Cyber Security News On The Web

Who Wrote the ALPHV/BlackCat Ransomware Strain?

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “BlackCat“), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. In this post,...

Scary Fraud Ensues When ID Theft & Usury Collide

What’s worse than finding out that identity thieves took out a 546 percent interest payday loan in your name? How about a 900 percent interest loan? Or how about not learning of the fraudulent loan until it gets handed off to collection agents? One...

Crime Shop Sells Hacked Logins to Other Crime Shops

Up for the “Most Meta Cybercrime Offering” award this year is Accountz Club, a new cybercrime store that sells access to purloined accounts at services built for cybercriminals, including shops peddling stolen payment cards and identities, spamming tools,...

read more

IRS Will Soon Require Selfies for Online Access

If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says that by the summer of 2022, the only way to log in to irs.gov will be through ID.me,...

read more

Who is the Network Access Broker ‘Wazawaka?’

In a great many ransomware attacks, the criminals who pillage the victim’s network are not the same crooks who gained the initial access to the victim organization. More commonly, the infected PC or stolen VPN credentials the gang used to break in were purchased...

read more

‘Wormable’ Flaw Leads January 2022 Patch Tuesday

Microsoft today released updates to plug nearly 120 security holes in Windows and supported software. Six of the vulnerabilities were publicly detailed already, potentially giving attackers a head start in figuring out how to exploit them in unpatched systems. More...

read more

500M Avira Antivirus Users Introduced to Cryptomining

Many readers were surprised to learn recently that the popular Norton 360 antivirus suite now ships with a program which lets customers make money mining virtual currency. But Norton 360 isn’t alone in this dubious endeavor: Avira antivirus — which has...

read more

Norton 360 Now Comes With a Cryptominer

Norton 360, one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers. Norton’s parent firm says the cloud-based service that activates the program and allows customers to...

read more

Happy 12th Birthday, KrebsOnSecurity.com!

KrebsOnSecurity.com celebrates its 12th anniversary today! Maybe “celebrate” is too indelicate a word for a year wracked by the global pandemics of COVID-19 and ransomware. Especially since stories about both have helped to grow the audience here...

read more

NY Man Pleads Guilty in $20 Million SIM Swap Theft

A 24-year-old New York man who bragged about helping to steal more than $20 million worth of cryptocurrency from a technology executive has pleaded guilty to conspiracy to commit wire fraud. Nicholas Truglia was part of a group alleged to have stolen more than $100...

read more

Microsoft Patch Tuesday, December 2021 Edition

Microsoft, Adobe, and Google all issued security updates to their products today. The Microsoft patches include six previously disclosed security flaws, and one that is already being actively exploited. But this month’s Patch Tuesday is overshadowed by the...

read more

Inside Ireland’s Public Healthcare Ransomware Scare

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. The unusually candid post-mortem found that nearly two months elapsed between the...

read more

Canada Charges Its “Most Prolific Cybercriminal”

A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. Canadian authorities describe him as “the...

read more

Who Is the Network Access Broker ‘Babam’?

Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials — such as usernames and passwords...

read more

The Internet is Held Together With Spit & Baling Wire

A visualization of the Internet made using network routing data. Image: Barrett Lyon, opte.org. Imagine being able to disconnect or redirect Internet traffic destined for some of the world’s biggest companies — just by spoofing an email. This is the nature...

read more

Arrest in ‘Ransom Your Employer’ Email Scheme

In August, KrebsOnSecurity warned that scammers were contacting people and asking them to unleash ransomware inside their employer’s network, in exchange for a percentage of any ransom amount paid by the victim company. This week, authorities in Nigeria arrested...

read more

Tech CEO Pleads to Wire Fraud in IP Address Scheme

The CEO of a South Carolina technology firm has pleaded guilty to 20 counts of wire fraud in connection with an elaborate network of phony companies set up to obtain more than 735,000 Internet Protocol (IP) addresses from the nonprofit organization that leases the...

read more

Hoax Email Blast Abused Poor Coding in FBI Website

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. According to an interview with the person who claimed responsibility for the...

read more

SMS About Bank Fraud as a Pretext for Voice Phishing

Most of us have probably heard the term “smishing” — which is a portmanteau for traditional phishing scams sent through SMS text messages. Smishing messages usually include a link to a site that spoofs a popular bank and tries to siphon personal...

read more