Security News
Scammers have scammed their fellow cybercriminals out of more than $2.5 million on three dark web forums alone over the last 12 months, according to Sophos researchers. In a Black Hat Europe session, Sophos threat hunters detailed their investigation, which examined scams on two well-established Russian-language marketplaces, Exploit and XSS. They also looked at BreachForums, which launched in April 2022 after a Europol-led operation shut down the earlier version of the stolen-data souk, RaidForums.
Cybercriminals are scamming each other out of millions of dollars and use arbitration to settle disputes about the scams, according to Sophos. Despite this resolution process provoking occasional mayhem among the "Plaintiffs and defendants," with some accused criminals either going dark and not showing up, or calling the complainants themselves "Rippers," the practice of scammers scamming scammers is lucrative.
Cashing stolen credit cards: Carding groups sell stolen credit card details to carry out illegal and unauthorized transactions. Selling fake Hayya cards: Due to the importance of Hayya cards during the World Cup, threat actors are selling fake Hayya Cards to unsuspecting fans, who are willing to pay any amount to get one.
Interpol on Thursday announced the seizure of $130 million worth of virtual assets in connection with a global crackdown on cyber-enabled financial crimes and money laundering. Another instance pertained to a call center scam based out of India, wherein a group of criminals impersonated Interpol and Europol officers to trick victims in Austria into transferring funds.
INTERPOL has announced the seizure of $130,000,000 million worth of money and virtual assets linked to various cybercrimes and money laundering operations. The law enforcement operation is codenamed "HAECHI III" and lasted between June 28 and November 23, 2022, allowing INTERPOL to arrest almost a thousand suspects.
Emotet, one of the most evasive and destructive malware delivery systems, caused substantial damage during its initial reign. After a coordinated takedown by authorities in early 2021, Emotet has reemerged as a global threat that will persist for organizations.
A phishing-as-a-service platform known as Robin Banks has relocated its attack infrastructure to DDoS-Guard, a Russian provider of bulletproof hosting services. The switch comes after "Cloudflare disassociated Robin Banks phishing infrastructure from its services, causing a multi-day disruption to operations," according to a report from cybersecurity company IronNet.
As phishing attacks soar in frequency and sophistication and are delivered by an entirely new breed of cybercriminals, it's time we utilize the latest technology to anticipate threats before they advance. Smartphones have become increasingly targeted by hacking attempts - especially since the pandemic, with total phishing attacks in the second quarter of 2022 rising to over 1 million.
The Raspberry Robin worm is becoming an access-as-a-service malware for deploying other payloads, including IcedID, Bumblebee, TrueBot, and Clop ransomware. MSTIC is keeping tabs on the activity group behind the USB-based Raspberry Robin infections as DEV-0856, adding it's aware of at least four confirmed entry points that all have the likely end goal of deploying ransomware.
In this Help Net Security video, Dmitry Bestuzhev, Most Distinguished Threat Researcher at BlackBerry, talks about some of the most interesting tactics, techniques, and procedures employed by...