Krebs – Page 18 – Computer Security Articles

Service Rents Email Addresses for Account Signups

June 6, 2023 admin impulse scam crypto project, kopeechka, Mastodon, quotpw, renaud chaput, spam, Trend Micro, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 06 Jun 2023 20:09:13 +0000

One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to create large numbers of new throwaway email accounts. Now a new service offers to help dramatically cut costs associated with large-scale spam and account creation campaigns, by paying people to sell their email account credentials and letting customers temporarily rent access to a vast pool of established accounts at major providers.

Independent Krebs

Ask Fitis, the Bear: Real Crooks Sign Their Malware

June 1, 2023 admin 165540027, 774748@gmail.com, akafitis@gmail.com, Breadcrumbs, code-signing certificates, constella intelligence, DomainTools.com, featar24, fitis, Flashpoint, glavmed, Intel 471, konstantin evgenievich fetisov, megatraffer, Ne'er-Do-Well News, o.r.z., Spamit, spampage@yandex.ru

Credit to Author: BrianKrebs| Date: Thu, 01 Jun 2023 16:15:34 +0000

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. This post is a deep dive on “Megatraffer,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015.

Independent Krebs

Discord Admins Hacked by Malicious Bookmarks

May 30, 2023 admin aura network, berk yilmaz, bookmarklets, Breadcrumbs, Latest Warnings, levatax, metrixcoin, nahmii, nicholas scavuzzo, ocean protocol, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 31 May 2023 00:19:17 +0000

A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark.

Independent Krebs

Phishing Domains Tanked After Meta Sued Freenom

May 26, 2023 admin A Little Sunshine, awpg ecrime exchange, dave piscitello, freenom, interisle consulting group, Mastodon, meta, Namecheap, openphish, phishtank, spamhaus

Credit to Author: BrianKrebs| Date: Fri, 26 May 2023 16:37:15 +0000

The number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit from social networking giant Meta, which alleged the free domain name provider has a long history of ignoring abuse complaints about phishing websites while monetizing traffic to those abusive domains.

Independent Krebs

Interview With a Crypto Scam Investment Spammer

May 22, 2023 admin arkose labs, Breadcrumbs, constella intelligence, domaintools, edgard011012@gmail.com, lolzteam, Mastodon, mondi group, moonxtrade, msr-sergey2015@yandex.ru, Ne'er-Do-Well News, quot.pw, renaud chaput, sergey proshutinskiy, tgm, Twitter, Web Fraud 2.0, ципа

Credit to Author: BrianKrebs| Date: Tue, 23 May 2023 00:15:30 +0000

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. What follows is an interview with a Russian hacker responsible for a series of aggressive crypto spam campaigns that recently prompted several large Mastodon communities to temporarily halt new registrations. According to the hacker, their spam software has been in private use until the last few weeks, when it was released as open source code.

Independent Krebs

Russian Hacker “Wazawaka” Indicted for Ransomware

May 16, 2023 admin babuk ransomware, boriselcin, hive ransomware, lockbit ransomware, mikhail pavolovich matveev, Ne'er-Do-Well News, orange, ramp, uhodiransomwar, wazawaka

Credit to Author: BrianKrebs| Date: Tue, 16 May 2023 21:33:43 +0000

A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and vocal member of several top ransomware groups was the subject of two indictments unsealed by the Justice Department today. U.S. prosecutors say Mikhail Pavolovich Matveev, a.k.a. “Wazawaka” and “Boriselcin” worked with three different ransomware gangs that extorted hundreds of millions of dollars from companies, schools, hospitals and government agencies.

Independent Krebs

Re-Victimization from Police-Auctioned Cell Phones

May 16, 2023 admin A Little Sunshine, dave levin, graykey, propertyroom.com, University of Maryland

Credit to Author: BrianKrebs| Date: Tue, 16 May 2023 12:20:58 +0000

Countless smartphones seized in arrests and searches by police forces across the United States are being auctioned online without first having the data on them erased, a practice that can lead to crime victims being re-victimized, a new study found. In response, the largest online marketplace for items seized in U.S. law enforcement investigations says it now ensures that all phones sold through its platform will be data-wiped prior to auction.

Independent Krebs

Microsoft Patch Tuesday, May 2023 Edition

May 11, 2023 admin adam barnett, blacklotus, cve-2023-24932, cve-2023-24941, cve-2023-28283, cve-2023-29325, cve-2023-29336, immersive labs, kevin breen, Rapid7, sans internet storm center, Time to Patch

Credit to Author: BrianKrebs| Date: Wed, 10 May 2023 01:19:58 +0000

Microsoft today released software updates to fix at least four dozen security holes in its Windows operating systems and other software, including patches for two zero-day vulnerabilities that are already being exploited in active attacks.