The Stark Truth Behind the Resurgence of Russia’s Fin7

Credit to Author: BrianKrebs| Date: Wed, 10 Jul 2024 16:22:59 +0000

The Russia-based cybercrime group dubbed “Fin7,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 — setting up thousands of websites mimicking a range of media and technology companies — with the help of Stark Industries Solutions, a sprawling hosting provider is a persistent source of cyberattacks against enemies of Russia.

Read more

Microsoft Patch Tuesday, July 2024 Edition

Credit to Author: BrianKrebs| Date: Tue, 09 Jul 2024 19:50:33 +0000

Microsoft Corp. today issued software updates to plug 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users.

Read more

The Not-So-Secret Network Access Broker x999xx

Credit to Author: BrianKrebs| Date: Wed, 03 Jul 2024 16:41:34 +0000

Most accomplished cybercriminals go out of their way to separate their real names from their hacker handles. But among certain old-school Russian hackers it is not uncommon to find major players who have done little to prevent people from figuring out who they are in real life. A case study in this phenomenon is “x999xx,” the nickname chosen by a venerated Russian hacker who specializes in providing the initial network access to various ransomware groups.

Read more

KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO

Credit to Author: BrianKrebs| Date: Thu, 20 Jun 2024 19:16:01 +0000

On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The subjects of that piece are threatening to sue KrebsOnSecurity for defamation unless the story is retracted. Meanwhile, their attorney has admitted that the person Radaris named as the CEO from its inception is a fabricated identity.

Read more

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Credit to Author: BrianKrebs| Date: Sat, 15 Jun 2024 23:40:20 +0000

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years.

Read more

Patch Tuesday, June 2024 “Recall” Edition

Credit to Author: BrianKrebs| Date: Tue, 11 Jun 2024 22:57:35 +0000

Microsoft today released updates to fix more than 50 security vulnerabilities in Windows and related software, a relatively light Patch Tuesday this month for Windows administrators. The software giant also responded to a torrent of negative feedback on a new feature of Redmond’s flagship operating system that constantly takes screenshots of whatever users are doing on their computers, saying the feature would no longer be enabled by default.

Read more

‘Operation Endgame’ Hits Malware Delivery Platforms

Credit to Author: BrianKrebs| Date: Thu, 30 May 2024 15:19:44 +0000

Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Dubbed “the largest ever operation against botnets,” the international effort is being billed as the opening salvo in an ongoing campaign targeting advanced malware “droppers” or “loaders” like IcedID, Smokeloader and Trickbot.

Read more

Is Your Computer Part of ‘The Largest Botnet Ever?’

Credit to Author: BrianKrebs| Date: Wed, 29 May 2024 19:21:12 +0000

The U.S. Department of Justice (DOJ) today said they arrested the alleged operator of 911 S5, a ten-year-old online anonymity service that was powered by what the director of the FBI called “likely the world’s largest botnet ever.” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime.

Read more

Treasury Sanctions Creators of 911 S5 Proxy Botnet

Credit to Author: BrianKrebs| Date: Tue, 28 May 2024 20:38:32 +0000

The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5, an online anonymity service that for many years was the easiest and cheapest way to route one’s Web traffic through malware-infected computers around the globe. KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later.

Read more

Stark Industries Solutions: An Iron Hammer in the Cloud

Credit to Author: BrianKrebs| Date: Thu, 23 May 2024 23:32:43 +0000

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is being used as a global proxy network that conceals the true source of cyberattacks and disinformation campaigns against enemies of Russia.

Read more