, but far less well known is the...
Interview With a Crypto Scam Investment Spammer
Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. What follows is an interview with a Russian hacker responsible for a series of aggressive crypto spam campaigns that recently prompted several...
911 Proxy Service Implodes After Disclosing Breach
The 911 service as it existed until July 28, 2022. 911.re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its business...
Microsoft Patch Tuesday, March 2022 Edition
Microsoft on Tuesday released software updates to plug at least 70 security holes in its Windows operating systems and related software. For the second month running, there are no scary zero-day threats looming for Windows users, and relatively few "critical" fixes. And yet we know from experienc...
Experian’s Credit Freeze Security is Still a Joke
In 2017, KrebsOnSecurity showed how easy it is for identity thieves to undo a consumers request to freeze their credit file at Experian, one of the big three consumer credit bureaus in the United States. Last week, KrebsOnSecurity heard from a reader who had his freeze thawed without authorizatio...
Fintech Giant Fiserv Used Unclaimed Domain
If you sell Web-based software for a living and ship code that references an unregistered domain name, you are asking for trouble. But when the same mistake is made by a Fortune 500 company, the results can range from costly to disastrous. Heres the story of one such goof committed by Fiserv...
Breach at Dickey’s BBQ Smokes 3M Cards
One of the digital undergrounds most popular stores for peddling stolen credit card information began selling a batch of more than three million new card records this week. KrebsOnSecurity has learned the data was stolen in a lengthy data breach at more than 100 Dickeys Barbeque Restaurant...
Report: U.S. Cyber Command Behind Trickbot Tricks
A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet, a malware crime machine that has infected millions of computers and is often used to spread ransomware. A new report Friday says the coordinated attack was part of an operation carried out by th...
U.S. Govt. Makes it Harder to Get .Gov Domains
The federal agency in charge of issuing .gov domain names is enacting new requirements for validating the identity of people requesting them. The additional measures come less than four months after KrebsOnSecurity published research suggesting it was relatively easy for just about anyone to get...
FCC Proposes to Fine Wireless Carriers $200M for Selling Customer Location Data
The U.S. Federal Communications Commission FCC today proposed fines of more than $200 million against the nation's four largest wireless carriers for selling access to their customers' location information without taking adequate precautions to prevent unauthorized access to that data. While the...
Encoding Stolen Credit Card Data on Barcodes
Crooks are constantly dreaming up new ways to use and conceal stolen credit card data. According to the U.S. Secret Service, the latest scheme involves stolen card information embedded in barcodes affixed to phony money network rewards cards. The scammers then pay for merchandise by instructing a...
The Great $50M African IP Address Heist
A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions of dollars worth of the increasingly...
Interview With the Guy Who Tried to Frame Me for Heroin Possession
In April 2013, I received via U.S. mail more than a gram of pure heroin as part of a scheme to get me arrested for drug possession. But the plan failed and the Ukrainian mastermind behind it soon after was imprisoned for unrelated cybercrime offenses. That individual recently gave his first...
Supply Chain Security is the Whole Enchilada, But Who’s Willing to Pay for It?
From time to time, there emerge cybersecurity stories of such potential impact that they have the effect of making all other security concerns seem minuscule and trifling by comparison. Yesterday was one of those times. Bloomberg Businessweek on Thursday published a bombshell investigation allegi...
Leader of DDoS-for-Hire Gang Pleads Guilty to Bomb Threats
A 19-year-old man from the United Kingdom who headed a cybercriminal group whose motto was "Feds Can't Touch Us" pleaded guilty this week to making bomb threats against thousands of schools. On Aug. 31, officers with the U.K.'s National Crime Agency NCA arrested Hertfordshire resident George...
Who’s Behind the Screencam Extortion Scam?
The sextortion email scam last month that invoked a real password used by each recipient and threatened to release embarrassing Webcam videos almost certainly was not the work of one criminal or even one group of criminals. Rather, it's likely that additional spammers and scammers piled on with...
Indian Bank Hit in $13.5M Cyberheist After FBI ATM Cashout Warning
On Sunday, Aug. 12, KrebsOnSecurity carried an exclusive: The FBI was warning banks about an imminent "ATM cashout" scheme about to unfold across the globe, thanks to a data breach at an unknown financial institution. On Aug. 14, a bank in India disclosed hackers had broken into its servers,...
