Krebs on Security

MAY 18, 2019

com — a forum popular among people involved in hijacking online accounts and conducting SIM swapping attacks to seize control over victims’ phone numbers — has itself been hacked, exposing the email addresses, hashed passwords, IP addresses and private messages for nearly 113,000 forum users.

Passwords 228

Passwords Phishing Access Security 228

Krebs on Security

APRIL 27, 2023

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. A researcher found DC Health had five Salesforce Community sites exposing data.

Access 290

Access Authentication Information Security Communications 290

Krebs on Security

FEBRUARY 4, 2021

At the center of the account ban wave are some of the most active members of OGUsers , a forum that caters to thousands of people selling access to hijacked social media and other online accounts. Like most cybercrime forums, OGUsers is overrun with shady characters who are there mainly to rip off other members.

Sales 299

Sales Passwords Authentication Access 299

Krebs on Security

DECEMBER 2, 2020

For at least the third time in its existence, OGUsers — a forum overrun with people looking to buy, sell and trade access to compromised social media accounts — has been hacked. Roughly a week ago, the OGUsers homepage was defaced with a message stating the forum’s user database had been compromised.

Passwords 290

Passwords Marketing Access Data breaches 290

Krebs on Security

MARCH 14, 2023

The complaint says once they obtained a victim’s information, Singh and Ceraolo would post the information in an online forum. The government refers to this community only as “ Forum-1 ,” saying that it is administered by the leader of ViLE (referenced in the complaint at CC-1).

Government 247

Government Communications Access Security 247

Krebs on Security

SEPTEMBER 13, 2023

The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold. In a post on the English language cybercrime forum BreachForums , USDoD leaked information on roughly 3,200 Airbus vendors, including names, addresses, phone numbers, and email addresses. But on Sept. But on Sept.

Passwords 282

Passwords Authentication Sales Data breaches 282

Krebs on Security

JANUARY 29, 2020

leaked internal customer support data to the Internet, mobile provider Sprint has addressed a mix-up in which posts to a private customer support community were exposed to the Web. Perhaps more importantly for Sprint and its customers, the forum also included numerous links and references to internal tools and procedures.

Data Privacy 252

Data Privacy Phishing Authentication Communications 252

Krebs on Security

SEPTEMBER 24, 2022

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog , which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.”

Data breaches 203

Data breaches Ransomware Information Security IT 203

The Last Watchdog

JUNE 20, 2022

It extends beyond the Deep & Dark Web to: unindexed Web forums, messaging boards, and marketplaces, encrypted messaging systems, and code repositories. Additionally, filtering through these channels is made even more difficult due to language barriers, as well as gaining trust and access to these various forums.

Ransomware 260

Ransomware Access Marketing Data collection 260

Krebs on Security

MAY 14, 2021

“Servers were seized (country not named), money of advertisers and founders was transferred to an unknown account,” reads a message from a cybercrime forum reposted to the Russian OSINT Telegram channel. The new restrictions came as some Russian cybercrime forums began distancing themselves from ransomware operations altogether.

Ransomware 364

Ransomware Education Communications Access 364

Krebs on Security

SEPTEMBER 1, 2021

Like other anonymity networks marketed largely on cybercrime forums online, VIP72 routes its customers’ traffic through computers that have been hacked and seeded with malicious software. Check2IP is so popular that it has become a verbal shorthand for basic due diligence in certain cybercrime communities.

Sales 284

Sales Passwords Marketing IT 284

Krebs on Security

JANUARY 8, 2024

But there is a fascinating and untold backstory behind the two Russian men involved, who co-ran the world’s top spam forum and worked closely with Russia’s most dangerous cybercriminals. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a Ika ), and Salomon (a.k.a.

