Legal
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster
The Dutch Police (Politie) dismantled the ZServers/XHost bulletproof hosting operation after taking offline 127 servers used by the illegal platform. Earlier this week, the authorities in the United States, Australia, and the United Kingdom, announced sanctions against the same bulletproof hosting provider for its involvement in cybercrime operations. Specifically, the operators of Zservers were accused of facilitating LockBit ransomware […]
US indicts 8Base ransomware operators for Phobos encryption attacks
The U.S. Justice Department announced the names of two Phobos ransomware affiliates arrested yesterday in Thailand, charging them on 11 counts due to their involvement in more than a thousand cyberattacks. The two men, Roman Berezhnoy (33) and Egor Nikolaevich Glebov (39) are both Russian citizens, active in the ransomware space between May 2019 and at least […]
Sky ECC encrypted service distributors arrested in Spain, Netherlands
Four distributors of the encrypted communications service Sky ECC, used extensively by criminals, were arrested in Spain and the Netherlands. According to an announcement by the Spanish police, the two suspects arrested in the country were the leading global distributors of the service, generating over €13.5 million ($14M) in profits. Investigation into the communications service, […]
Police arrests 2 Phobos ransomware suspects, seizes 8Base sites
A global law enforcement operation targeting the Phobos ransomware gang has led to the arrest of two suspected hackers in Phuket, Thailand, and the seizure of 8Base’s dark web sites. The suspects are accused of conducting cyberattacks on over 1,000 victims worldwide. The arrested individuals, two Russian men, reportedly extorted $16,000,000 worth of Bitcoin from their […]
Spain arrests suspected hacker of US and Spanish military agencies
The Spanish police have arrested a suspected hacker in Alicante for allegedly conducting 40 cyberattacks targeting critical public and private organizations, including the Guardia Civil, the Ministry of Defense, NATO, the US Army, and various universities. Spanish media reports that the suspect was brought before a court and subsequently released after having his passport confiscated to prevent him […]
KuCoin to pay nearly $300 million in penalties after guilty plea
KuCoin’s operator, PEKEN Global Limited, pleaded guilty to operating an unlicensed money-transmitting business and agreed to pay $297 million in penalties to settle charges in the U.S. The cryptocurrency exchange was charged in March 2024 for its failure to implement the required anti-money laundering (AML) requirements, allowing cybercriminals to use the platform to launder their proceeds. According […]
PayPal to pay $2 million settlement over 2022 data breach
New York State has announced a $2,000,000 settlement with PayPal over charges it failed to comply with the state’s cybersecurity regulations, leading to a 2022 data breach. The Department of Financial Services (DFS) action says that threat actors took advantage of security gaps in PayPal’s systems to conduct credential stuffing attacks that provided access to sensitive […]
FTC orders GM to stop collecting and selling driver’s data
The Federal Trade Commission (FTC) is taking action against General Motors (GM) and its subsidiary, OnStar, for unlawful collection and selling drivers’ precise geolocation and driving behavior data from millions of vehicles. The U.S. government organization proposes a settlement in which the automotive giant will be barred from sharing drivers’ sensitive data for five years. The car […]
US sanctions Chinese firm, hacker behind telecom and Treasury hacks
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Yin Kecheng, a Shanghai-based hacker for his role in the recent Treasury breach and a company associated with the Salt Typhoon threat group. “Yin Kecheng has been a cyber actor for over a decade and is affiliated with the People’s Republic […]
GDPR complaints filed against TikTok, Temu for sending user data to China
Non-profit privacy advocacy group “None of Your Business” (noyb) has filed six complaints against TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi, for unlawfully transferring European user’s data to China and infringing European Union’s general data protection regulation (GDPR). Founded by Austrian privacy activist Max Schrems, NOYB works through legal action against companies that violate users’ privacy rights, particularly in […]