Supreme Court: Police Need Warrant for Mobile Location Data
The U.S. Supreme Court today ruled that the government needs to obtain a court-ordered warrant to gather location data on mobile device users. The decision is a major development for privacy rights, but experts say it may have limited bearing on the selling of real-time customer location data by...
Who Is Afraid of More Spams and Scams?
Security researchers who rely on data included in Web site domain name records to combat spammers and scammers will likely lose access to that information for at least six months starting at the end of May 2018, under a new proposal that seeks to bring the system in line with new European privacy...
2nd Breach at Verticalscope Impacts Millions
For the second time in as many years, hackers have compromised Verticalscope.com, a Canadian company that manages hundreds of popular Web discussion forums totaling more than 45 million user accounts. Evidence of the breach was discovered just before someone began using that illicit access as a...
B&B Theatres Hit in 2-Year Credit Card Breach
B&B Theatres, a company that owns and operates the 7th-largest theater chain in America, says it is investigating a breach of its credit card systems. The acknowledgment comes just days after KrebsOnSecurity reached out to the company for comment on reports from financial industry sources who sai...
Happy 11th Birthday, KrebsOnSecurity!
Today marks the 11th anniversary of KrebsOnSecurity! Thank you, Dear Readers, for your continued encouragement and support! With the ongoing disruption to life and livelihood wrought by the Covid-19 pandemic, 2020 has been a fairly horrid year by most accounts. And its perhaps fitting that this w...
110 Nursing Homes Cut Off from Health Records in Ransomware Attack
A ransomware outbreak has besieged a Wisconsin based IT company that provides cloud data hosting, security and access management to more than 100 nursing homes across the United States. The ongoing attack is preventing these care centers from accessing crucial patient medical records, and the IT...
Experts: Breach at IT Outsourcing Giant Wipro
Indian information technology IT outsourcing and consulting giant Wipro Ltd. NYSE:WIT is investigating reports that its own IT systems have been hacked and are being used to launch attacks against some of the company's customers, multiple sources tell KrebsOnSecurity. Wipro has refused to respond...
Half of all Phishing Sites Now Have the Padlock
Maybe you were once advised to "look for the padlock" as a means of telling legitimate e-commerce sites from phishing or malware traps. Unfortunately, this has never been more useless advice. New research indicates that half of all phishing scams are now hosted on Web sites whose Internet address...
Busting SIM Swappers and SIM Swap Myths
KrebsOnSecurity recently had a chance to interview members of the REACT Task Force, a team of law enforcement officers and prosecutors based in Santa Clara, Calif. that has been tracking down individuals engaged in unauthorized "SIM swaps" -- a complex form of mobile phone fraud that is often use...
Dumping Data from Deep-Insert Skimmers
I recently heard from a police detective who was seeking help identifying some strange devices found on two Romanian men caught maxing out stolen credit cards at local retailers. Further inspection revealed the devices to be semi-flexible data transfer wands that thieves can use to extract stolen...
Patch Tuesday, March 2024 Edition
Apple and Microsoft recently released software updates to fix dozens of security holes in their operating systems. Microsoft today patched at least 60 vulnerabilities in its Windows OS. Meanwhile, Apples new macOS Sonoma addresses at least 68 security weaknesses, and its latest update for iOS fix...
Microsoft Patch Tuesday, October 2022 Edition
Microsoft today released updates to fix at least 85 security holes in its Windows operating systems and related software, including a new zero-day vulnerability in all supported versions of Windows that is being actively exploited. However, noticeably absent from this months Patch Tuesday are any...
Microsoft Patch Tuesday, August 2022 Edition
Microsoft today released updates to fix a record 141 security vulnerabilities in its Windows operating systems and related software. Once again, Microsoft is patching a zero-day vulnerability in the Microsoft Support Diagnostics Tool MSDT, a service built into Windows. Redmond also addressed...
