Cybercriminals Exploit Docusign With Customizable Phishing Templates
Cybercriminals are abusing Docusign by selling customizable phishing templates on cybercrime forums, allowing attackers to steal credentials for phishing…
DDoS platform shut down by international law enforcement agencies
International law enforcement authorities have shut down a DDoS-as-a-service platform and seized its domain.
Ransomware payments drop to record low of 28% in Q1 2024
Ransomware actors have had a rough start this year, as stats from cybersecurity firm Coveware show that the trend of victims declining to pay the cybercriminals continues and has now reached a new record low of 28%.
The Fall of LabHost: Law Enforcement Shuts Down Phishing Service Provider | Trend Micro (US)
On Thursday, April 18, 2024, the UK’s Metropolitan Police Service, along with fellow UK and international law enforcement, as well as several trusted private industry partners, conducted an operation that succeeded in taking down the Phishing-as-a-Service (PhaaS) provider LabHost. This move was also timed to coincide with a number of key arrests related to this operation. In this entry, we will briefly explain what LabHost was, how it affected its victims, and the impact of this law enforcement operation — including the assistance provided by Trend Micro.
Cybercrime: The Office of the Attorney General of Switzerland files an indictment in connection with a number of cases of social engineering, in particular of bogus bank technician scams
On 4 April 2024, the Office of the Attorney General of Switzerland has filed an indictment in the Federal Criminal Court against a French-Israeli citizen in connection with a series of cybercrime attacks carried out against Swiss companies. The defendant is accused of taking an active part in numerous cases of social engineering, particularly bogus bank technician scams, contributing decisively to the misappropriation of more than CHF 5 million from the bank accounts of various companies based in Switzerland.
‘The Manipulaters’ Improve Phishing, Still Fail at Opsec
Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called "The Manipulaters," a sprawling web hosting network of phishing and spam delivery platforms. In January 2024, The Manipulaters pleaded with this author to unpublish previous stories about their work,…
Suisse: Le Team a été hackée, ce qu'on sait sur le ransomware
Un groupe de hackers russe a volé près de 200 Go de données à une entreprise de placement suisse et les a divulgués sur le darknet.
EU capitals fear Russian retaliation and cyberattacks after asset freezes
G7 is drafting a workaround to use frozen assets to rebuild Ukraine.
The biggest cybersecurity and cyberattack stories of 2023
2023 was a big year for cybersecurity, with significant cyberattacks, data breaches, new threat groups emerging, and, of course, zero-day vulnerabilities.
USD 300 million seized and 3,500 suspects arrested in international financial crime operation
Operation HAECHI IV emphasizes the key role of INTERPOL in enabling police worldwide to address the growing complexity of cyber-enabled scams
Pourquoi les hackers russes sont plus dangereux que jamais
Des experts en sécurité informatique ont enquêté sur un piratage, jusqu'alors inconnu, du groupe «Sandworm» sur le réseau électrique ukrainien.
How Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate Cybercrime
In recent years, cybercriminals have become increasingly professional — fraudsters have consistently been improving their skills, making less crucial mistakes, and creating various “as-a-service” businesses to help lower-skilled threat actors launch scams and attacks, allowing the latter to run full cybercrime operations. There are different types of cybercrime services that exist today, including malware-as-a-service, where cybercriminals develop and sell malware services to other malicious actors; the service also includes creating and spreading malware types such as ransomware on compromised hosts. Meanwhile, other services require the use of multiple social media accounts to be successfully carried out, such as misinformation, spamming, and malware propagation. Indeed, it’s not uncommon for cybercriminals to send thousands of spam messages using thousands of accounts on social media platforms. But how do they manage to automate all of it?
Users of cybercrime forums often fall victim to info-stealers, researchers find
After analyzing millions of computers infected with info-stealing malware, researchers at Hudson Rock said they identified 120,000 that contained credentials used for logging into cybercrime forums.
WormGPT: New AI Tool Allows Cybercriminals to Launch Sophisticated Cyber Attacks
A new generative AI cybercrime tool called WormGPT is making waves in underground forums. It empowers cybercriminals to automate phishing attacks.
Suspected key figure of notorious cybercrime group arrested in joint operation
Operation Nervone has dealt a significant blow to the OPERA1ER group.
TAG Aviation: Black Basta pirate une compagnie romande
La société TAG Aviation a été victime d'une attaque par ransomware. Les recherches de watson révèlent que Black Basta est à l'origine de cette attaque.
Wave of Arrests Hits Cybercriminals
Cyble reflects on the identification of a forum administrator and two cybercriminals and how it impacts the wider cybercrime ecosystem.
Wave of Arrests Hits Cybercriminals
Cyble reflects on the identification of a forum administrator and two cybercriminals and how it impacts the wider cybercrime ecosystem.
How ChatGPT can turn anyone into a ransomware and malware threat actor
Ever since OpenAI launched ChatGPT at the end of November, commentators on all sides have been concerned about the impact AI-driven content-creation will have, particularly in the realm of cybersecurity. In fact, many researchers are concerned that generative AI solutions will democratize cybercrime.
How ChatGPT can turn anyone into a ransomware and malware threat actor
Ever since OpenAI launched ChatGPT at the end of November, commentators on all sides have been concerned about the impact AI-driven content-creation will have, particularly in the realm of cybersecurity. In fact, many researchers are concerned that generative AI solutions will democratize cybercrime.
Scammers Are Scamming Other Scammers Out of Millions of Dollars
On cybercrime forums, user complaints about being duped may accidentally expose their real identities.
Scammers Are Scamming Other Scammers Out of Millions of Dollars
On cybercrime forums, user complaints about being duped may accidentally expose their real identities.
Six months into Breached: The legacy of RaidForums?
On March 14, 2022, a new English-language cybercrime forum called Breached (also known as BreachForums) launched, as a response to the closure and seizure of the popular RaidForums. Breached was launched with the same design by the threat actor “pompompurin” as “an alternative to RaidForums,” offering large-scale database leaks, login credentials, adult content, and hacking tools.
Six months into Breached: The legacy of RaidForums?
On March 14, 2022, a new English-language cybercrime forum called Breached (also known as BreachForums) launched, as a response to the closure and seizure of the popular RaidForums. Breached was launched with the same design by the threat actor “pompompurin” as “an alternative to RaidForums,” offering large-scale database leaks, login credentials, adult content, and hacking tools.
Kaspersky report on Luna and Black Basta ransomware
This report discusses new ransomware, that targets Windows, Linux and ESXi systems: Luna written in Rust and Black Basta.
Kaspersky report on Luna and Black Basta ransomware
This report discusses new ransomware, that targets Windows, Linux and ESXi systems: Luna written in Rust and Black Basta.
Kaspersky report on Luna and Black Basta ransomware
This report discusses new ransomware, that targets Windows, Linux and ESXi systems: Luna written in Rust and Black Basta.
The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs
We want to familiarize the reader with the different stages of ransomware deployment and provide a visual guide to defending against targeted ransomware attacks.
The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs
We want to familiarize the reader with the different stages of ransomware deployment and provide a visual guide to defending against targeted ransomware attacks.
The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs
We want to familiarize the reader with the different stages of ransomware deployment and provide a visual guide to defending against targeted ransomware attacks.