Carding — the underground business of stealing, selling and swiping stolen payment card data — has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from cybercrime groups in China is breathing new…
Category: A Little Sunshine
A Little Sunshine, Dimitiri Shelest, Firefox, Global Security News, mozilla, Mozilla Monitor Plus, Nuwber, OneRep, Radaris
Nearly a Year Later, Mozilla is Still Promoting OneRep
In mid-March 2024, KrebsOnSecurity revealed that the founder of the personal data removal service Onerep also founded dozens of people-search companies. Shortly after that investigation was published, Mozilla said it would stop bundling Onerep with the Firefox browser and wind down its partnership with the company. But nearly a year later, Mozilla is still promoting it…
A Little Sunshine, AS400495, BackConnect Security LLC, Curtis Gervais, DiamondCDN, Director of National Intelligence, doge, Dstat, Edward Coristine, Elon Musk, Eric Taylor, Global Security News, Marshal Webb, Ne'er-Do-Well News, Neuralink, North America, Packetware, Path Networks, president trump, Rivage, Tesla Sexy LLC, The Com, The Coming Storm, Tucker Preston, Wired
Teen on Musk’s DOGE Team Graduated from ‘The Com’
Wired reported this week that a 19-year-old working for Elon Musk‘s so-called Department of Government Efficiency (DOGE) was given access to sensitive US government systems even though his past association with cybercrime communities should have precluded him from gaining the necessary security clearances to do so. As today’s story explores, the DOGE teen is a…
A Little Sunshine, Andrew Hoog, app transport security, Apple, Artificial Intelligence, bytedance, china, deepseek, DeepSeek AI, Global Security News, iOS, Latest Warnings, NowSecure, The Coming Storm, Volcengine
Experts Flag Security, Privacy Risks in DeepSeek AI App
New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three “free” downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek’s design choices — such as using hard-coded encryption keys, and sending unencrypted user and device data to…
1337 Services Gmbh, A Little Sunshine, AS210558, Breadcrumbs, Constella Intelligence, cracked, domaintools, DreamDrive GmbH, Europe, Finn Alexander Grimpe, [email protected], finndev, floriaN, Florian Marzahl, Global Security News, HRB 164175, Intel 471, Lucas Sohn, Northdata.com, nulled, [email protected], Operation Talent, Sellix, Shoppy Ecommerce Ltd, StarkRDP
Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?
The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled, English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. An investigation into the history of these communities shows their apparent co-founders quite openly operate an Internet service provider and a pair of…
A Little Sunshine, BEC fraud, Breadcrumbs, business email compromise, cracked, domaintools, Dutch National Police, Exploits, fbi, FudCo, Fudpage, Fudtools, Global Security News, HeartSender, Ne'er-Do-Well News, Operation Talent, Saim Raza, Sellix, The Manipulaters, U.S. Department of Justice, WeCodeSolutions
FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang
The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname “The Manipulaters,” have been the subject of three stories published here since 2015. The FBI said the…
A Little Sunshine, ACB Group, Amazon AWS, Anjie CDN, Asia Pacific, Crowell & Moring LLP, Fangneng CDN, Funnull, Global Security News, infrastructure laundering, Microsoft Azure, Ne'er-Do-Well News, NETSCOUT, NoName057(16), polyfill, Richard Hummel, Silent Push, Suncity Group, Time to Patch, U.S. Department of Commerce, Web Fraud 2.0, Zach Edwards
Infrastructure Laundering: Blending in with the Cloud
Image: Shutterstock, ArtHead. In an effort to blend in and make their malicious traffic tougher to block, hosting firms catering to cybercriminals in China and Russia increasingly are funneling their operations through major U.S. cloud providers. Research published this week on one such outfit — a sprawling network tied to Chinese organized crime gangs and…
A Little Sunshine, Alfa Bank, david sacks, Global Security News, House Judiciary Committee's Select Subcommittee on the Weaponization of the Federal Government, Jack Goldsmith, Joe Hall, John Durham, Lawfare, Melania Trump, Michael Sussman, North America, president trump, Quinta Jurecic, Rep. Jim Jordan, The Coming Storm, United States Council on Transnational Organized Crime, World Liberty Financial
A Tumultuous Week for Federal Cybersecurity Efforts
Image: Shutterstock. Greg Meland. President Trump last week issued a flurry of executive orders that upended a number of government initiatives focused on improving the nation’s cybersecurity posture. The president fired all advisors from the Department of Homeland Security’s Cyber Safety Review Board, called for the creation of a strategic cryptocurrency reserve, and voided a…
A Little Sunshine, akam.ne, akam.net, Akamai, awsdns-06.ne, az.mastercard.com, Azure, Bugcrowd, CloudFlare, Global Security News, Google, How to Break Into Security, Mastercard, Philippe Caturegli, Seralys
MasterCard DNS Error Went Unnoticed for Years
The payment card giant MasterCard just fixed a glaring error in its domain name server settings that could have allowed anyone to intercept or divert Internet traffic for the company by registering an unused domain name. The misconfiguration persisted for nearly five years until a security researcher spent $300 to register the domain and prevent…