3 Charged In Fatal Kansas ‘Swatting’ Attack
Federal prosecutors have charged three men with carrying out a deadly hoax known as "swatting," in which perpetrators call or message a target's local 911 operators claiming a fake hostage situation or a bomb threat in progress at the target's address -- with the expectation that local police may...
Financial Cyber Threat Sharing Group Phished
The Financial Services Information Sharing and Analysis Center FS-ISAC, an industry forum for sharing data about critical cybersecurity threats facing the banking and finance industries, said today that a successful phishing attack on one of its employees was used to launch additional phishing...
How to Opt Out of Equifax Revealing Your Salary History
A KrebsOnSecurity series on how easy big-three credit bureau Equifax makes it to get detailed salary history data on tens of millions of Americans apparently inspired a deeper dive on the subject by Fast Company, which examined how this Equifax division has been one of the company's best...
Ubiquiti All But Confirms Breach Response Iniquity
For four days this past week, Internet-of-Things giant Ubiquiti did not respond to requests for comment on a whistleblowers allegations the company had massively downplayed a "catastrophic" two-month breach ending in January to save its stock price, and that Ubiquitis insinuation that a third-par...
Apple Addresses iPhone 11 Location Privacy Concern
Apple is rolling out a new update to its iOS operating system that addresses the location privacy issue on iPhone 11 devices that was first detailed here last month. Beta versions of iOS 13.3.1 include a new setting that lets users disable the "Ultra Wideband" feature, a short-range technology th...
Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains
On Nov. 23, one of the cybercrime underground's largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards. KrebsOnSecurity has learned this latest batch of cards was siphoned from four different...
What We Can Learn from the Capital One Hack
On Monday, a former Amazon employee was arrested and charged with stealing more than 100 million consumer applications for credit from Capital One. Since then, many have speculated the breach was perhaps the result of a previously unknown "zero-day" flaw, or an "insider" attack in which the accus...
Crypto Mining Service Coinhive to Call it Quits
Roughly one year ago, KrebsOnSecurity published a lengthy investigation into the individuals behind Coinhive.com, a cryptocurrency mining service that has been heavily abused to force hacked Web sites to mine virtual currency. On Tuesday, Coinhive announced plans to pull the plug on the project...
Credit Card Issuer TCM Bank Leaked Applicant Data for 16 Months
TCM Bank, a company that helps more than 750 small and community U.S. banks issue credit cards to their account holders, said a Web site misconfiguration exposed the names, addresses, dates of birth and Social Security numbers of thousands of people who applied for cards between early March 2017...
Dot-cm Typosquatting Sites Visited 12M Times So Far in 2018
A story published here last week warned readers about a vast network of potentially malicious Web sites ending in ".cm" that mimic some of the world's most popular Internet destinations e.g. espndotcm, aoldotcm and itunesdot.cm in a bid to bombard visitors with fake security alerts that can lock ...
Canadian Man Gets 9 Months Detention for Serial Swattings, Bomb Threats
A 19-year-old Canadian man was found guilty of making almost three dozen fraudulent calls to emergency services across North America in 2013 and 2014. The false alarms, two of which targeted this author -- involved phoning in phony bomb threats and multiple attempts at "swatting" -- a dangerous...
The Equifax Breach: What You Should Know
It remains unclear whether those responsible for stealing Social Security numbers and other data on as many as 143 million Americans from big-three credit bureau Equifax intend to sell this data to identity thieves. But if ever there was a reminder that you -- the consumer -- are ultimately...
The iPhone 11 Pro’s Location Data Puzzler
One of the more curious behaviors of Apple's new iPhone 11 Pro is that it intermittently seeks the user's location information even when all applications and system services on the phone are individually set to never request this data. Apple says this is by design, but that response seems at odds...
The Risk of Weak Online Banking Passwords
If you bank online and choose weak or re-used passwords, there's a decent chance your account could be pilfered by cyberthieves -- even if your bank offers multi-factor authentication as part of its login process. This story is about how crooks increasingly are abusing third-party financial...
How Not to Acknowledge a Data Breach
I'm not a huge fan of stories about stories, or those that explore the ins and outs of reporting a breach. But occasionally I feel obligated to publish such accounts when companies respond to a breach report in such a way that it's crystal clear they wouldn't know what to do with a data breach if...