A Little Sunshine – Computer Security Articles

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

January 16, 2025 admin 0 Comments @chenlun, A Little Sunshine, csis security group, ezdrivema, FBI, ford merrill, ic3, iMessage, Latest Warnings, Lighthouse, massdot, north texas toll authority, rcs, secalliance, smishing, sms phishing, sunpass, the toll roads, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 16 Jan 2025 21:18:48 +0000

Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass, warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes it simple to set up convincing lures spoofing toll road operators in multiple U.S. states.

Independent Krebs

A Day in the Life of a Prolific Voice Phishing Crew

January 7, 2025 admin 800-275-2273, A Little Sunshine, Allison Nixon, aristotle, autodoxers, Coinbase, crypto chameleon, discord, domaintools, Latest Warnings, lookout, mark cuban, Okta, perm, shark tank, star fraud, stotle, telegram, The Coming Storm, trezor, unit 221b, voice phishing, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 07 Jan 2025 23:41:53 +0000

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang show the group routinely abuses legitimate services at Apple and Google to force a variety of outbound communications to their users, including emails, automated phone calls and system-level messages sent to all signed-in devices.

Independent Krebs

U.S. Army Soldier Arrested in AT&T, Verizon Extortions

December 30, 2024 admin A Little Sunshine, Allison Nixon, cameron john wagenius, connor riley moucka, judische, kiberphant0m, Ne'er-Do-Well News, unit 221b

Credit to Author: BrianKrebs| Date: Tue, 31 Dec 2024 04:05:51 +0000

Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from AT&T and Verizon. As first reported by KrebsOnSecurity last month, the accused is a communications specialist who was recently stationed in South Korea.

Independent Krebs

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

December 19, 2024 admin A Little Sunshine, acunetix, altug sara, altugsara321@gmail.com, araneida scanner, bilitro yazilim, Breadcrumbs, domaintools, FIN7, invicti security, matt sciberras, Ne'er-Do-Well News, neil roseman, ori0nbusiness@protonmail.com, silent push, The Coming Storm, u.s. department of health and human services, zach edwards

Credit to Author: BrianKrebs| Date: Thu, 19 Dec 2024 17:07:30 +0000

Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix, a powerful commercial web app vulnerability scanner, new research finds. The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey.

Independent Krebs

How to Lose a Fortune with Just One Bad Click

December 18, 2024 admin (650) 203-0000, A Little Sunshine, Coinbase, daniel from google, gemini ai, Google Assistant, google docs, google forms, google photos, graham cluely, junseth, Latest Warnings, Minecraft, Ne'er-Do-Well News, swancoin, trezor, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 18 Dec 2024 13:17:59 +0000

Adam Griffin is still in disbelief over how quickly he was robbed of nearly $500,000 in cryptocurrencies. A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click “yes” to a Google prompt on his mobile device.

Independent Krebs

How Cryptocurrency Turns to Cash in Russian Banks

December 11, 2024 admin A Little Sunshine, binance, blaven technologies, Breadcrumbs, chainalysis, CloudFlare, cryptomus, ctv news, fintrac, icon tech sro, investigative journalism foundation, mezhundarondnaya ibu sro, peter german, pq hosting, RCMP, richard sanders, russia's war on ukraine, vira krychka, Web Fraud 2.0, ws management and advisory corporation ltd, xeltox enterprises

Credit to Author: BrianKrebs| Date: Wed, 11 Dec 2024 21:38:48 +0000

A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. Meanwhile, an investigation into the Vancouver street address used by this company shows it is home to dozens of foreign currency dealers, money transfer businesses, and cryptocurrency exchanges — none of which are physically located there.

Independent Krebs

Why Phishers Love New TLDs Like .shop, .top and .xyz

December 3, 2024 admin @chenlun, A Little Sunshine, and mobile anti-abuse working group, Anti-Phishing Working Group, coalition against unsolicited commercial email, ICANN, interisle consulting, Internet Corporation for Assigned Names and Numbers, John Levine, Latest Warnings, malware, messaging, new gtlds, phishing, spam, The Coming Storm, U.S. Postal Service

Credit to Author: BrianKrebs| Date: Tue, 03 Dec 2024 13:27:31 +0000

Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees the domain name industry is moving forward with plans to introduce a slew of new gTLDs.

Independent Krebs

Hacker in Snowflake Extortions May Be a U.S. Soldier

November 26, 2024 admin A Little Sunshine, AT&T, boxfan, buttholio, connor riley moucka, cyb3rph4nt0m, ddos-for-hire, john erin binns, judische, kiberphant0m, naver, Ne'er-Do-Well News, proman557, ransomware, reverseshell, shi-bot, snowflake, South korea, telekomterrorist, The Coming Storm, vars_secc, Verizon, waifu

Credit to Author: BrianKrebs| Date: Wed, 27 Nov 2024 00:45:48 +0000

Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect — a prolific hacker known as Kiberphant0m — remains at large and continues to publicly extort victims. However, this person’s identity may not remain a secret for long: A careful review of Kiberphant0m’s daily chats across multiple cybercrime personas suggests they are a U.S. Army soldier who is or was recently stationed in South Korea.

← Previous