Search Results for: cybercrime
US charges five linked to Scattered Spider cybercrime gang
The U.S. Justice Department has charged five suspects believed to be part of the financially motivated Scattered Spider cybercrime gang with conspiracy to commit wire fraud. Between September 2021 and April 2023, they were able to steal millions from cryptocurrency wallets using victims’ credentials stolen in SMS phishing attacks targeting dozens of targets, including both individuals […]
Botnet fueling residential proxies disrupted in cybercrime crackdown
The Ngioweb botnet, which supplies most of the 35,000 bots in the cybercriminal NSOCKS proxy service, is being disrupted as security companies block traffic to and from the two networks. Following an investigation of more than one year, researchers identified the complete architecture and traffic of the Ngioweb botnet proxy server, which was first observed in […]
Interpol disrupts cybercrime activity on 22,000 IP addresses, arrests 41
Interpol announced it arrested 41 individuals and taken down 1,037 servers and infrastructure running on 22,000 IP addresses facilitating cybercrime in an international law enforcement action titled Operation Synergia II. The operation took place between April and August 2024, spanning 95 countries and resulting in 41 arrests of those linked to various crimes, including ransomware, […]
Greasy Opal’s CAPTCHA solver still serving cybercrime after 16 years
A developer that researchers now track as Greasy Opal, operating as a seemingly legitimate business, has been fueling the cybercrime-as-a-service industry with a tool that bypasses account security solutions and allows bot-led CAPTCHA solving at scale. Greasy Opal has been active for more nearly two decades and tailors its tools based on customers’ targeting needs. […]
Cyberattack at French hospital exposes health data of 750,000 patients
A data breach at an unnamed French hospital exposed the medical records of 750,000 patients after a threat actor gained access to its electronic patient record system. A threat actor using the nickname ‘nears’ (previously near2tlg) claimed to have attacked multiple healthcare facilities in France, alleging that they have access to the patient records of over […]
New Ghost Tap attack abuses NFC mobile payments to steal money
Cybercriminals have devised a novel method to cash out from stolen credit card details linked to mobile payment systems such as Apple Pay and Google Pay, dubbed ‘Ghost Tap,’ which relays NFC card data to money mules worldwide. The tactic builds upon the methods previously deployed by mobile malware like NGate, documented by ESET in August, […]
US charges Phobos ransomware admin after South Korea extradition
Evgenii Ptitsyn, a Russian national and suspected administrator of the Phobos ransomware operation, was extradited from South Korea and is facing cybercrime charges in the United States. Phobos is a long-running ransomware-as-a-service (RaaS) operation (derived from the Crysis ransomware family) widely distributed through many affiliates. Between May 2024 and November 2024, it accounted for roughly 11% of all […]
Fake AI video generators infect Windows, macOS with infostealers
Fake AI image and video generators infect Windows and macOS with the Lumma Stealer and AMOS information-stealing malware, used to steal credentials and cryptocurrency wallets from infected devices. Lumma Stealer is a Windows malware and AMOS is for macOS, but both steal cryptocurrency wallets and cookies, credentials, passwords, credit cards, and browsing history from Google Chrome, […]
New Ymir ransomware partners with RustyStealer in attacks
A new ransomware family called ‘Ymir’ has been spotted in the wild, encrypting systems that were previously compromised by the RustyStealer infostealer malware. RustyStealer is a known malware family first documented in 2021, but its appearance with ransomware demonstrates another example of the recent trend of cybercrime operations working together. According to Kaspersky researchers who discovered Ymir during an incident […]
Amazon confirms employee data breach after vendor hack
Amazon confirmed a data breach involving employee information after data allegedly stolen during the May 2023 MOVEit attacks was leaked on a hacking forum. The threat actor behind this data leak, known as Nam3L3ss, published over 2.8 million lines of Amazon employee data, including names, contact information, building locations, email addresses, and more. Amazon spokesperson Adam […]