DomainTools.com – Page 2 – Computer Security Articles

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

September 27, 2023 admin @htmalgae, 8base ransomware, atomicstealer, Breadcrumbs, data breaches, DomainTools.com, google.com, Malwarebytes, microsoft teams, mihail kolesnikov, Ne'er-Do-Well News, ransomware, rilide, Trustwave Spiderlabs

Credit to Author: BrianKrebs| Date: Wed, 27 Sep 2023 11:48:37 +0000

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams, Adobe Reader, Mozilla Thunderbird, and Discord.

Independent Krebs

Who and What is Behind the Malware Proxy Service SocksEscort?

July 25, 2023 admin A Little Sunshine, adrian crismaru, avrecon, black lotus labs, DomainTools.com, Intel471, Internet of Things (IoT), lumen, riley kilmer, socksescort, spur.us, Web Fraud 2.0, wiremo

Credit to Author: BrianKrebs| Date: Tue, 25 Jul 2023 21:20:55 +0000

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort, which rents hacked residential and small business devices to cybercriminals looking to hide their true location online.

Independent Krebs

Ask Fitis, the Bear: Real Crooks Sign Their Malware

June 1, 2023 admin 165540027, 774748@gmail.com, akafitis@gmail.com, Breadcrumbs, code-signing certificates, constella intelligence, DomainTools.com, featar24, fitis, Flashpoint, glavmed, Intel 471, konstantin evgenievich fetisov, megatraffer, Ne'er-Do-Well News, o.r.z., Spamit, spampage@yandex.ru

Credit to Author: BrianKrebs| Date: Thu, 01 Jun 2023 16:15:34 +0000

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. This post is a deep dive on “Megatraffer,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015.

Independent Krebs

A Serial Tech Investment Scammer Takes Up Coding?

April 3, 2023 admin A Little Sunshine, alan john mykhailov, blackstone corporate alliance ltd, Breadcrumbs, codestoyou, colette davies, david bruno, DomainTools.com, drydennow.com, igor gubskyi, igor hubskyi, iryna davies, john bernard, john clifton davies, maria yakovleva, mariya kulikova, mysolve, Ne'er-Do-Well News, safeswiss secure communication ag, secure swiss data, the inside knowledge gmbh

Credit to Author: BrianKrebs| Date: Mon, 03 Apr 2023 16:13:42 +0000

John Clifton Davies, a 60-year-old con man from the United Kingdom who fled the country in 2015 before being sentenced to 12 years in prison for fraud, has enjoyed a successful life abroad swindling technology startups by pretending to be a billionaire investor. Davies’ newest invention appears to be “CodesToYou,” which purports to be a “full cycle software development company” based in the U.K.

Independent Krebs

The Case for Limiting Your Browser Extensions

March 17, 2020 admin 212b3d4039ab5319ec.js, blue shield of california, Breadcrumbs, cndpps, DomainTools.com, frankomedison1020@gmail.com, icontent, linkojager, metrext, monetizus, page ruler extension, peter newnham, thisadsfor

Credit to Author: BrianKrebs| Date: Tue, 03 Mar 2020 15:39:53 +0000

Last week, KrebsOnSecurity reported to health insurance provider Blue Shield of California that its Web site was flagged by multiple security products as serving malicious content. Blue Shield quickly removed the unauthorized code. An investigation determined it was injected by a browser extension installed on the computer of a Blue Shield employee who’d edited the Web site in the past month. The incident is a reminder that browser extensions — however useful or fun they may seem when you install them — typically have a great deal of power and can effectively read and/or write all data in your browsing sessions. And as we’ll see, it’s not uncommon for extension makers to sell or lease their user base to shady advertising firms, or in some cases abandon them to outright cybercriminals.

Independent Krebs

French Firms Rocked by Kasbah Hacker?

March 2, 2020 admin +212611604438, 4iq.com, Breadcrumbs, DomainTools.com, fatal.001, fatalw01, Hyas, hyas.com, ing.equipepro@gmail.com, njRAT, sasha angus, talainine.com, yamosoft, yassine algangaf, yassine majidi

Credit to Author: BrianKrebs| Date: Mon, 02 Mar 2020 18:07:16 +0000

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. The individual thought to be involved has earned accolades from the likes of Apple, Dell, and Microsoft for helping to find and fix security vulnerabilities in their products.

Independent Krebs

Hackers Sell Access to Bait-and-Switch Empire

March 4, 2019 admin A Little Sunshine, arrestrecords.us.org, autohistorychecks.com, backgroundchecks.us.org, Breadcrumbs, carhistory.us.org, carhistoryindex.com, carinfo2.com, carrecordusa.com, census.us.org, courtrecords.us.org, criminalrecords.us.org, data breaches, deathcertificates.us.org, deathrecord.com, deathrecords.us.org, dmv.us.org, dmvinfocheck.com, dmvrecords.co, DomainTools.com, homevalue.us.org, intel471.com, jailinmates.us.org, Jason Oster, Jesse Willms, Latest Warnings, memberreportaccess.com, Mike Stef, mugshots.us.org, myfeeplan.com, myinfobill.com, Ne'er-Do-Well News, Penguin Marketing, Peter Graver, phonelookup.us.org, police.us.org, prison.us.org, propertyrecord.com, propertysearch.us.org, publicrecords.us.org, reversephonelookup.us.org, Taylor Clark, Terra Marketing Group, The Atlantic, The Coming Storm, The Dark Overlord, trafficticket.us.org, vehiclehistoryreports.us.org, vehiclereportusa.com, vinsearchusa.org, warrantcheck.com

Credit to Author: BrianKrebs| Date: Mon, 04 Mar 2019 22:11:33 +0000

Cybercriminals are auctioning off access to customer information stolen from an online data broker behind a dizzying array of bait-and-switch Web sites that sell access to a vast range of data on U.S. consumers, including DMV and arrest records, genealogy reports, phone number lookups and people searches. In an ironic twist, the marketing empire that owns the hacked online properties appears to be run by a Canadian man who’s been sued for fraud by the U.S. Federal Trade Commission, Microsoft and Oprah Winfrey, to name a few.

Independent Krebs

Trump’s Dumps: ‘Making Dumps Great Again’

May 25, 2017 admin dark web, DomainTools.com, Home Depot breach, Magento, McDumpals, OpenCart, Other, Powerfront, rescator, RiskIQ, rudneva-y@mail.ua, Sally Beauty breach, target breach, Tor, Trump's-Dumps, U.S. Secret Service, U.S. Senate GOP Senatorial Committee hack

Credit to Author: BrianKrebs| Date: Fri, 26 May 2017 04:45:24 +0000

It’s not uncommon for crooks who peddle stolen credit cards to seize on iconic American figures of wealth and power in the digital advertisements for these shops that run continuously on various cybercrime forums. Exhibit A: McDumpals, a hugely popular carding site that borrows the Ronald McDonald character from McDonald’s and caters to bulk buyers. Exhibit B: Uncle Sam’s dumps shop, which wants YOU! to buy American. Today, we’ll look at an up and coming credit card shop called Trump’s-Dumps, which invokes 45’s likeness and promises to “make credit card fraud great again.”