Security News
Two Eastern European men were sentenced to prison on Racketeer Influenced Corrupt Organization charges for bulletproof hosting services used by multiple cybercrime operations to target US organizations. The bulletproof hosting service also helped cybercrime gangs register new infrastructure using stolen or false identities that allowed them to circumvent law enforcement efforts to block their attacks.
The development also speaks to the TrickBot gang's increasing sophistication and standing in the cybercrime underground, IBM researchers said: "This latest development demonstrates the strength of its connections within the cybercriminal ecosystem and its ability to leverage these relationships to expand the number of organizations infected with its malware." According to IBM, the TrickBot gang has now added powerful additional distribution tactics to its bag of tricks, thanks to the two new affiliates.
A new phishing campaign dubbed MirrorBlast is deploying weaponized Excel documents that are extremely difficult to detect to compromise financial service organizations. The most notable feature of MirrorBlast is the low detection rates of the campaign's malicious Excel documents by security software, putting firms that rely solely upon detection tools at high risk.
A ransomware kit costs as little as $66, though it needs to be modified, while a spearphishing attack can run as low as $100, says Altas VPN. Cybercrime can be a lucrative business for those who specialize in ransomware, phishing campaigns, and other types of attacks. The profit margins are especially healthy because cybercrime products and services often sell at bargain prices on the Dark Web.
Their behaviors online are risky at best and are putting them at risk of cybercrime. Aura hopes to help solve this problem for consumers by providing resources, products and guidance on how to keep your identity, finances and devices safe from online threats." Many people believe they will feel about the same or even less secure in 2030 than they feel online today.
A new report by Malwarebytes, Digitunity and Cybercrime Support Network, which polled more than 5,000 people across the United States, United Kingdom, and Germany, details how people experience cybercrime worldwide, demonstrating cybercrime does not impact everyone equally. Overall analysis of data suggests disadvantaged groups facing barriers in society, such as those with lower incomes and lower education levels, feel less safe about their online experiences, are more likely to fall victim to an attack, and at times report experiencing a heavier emotional burden when responding to cyberattacks.
International law enforcement has busted up an extensive cybercrime operation run by a gang with ties to the Italian Mafia. The suspects used various lures to convince victims to wire money to bank accounts controlled by the criminal network, according to Europol.
As you can see, the cryptocurrency wallets in question were partially redacted - but as we know, these follow a recognizable pattern and can be uncovered in the public ledger. After determining the full wallet address, we can find this wallet on the blockchain and see what was transferred and when.
This is part one of a two-part series on how hackers stole $2 million in cryptocurrency. There is one strong commonality with all these incidents and attacks: The hackers want the funds in cryptocurrency.
A diverse range of cybercrime offerings caters to anyone with sufficient cryptocurrency: from access brokers who sell pilfered credentials for compromised accounts, to bullet proof hosting providers that can deliver reliable and anonymous infrastructure to conduct offensive criminal cyber operations. The discerning cybercrime operator in 2021 can build customized toolchains out of composable microservices and off-the-shelf solutions, tailoring attacks, and repurposing compromises for a variety of criminal endeavours.