@chenlun, A Little Sunshine, Asia Pacific, CSIS Security Group, EZDriveMA, fbi, Ford Merrill, Global Security News, ic3, imessage, Latest Warnings, Lighthouse, MassDOT, North Texas Toll Authority, RCS, SecAlliance, smishing, SMS phishing, Sunpass, The Toll Roads, Web Fraud 2.0
Chinese Innovations Spawn Wave of Toll Phishing Via SMS
Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass, warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes…
800-275-2273, A Little Sunshine, Allison Nixon, Aristotle, autodoxers, Coinbase, Crypto Chameleon, discord, domaintools, Emerging Tech, Global Security News, Latest Warnings, Lookout, Mark Cuban, Okta, Perm, Shark Tank, Star Fraud, Stotle, Telegram, The Coming Storm, Trezor, Unit 221B, voice phishing, Web Fraud 2.0
A Day in the Life of a Prolific Voice Phishing Crew
Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang show the group routinely abuses legitimate services at Apple and Google to force a variety…
A Little Sunshine, Allison Nixon, Cameron John Wagenius, Connor Riley Moucka, Global Security News, Judische, Kiberphant0m, Ne'er-Do-Well News, North America, Unit 221B
U.S. Army Soldier Arrested in AT&T, Verizon Extortions
Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from AT&T and Verizon. As first reported by KrebsOnSecurity last month, the accused is a communications specialist who was recently stationed in South…
A Little Sunshine, Acunetix, Altug Sara, [email protected], Araneida Scanner, Asia Pacific, Bilitro Yazilim, Breadcrumbs, domaintools, Fin7, Global Security News, Invicti Security, Matt Sciberras, Ne'er-Do-Well News, Neil Roseman, [email protected], Silent Push, The Coming Storm, U.S. Department of Health and Human Services, Zach Edwards
Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm
Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix, a powerful commercial web app vulnerability scanner, new research finds. The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology…
(650) 203-0000, A Little Sunshine, Coinbase, Daniel from Google, Gemini AI, Global Security News, Google Assistant, Google Docs, Google Forms, Google Photos, Graham Cluely, Junseth, Latest Warnings, Minecraft, Ne'er-Do-Well News, SwanCoin, Trezor, Web Fraud 2.0
How to Lose a Fortune with Just One Bad Click
Image: Shutterstock, iHaMoo. Adam Griffin is still in disbelief over how quickly he was robbed of nearly $500,000 in cryptocurrencies. A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to…
A Little Sunshine, Binance, Blaven Technologies, Breadcrumbs, Chainalysis, CloudFlare, Cryptomus, CTV News, FINTRAC, Global Security News, Icon Tech SRO, Investigative Journalism Foundation, Mezhundarondnaya IBU SRO, Peter German, PQ Hosting, RCMP, Richard Sanders, Russia's War on Ukraine, Vira Krychka, Web Fraud 2.0, WS Management and Advisory Corporation Ltd, Xeltox Enterprises
How Cryptocurrency Turns to Cash in Russian Banks
A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. Meanwhile, an investigation into the Vancouver street address used by this company shows it is home to dozens of foreign currency dealers, money transfer businesses,…
@chenlun, A Little Sunshine, and Mobile Anti-Abuse Working Group, Anti-Phishing Working Group, Coalition Against Unsolicited Commercial Email, Global Security News, ICANN, Interisle Consulting, Internet Corporation for Assigned Names and Numbers, John Levine, Latest Warnings, malware, Messaging, new gTLDs, North America, phishing, spam, The Coming Storm, U.S. Postal Service
Why Phishers Love New TLDs Like .shop, .top and .xyz
Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees…
A Little Sunshine, AT&T, Boxfan, buttholio, Connor Riley Moucka, cyb3rph4nt0m, DDoS-for-Hire, Global Security News, John Erin Binns, Judische, Kiberphant0m, Naver, Ne'er-Do-Well News, North America, Proman557, Ransomware, Reverseshell, Shi-Bot, Snowflake, South Korea, telekomterrorist, The Coming Storm, Vars_Secc, Verizon, Waifu
Hacker in Snowflake Extortions May Be a U.S. Soldier
Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect — a prolific hacker known as Kiberphant0m — remains at large and continues to publicly extort victims. However, this person’s identity may not remain a secret for long:…
A Little Sunshine, Ahmed Hossam Eldin Elbadawy, Evans Onyeaka Osiebo, Global Security News, Joel Martin Evans, Joeleoli, Kingbob, lastpass, Mailchimp, Namecheap, Ne'er-Do-Well News, Noah Michael Urban, ogusers, Okta, Oktapus, Scattered Spider, SIM Swapping, Sosa, T-Mobile, Twilio, Tylerb
Feds Charge Five Men in ‘Scattered Spider’ Roundup
Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass, MailChimp, Okta, T-Mobile and Twilio. A visual depiction of the attacks by the SMS phishing group known…
A Little Sunshine, Aleksandr Ermakov, chronopay, Data Breaches, Dmitri Golubov, Global Security News, Helkern, Home Depot breach, Hydra Market, MikeMike, Mikhail Lenin, Mikhail Shefel, Ne'er-Do-Well News, North America, pavel vrublevsky, Peter Vrublevsky, Pharma Wars, Sprut, Sugar ransomware, target breach
An Interview With the Target & Home Depot Hacker
In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Moscow resident Mikhail Shefel, who confirmed using the Rescator identity in a recent interview, also admitted reaching out because he…
A Little Sunshine, emergency data request, fake EDR, fbi, Global Security News, Kodex, Latest Warnings, Matt Donahue, North America, pwnstar, The Coming Storm, Web Fraud 2.0
FBI: Spike in Hacked Police Emails, Fake Subpoenas
The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based technology companies. In an alert (PDF) published this week, the FBI…