cybercrime – SSL and internet security news

The Hacker Tool to Get Personal Data from Credit Bureaus

September 7, 2023 infossl

cybercrime, data collection, doxing, finance, law enforcement, Security technology, Uncategorized

The new site 404 Media has a good article on how hackers are cheaply getting personal information from credit bureaus: This is the result of a secret weapon criminals are selling access to online that appears to tap into an especially powerful set of data: the target’s credit header. This is personal information that the … Read More “The Hacker Tool to Get Personal Data from Credit Bureaus” »

UPS Data Harvested for SMS Phishing Attacks

June 23, 2023 infossl

cybercrime, phishing, phones, Security technology, sms, spam, Uncategorized

I get UPS phishing spam on my phone all the time. I never click on it, because it’s so obviously spam. Turns out that hackers have been harvesting actual UPS delivery data from a Canadian tracking tool for its phishing SMSs. Powered by WPeMatico

EFF on the UN Cybercrime Treaty

April 19, 2023 infossl

cybercrime, laws, Security technology, treaties, un, Uncategorized

EFF has a good explainer on the problems with the new UN Cybercrime Treaty, currently being negotiated in Vienna. The draft treaty has the potential to rewrite criminal laws around the world, possibly adding over 30 criminal offenses and new expansive police powers for both domestic and international criminal investigations. […] While we don’t think … Read More “EFF on the UN Cybercrime Treaty” »

FBI (and Others) Shut Down Genesis Market

April 5, 2023 infossl

botnets, credentials, cybercrime, fbi, law enforcement, Security technology, Uncategorized

Genesis Market is shut down: Active since 2018, Genesis Market’s slogan was, “Our store sells bots with logs, cookies, and their real fingerprints.” Customers could search for infected systems with a variety of options, including by Internet address or by specific domain names associated with stolen credentials. But earlier today, multiple domains associated with Genesis … Read More “FBI (and Others) Shut Down Genesis Market” »

UK Runs Fake DDoS-for-Hire Sites

April 3, 2023 infossl

cybercrime, denial of service, Security technology, uk, Uncategorized

Brian Krebs is reporting that the UK’s National Crime Agency is setting up fake DDoS-for-hire sites as part of a sting operation: The NCA says all of its fake so-called “booter” or “stresser” sites - which have so far been accessed by several thousand people—have been created to look like they offer the tools and … Read More “UK Runs Fake DDoS-for-Hire Sites” »

Malware Delivered through Google Search

February 7, 2023 infossl

cybercrime, google, malware, Security technology, Uncategorized

Criminals using Google search ads to deliver malware isn’t new, but Ars Technica declared that the problem has become much worse recently. The surge is coming from numerous malware families, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader. In the past, these families typically relied on phishing and malicious spam that attached … Read More “Malware Delivered through Google Search” »

Ransomware Payments Are Down

January 31, 2023 infossl

crime, cryptocurrency, cybercrime, extortion, ransomware, Security technology, Uncategorized

Chainalysis reports that worldwide ransomware payments were down in 2022. Ransomware attackers extorted at least $456.8 million from victims in 2022, down from $765.6 million the year before. As always, we have to caveat these findings by noting that the true totals are much higher, as there are cryptocurrency addresses controlled by ransomware attackers that … Read More “Ransomware Payments Are Down” »

ChatGPT-Written Malware

January 10, 2023 infossl

ChatGPT, cybercrime, encryption, malware, Security technology, Uncategorized

I don’t know how much of a thing this will end up being, but we are seeing ChatGPT-written malware in the wild. …within a few weeks of ChatGPT going live, participants in cybercrime forums—some with little or no coding experience—were using it to write software and emails that could be used for espionage, ransomware, malicious … Read More “ChatGPT-Written Malware” »

The Justice Department Will No Longer Charge Security Researchers with Criminal Hacking

May 24, 2022 infossl

courts, cybercrime, cybersecurity, national security policy, reverse engineering, Security technology, Uncategorized, vulnerabilities

Following a recent Supreme Court ruling, the Justice Department will no longer prosecute “good faith” security researchers with cybercrimes: The policy for the first time directs that good-faith security research should not be charged. Good faith security research means accessing a computer solely for purposes of good-faith testing, investigation, and/or correction of a security flaw … Read More “The Justice Department Will No Longer Charge Security Researchers with Criminal Hacking” »

Stolen Bitcoins Returned

December 22, 2021 infossl

bitcoin, cryptocurrency, cybercrime, fbi, law enforcement, Security technology, theft, Uncategorized

The US has returned $154 million in bitcoins stolen by a Sony employee. However, on December 1, following an investigation in collaboration with Japanese law enforcement authorities, the FBI seized the 3879.16242937 BTC in Ishii’s wallet after obtaining the private key, which made it possible to transfer all the bitcoins to the FBI’s bitcoin wallet. … Read More “Stolen Bitcoins Returned” »