cybercrime
Hacker ‘IntelBroker’ charged in US for global data theft breaches
A British national known online as “IntelBroker” has been charged by the U.S. for stealing and selling sensitive data from victims worldwide, causing an estimated $25 million in damages. The indictment, revealed today by the U.S. Attorney’s Office for the Southern District of New York, accuses Kai West, a 25-year-old British man, of using the handle […]
Microsoft and CrowdStrike partner to link hacking group names
Microsoft and CrowdStrike announced today that they’ve partnered to connect the aliases used for specific threat groups without actually using a single naming standard. As the two companies explained on Monday, this will be done by mapping (or linking) the different names their security analysts use for each group they track. Microsoft has updated its threat […]
‘Russian Market’ emerges as a go-to shop for stolen credentials
The “Russian Market” cybercrime marketplace has emerged as one of the most popular platforms for buying and selling credentials stolen by information stealer malware. Although the marketplace has been active for roughly six years and became relatively popular by 2022, ReliaQuest reports that the Russian Market has recently reached new heights. Part of this surge in popularity is […]
Kosovo extradites BlackDB admin to face US cybercrime charges
A Kosovo national has been extradited to the United States to face charges of running an online cybercrime marketplace active since 2018. Kosovar authorities arrested the 33-year-old Liridon Masurica (also known as @blackdb) on December 14th, 2024, and he was extradited to the United States earlier this month, on May 9th. Masurica was detained following […]
FBI: US lost record $16.6 billion to cybercrime in 2024
The FBI says cybercriminals have stolen a record $16,6 billion in 2024, marking an increase in losses of over 33% compared to the previous year. According to the bureau’s annual Internet Crime Complaint Center (IC3) report, IC3 recorded 859,532 complaints last year (256,256 with actual loss), amounting to an average loss of $19,372. The most impacted […]
Cybersecurity firm buying hacker forum accounts to spy on cybercriminals
Swiss cybersecurity firm Prodaft has launched a new initiative called ‘Sell your Source’ where the company purchases verified and aged accounts on hacking forums to to spy on cybercriminals. The goal is to use these accounts to infiltrate cybercrime spaces and communities, collecting valuable intelligence that could lead to the exposure of malicious operations and platforms. […]
EncryptHub’s dual life: Cybercriminal vs Windows bug-bounty researcher
EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling the line between cybercrime and security research. The reported vulnerabilities are CVE-2025-24061 (Mark of the Web bypass) and CVE-2025-24071 (File Explorer spoofing), which Microsoft addressed during the March 2025 Patch Tuesday updates, acknowledging the […]
CISA warns of Fast Flux DNS evasion used by cybercrime gangs
CISA, the FBI, the NSA, and international cybersecurity agencies are calling on organizations and DNS providers to mitigate the “Fast Flux” cybercrime evasion technique used by state-sponsored threat actors and ransomware gangs. Although the technique isn’t new, its effectiveness has been documented and proven repeatedly in actual cyberattacks. How Fast Flux helps with evasion Fast Flux is a DNS […]
New Atlantis AIO platform automates credential stuffing on 140 services
A new cybercrime platform named ‘Atlantis AIO’ provides an automated credential stuffing service against 140 online platforms, including email services, e-commerce sites, banks, and VPNs. Specifically, Atlantis AIO features pre-configured modules for these services to perform brute force attacks, bypass CAPTCHAs, automate account recovery processes, and monetize stolen credentials/accounts. Credential stuffing and automation Credential stuffing […]
Police arrests 300 suspects linked to African cybercrime rings
African law enforcement authorities have arrested 306 suspects as part of ‘Operation Red Card,’ an INTERPOL-led international crackdown targeting cross-border cybercriminal networks. Between November 2024 and February 2025, authorities seized 1,842 devices allegedly used in mobile banking, investment, and messaging app scams linked to over 5,000 victims. “Ahead of the operation, countries exchanged criminal intelligence on key targets. This […]