domaintools.com – PossibleThreat Articles

When Get-Out-The-Vote Efforts Look Like Phishing

September 12, 2024 0 Comments A Little Sunshine, all-vote.com, Breadcrumbs, debra cleaver, domaintools.com, movement labs, vote america, votewin.org, wdiv, yoni landau

Credit to Author: BrianKrebs| Date: Wed, 28 Aug 2024 23:55:17 +0000

Multiple media reports this week warned Americans to be on guard against a new phishing scam that arrives in a text message informing recipients they are not yet registered to vote. A bit of digging reveals the missives were sent by a California political consulting firm as part of a well-meaning but potentially counterproductive get-out-the-vote effort that had all the hallmarks of a phishing campaign.

Independent Krebs Security

Cybercrime Rapper Sues Bank over Fraud Investigation

August 7, 2024 0 Comments 859-963-6243, A Little Sunshine, constella.ai, devon turner, domaintools.com, Ne'er-Do-Well News, punchmade dev

Credit to Author: BrianKrebs| Date: Wed, 07 Aug 2024 19:01:49 +0000

In January, KrebsOnSecurity wrote about rapper Punchmade Dev, whose music videos sing the praises of a cybercrime lifestyle. That story showed how Punchmade’s social media profiles promoted Punchmade-themed online stores selling bank account and payment card data. Now the Kentucky native is suing his financial institution after it blocked a $75,000 wire transfer and froze his account, citing an active law enforcement investigation.

Independent Krebs Security

KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO

June 20, 2024 0 Comments 617-794-0001, A Little Sunshine, aleksej gubarev, andtop company, atlas data privacy corp., barsky.com, better business bureau, bitseller expert limited, boston law group, Breadcrumbs, buzzfeed, constella intelligence, difive.com, dmitry lubarsky, domaintools.com, gary norden, gn@difive.com, humanbook, igor lubarsky, pavel kaydash, radaris, radaris.com, steele dossier, trustoria.com, val gurvits, webzilla, xbt holding

Credit to Author: BrianKrebs| Date: Thu, 20 Jun 2024 19:16:01 +0000

On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The subjects of that piece are threatening to sue KrebsOnSecurity for defamation unless the story is retracted. Meanwhile, their attorney has admitted that the person Radaris named as the CEO from its inception is a fabricated identity.

Independent Krebs Security

Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers

April 15, 2024 0 Comments domaintools.com, mastodon, matthew garrett, other, phishing, sean mcnee, twitter.com, x.com

Credit to Author: BrianKrebs| Date: Wed, 10 Apr 2024 14:28:17 +0000

On April 9, Twitter/X began automatically modifying links that mention “twitter.com” to redirect to “x.com” instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links — such as fedetwitter[.]com, which is currently rendered as fedex.com in tweets.

Independent Krebs Security

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

April 15, 2024 0 Comments A Little Sunshine, bluebtcus@gmail.com, Breadcrumbs, domaintools.com, fudco, fudpage, fudsender, fudtools, heartsender, Ne'er-Do-Well News, saim raza, the manipulaters, we code solutions, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 03 Apr 2024 13:16:25 +0000

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “The Manipulaters,” a sprawling web hosting network of phishing and spam delivery platforms. In January 2024, The Manipulaters pleaded with this author to unpublish previous stories about their work, claiming the group had turned over a new leaf and gone legitimate. But new research suggests that while they have improved the quality of their products and services, these nitwits still fail spectacularly at hiding their illegal activities.

Independent Krebs Security

The Not-so-True People-Search Network from China

March 20, 2024 0 Comments A Little Sunshine, alibaba cloud, alina clark, beenverified, Breadcrumbs, cocodoc, cocofinder, cocosign, domaintools.com, eden cheng, fastpeoplesearch, findpeoplefast, forbes.com, h.i.g. capital, harriet chan, instant checkmate, intelius, marilyn gaskell, neighborwho, numberguru, onerep, ownerly, peopleconnect inc., peoplefinderfree, peoplelooker, peoplesmart, radaris, ross cohen, sally stevens, shenzhen duiyun technology co, spokeo, stephen curry, the lifetime value co., truepeoplesearch, truthfinder, u.s. federal trade commission

Credit to Author: BrianKrebs| Date: Thu, 21 Mar 2024 03:18:26 +0000

It’s not unusual for the data brokers behind people-search websites to use pseudonyms in their day-to-day lives (you would, too). Some of these personal data purveyors even try to reinvent their online identities in a bid to hide their conflicts of interest. But it’s not every day you run across a US-focused people-search network based in China whose principal owners all appear to be completely fabricated identities.

Independent Krebs Security

From Cybercrime Saul Goodman to the Russian GRU

February 7, 2024 0 Comments A Little Sunshine, aleksei valerievich safronov, congressional research service, constella intelligence, djamix, domaintools.com, gru, guardia civil, mark rasch, mazafaka, meduza, Ne'er-Do-Well News, russia's war on ukraine, stalker

Credit to Author: BrianKrebs| Date: Wed, 07 Feb 2024 17:10:18 +0000

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. The leaked user database shows one of the forum’s founders was an attorney who advised Russia’s top hackers on the legal risks of their work, and what to do if they got caught. A review of this user’s hacker identities shows that during his time on the forums he served as an officer in the special forces of the GRU, the foreign military intelligence agency of the Russian Federation.

Independent Krebs Security

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

January 17, 2024 0 Comments A Little Sunshine, constella intelligence, devon turner, devtakeflight, devtakeflightbeats inc., domaintools.com, nba 2k17, Ne'er-Do-Well News, obn dev, obn group llc, punchmade dev, punchmade llc, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 17 Jan 2024 17:00:40 +0000

The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. With memorable hits such as “Internet Swiping” and “Million Dollar Criminal” earning millions of views, Punchmade has leveraged his considerable following to peddle tutorials on how to commit financial crimes online. But until recently, there wasn’t much to support a conclusion that Punchmade was actually doing the cybercrime things he promotes in his songs.

Independent Krebs Security

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

September 27, 2023 0 Comments @htmalgae, 8base ransomware, atomicstealer, Breadcrumbs, Data Breaches, domaintools.com, google.com, malwarebytes, microsoft teams, mihail kolesnikov, Ne'er-Do-Well News, Ransomware, rilide, trustwave spiderlabs

Credit to Author: BrianKrebs| Date: Wed, 27 Sep 2023 11:48:37 +0000

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams, Adobe Reader, Mozilla Thunderbird, and Discord.

Independent Krebs Security

Who and What is Behind the Malware Proxy Service SocksEscort?

July 25, 2023 0 Comments A Little Sunshine, adrian crismaru, avrecon, black lotus labs, domaintools.com, intel471, internet of things (iot), lumen, riley kilmer, socksescort, spur.us, Web Fraud 2.0, wiremo

Credit to Author: BrianKrebs| Date: Tue, 25 Jul 2023 21:20:55 +0000

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort, which rents hacked residential and small business devices to cybercriminals looking to hide their true location online.

← Previous