Is Your Computer Part of ‘The Largest Botnet Ever?’

Credit to Author: BrianKrebs| Date: Wed, 29 May 2024 19:21:12 +0000

The U.S. Department of Justice (DOJ) today said they arrested the alleged operator of 911 S5, a ten-year-old online anonymity service that was powered by what the director of the FBI called “likely the world’s largest botnet ever.” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime.

Read more

Treasury Sanctions Creators of 911 S5 Proxy Botnet

Credit to Author: BrianKrebs| Date: Tue, 28 May 2024 20:38:32 +0000

The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5, an online anonymity service that for many years was the easiest and cheapest way to route one’s Web traffic through malware-infected computers around the globe. KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later.

Read more

Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers

Credit to Author: BrianKrebs| Date: Wed, 10 Apr 2024 14:28:17 +0000

On April 9, Twitter/X began automatically modifying links that mention “twitter.com” to redirect to “x.com” instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links — such as fedetwitter[.]com, which is currently rendered as fedex.com in tweets.

Read more

Happy 14th Birthday, KrebsOnSecurity!

Credit to Author: BrianKrebs| Date: Fri, 29 Dec 2023 22:16:27 +0000

KrebsOnSecurity celebrates its 14th year of existence today! I promised myself this post wouldn’t devolve into yet another Cybersecurity Year in Review. Nor do I wish to hold forth about whatever cyber horrors may await us in 2024. But I do want to thank you all for your continued readership, encouragement and support, without which I could not do what I do.

Read more

BlackCat Ransomware Raises Ante After FBI Disruption

Credit to Author: BrianKrebs| Date: Tue, 19 Dec 2023 22:49:43 +0000

The U.S. Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world’s second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang’s darknet website, and released a decryption tool that hundreds of victim companies can use to recover systems. Meanwhile, BlackCat responded by briefly “unseizing” its darknet site with a message promising 90 percent commissions for affiliates who continue to work with the crime group, and open season on everything from hospitals to nuclear power plants.

Read more

Happy 13th Birthday, KrebsOnSecurity!

Credit to Author: BrianKrebs| Date: Thu, 29 Dec 2022 22:35:36 +0000

KrebsOnSecurity turns 12 years old today. That’s a crazy long time for an independent media outlet these days, but then again I’m liable to keep doing this as long as they keep letting me! Thanks to your readership and support, I was able to spend more time in 2022 on in-depth investigative stories — the really satisfying kind with the potential to affect positive change. Some of that work is highlighted in the 2022 Year in Breaches review below.

Read more

The Equifax Breach Settlement Offer is Real, For Now

Credit to Author: BrianKrebs| Date: Tue, 20 Dec 2022 20:08:40 +0000

Millions of people likely just received an email or snail mail notice saying they’re eligible to claim a class action payment in connection with the 2017 megabreach at consumer credit bureau Equifax. Given the high volume of reader inquiries about this, it seemed worth pointing out that while this particular offer is legit (if paltry), scammers are likely to soon capitalize on public attention to the settlement money.

Read more

U.S. Govt. Makes it Harder to Get .Gov Domains

Credit to Author: BrianKrebs| Date: Sat, 07 Mar 2020 15:01:21 +0000

The federal agency in charge of issuing .gov domain names is enacting new requirements for validating the identity of people requesting them. The additional measures come less than four months after KrebsOnSecurity published research suggesting it was relatively easy for just about anyone to get their very own .gov domain. In November’s piece It’s Way Too Easy to Get a .gov Domain Name, an anonymous source detailed how he obtained one by impersonating an official at a small town in Rhode Island that didn’t already have its own .gov.

Read more

Happy 10th Birthday, KrebsOnSecurity.com

Credit to Author: BrianKrebs| Date: Mon, 30 Dec 2019 00:49:22 +0000

Today marks the 10th anniversary of KrebsOnSecurity.com! Over the past decade, the site has featured more than 1,800 stories focusing mainly on cybercrime, computer security and user privacy concerns. And what a decade it has been. Stories here have exposed countless scams, data breaches, cybercrooks and corporate stumbles. In the ten years since its inception, […]

Read more