Security News

Police arrest eight suspects in an online scamming ring. We explain how WhatsApp messages from hacked accounts are helping cybercrooks bypass 2FA. Oh! No! of the week.

As Naked Security readers have pointed out before, you don't always know in advance which courier company an online vendor might might use, so even if the crooks send you a fake message from a company you wouldn't normally expect, it's easy to fall for it. The trick you see in the "Pay page" above is very common: to set your mind at rest, the crooks ask for very little money, typically from about 99 cents up to amounts such as £1.49, €1.99 or, as shown above, $3. The idea is that the modest fee sounds believable, and it might feels at though it's worth the risk of paying out the money anyway, given that it's only a few dollars, in case it is a real delivery and you miss out.

According to a report from radio station France Inter, numerous cybercriminals connected to the Egregor ransomware gang have recently been arrested. Since Tuesday [last week], police in the two countries have been working together in an effort to dismantle a cybercrime group suspected of initiating hundreds of ransomware attacks dating back to September 2020.[] Police arrested a number of hackers suspected of working with the Egregor cybercrime gang, providing hacking, logistical, and financial support.

European and American officials said Thursday that they have arrested 20 people in several countries for allegedly belonging to an international ring that laundered millions of euros stolen by cybercriminals through malware schemes. The international police operation "2BaGoldMule" led by Portuguese investigators and the FBI included 14 more European countries, under the umbrella of Europol.

Speaking at the 2020 Disclosure conference, Jones outlined how the trust many developers put in their software stacks and shared code, paired with a disturbing lack of online savvy, can make them easy pickings for hackers. "Systems are generally hardened - they have patches, they have firewalls, they have monitoring," Jones explained, "But [some] developers will run literally any bullshit they find on Stack Overflow. They keep credentials lying about, they're obviously going to have the source code and some production data sitting on their hardware as well."

Twitter has revealed more about the July 15 attack that saw several prominent accounts hijacked to promote a Bitcoin scam. The Saturday, July 18 update admits "The attackers successfully manipulated a small number of employees and used their credentials to access Twitter's internal systems, including getting through our two-factor protections."

The Department of Justice has raised its first federal court action against online fraud relating to the coronavirus pandemic, on Sunday taking steps to shutter a fraudulent website that claimed to give away free coronavirus vaccines. The website was live as of March 21, according to the DoJ; but as of Monday, the website is currently down.

The Department of Justice has raised its first federal court action against online fraud relating to the coronavirus pandemic, on Sunday taking steps to shutter a fraudulent website that claimed to give away free coronavirus vaccines. The website was live as of March 21, according to the DoJ; but as of Monday, the website is currently down.

A trio of Australians has been charged with identity theft that netted AU$11 million - ill-gotten loot they allegedly ripped off by hacking into businesses and modifying their payrolls, pension payments and credit card details. New South Wales police reportedly said that the unidentified 31-year-old man allegedly stole more than 80 personal and financial profiles so as to use them in identity fraud in South Australia from early 2019, and then in NSW from August 2019.

While the young man's punishment was heavily tempered by his current poor health, the defendant's dietary choices may have contributed to both his capture and the lenient sentencing: Investigators say the onetime booter boss's identity became clear after he ordered a bacon and chicken pizza delivered to his home using the same email address he originally used to register his criminal attack service. Investigators say Bukoski's booter service was among the longest running services targeted by the FBI, operating since at least 2012.