Computer and Electronics 206

Computer and Electronics Passwords Sales Government 206

Krebs on Security

JULY 25, 2023

A review of the earliest posts about this service on Russian cybercrime forums suggests the 12-year-old malware proxy network is tied to a Moldovan company that also offers VPN software on the Apple Store and elsewhere. SSC asked fellow forum members for help in testing the security of a website they claimed was theirs: myiptest[.]com

Analytics 200

Analytics Passwords Systems administration Retail 200

Krebs on Security

APRIL 18, 2023

” MRMURZA Faceless is a project from MrMurza , a particularly talkative member of more than a dozen Russian-language cybercrime forums over the past decade. MrMurza’s Faceless advertised on the Russian-language cybercrime forum ProCrd. Image: Darkbeast/Ke-la.com. 2012, from an Internet address in Magnitogorsk, RU. .”

Passwords 231

Passwords IoT Sales Retail 231

Krebs on Security

FEBRUARY 14, 2022

This post concerns itself with the other half of Wazawaka’s identities not mentioned in the first story, such as how Wazawaka also ran the Babuk ransomware affiliate program, and later became “ Orange ,” the founder of the ransomware-focused Dark Web forum known as “ RAMP.” ” Around Apr.

Ransomware 198

Ransomware Data breaches Encryption Passwords 198

Krebs on Security

MAY 18, 2020

is cybercrime forum. “We can examine your (or not exactly your) PHP code for vulnerabilities and backdoors,” reads his offering on several prominent Russian cybercrime forums. Lebron first appeared on Exploit in September 2016, roughly two months before upO was banished from the community.

Ransomware 311

Ransomware Marketing Security IT 311

Security Affairs

JANUARY 18, 2021

The OpenWRT forum, the community behind the open-source project for embedded operating systems based on Linux, disclosed a data breach. OpenWRT forum was compromised during the weekend and user data were stolen by intruders. The administrators of the forum disclosed the data breach with an announcement published on the forum.

Data breaches 132

Data breaches Passwords Phishing Authentication 132

Krebs on Security

AUGUST 16, 2022

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. The administrator responded to this empty threat by purchasing the stolen banking data and leaking it on the forum for everyone to download. “Who does it?

Data breaches 257

Data breaches Sales Marketing Cybersecurity 257

Krebs on Security

JANUARY 30, 2024

” A review of thousands of messages that these users posted to several public forums and Discord servers over the past two years shows that the person behind these identities was mainly focused on two things: Sim-swapping, and trading in stolen, unreleased rap music recordings from popular artists. .”

Passwords 315

Passwords Phishing Access Encryption 315

Krebs on Security

MARCH 10, 2020

was originally advertised on the public Russian-language hacking forum Antichat by a venerated user in that community who goes by the alias “ Isis.” ru , a cybercrime forum in its own right that called itself “ The Antichat Mafia.” Isis’ profile on antichat. More importantly, that same hm@mail.ru

Sales 296

Sales Passwords Authentication Security 296

KnowBe4

NOVEMBER 26, 2022

Craig Hale at Techradar reported: "A post on a “well-known hacking community forum” claims almost half a billion WhatsApp records have been breached and are up for sale.

Sales 119

Sales Data breaches Phishing 119

Security Affairs

JUNE 7, 2021

Cybercriminals in Russian underground forums have been invited to take part in competitions for hacking cryptocurrency and NFT. Several Russian underground forums have launched competitions for hacking cryptocurrency schema and Non-fungible token (NFT). ” reads a post published by Intel 471. . ” concludes the post.

Paper 140

Paper Mining Phishing Security 140

Krebs on Security

DECEMBER 8, 2021

According to cyber intelligence firm Intel 471 , that dark_cl0ud6@hotmail.com address has been used in conjunction with the handle “ DCReavers2 ” to register user accounts on a half-dozen English-language cybercrime forums since 2008, including Hackforums , Blackhatworld, and Ghostmarket. ” The U.S.

IT 271

IT Ransomware Mining Sales 271

Krebs on Security

MAY 22, 2023

What follows is an interview with a Russian hacker responsible for a series of aggressive crypto spam campaigns that recently prompted several large Mastodon communities to temporarily halt new registrations. Quotpw/Ahick/Edgard/ципа advertising his coding services in this Google-translated forum posting. pw was their domain.

Data science 239

Data science IoT Manufacturing Sales 239

Krebs on Security

NOVEMBER 2, 2021

22 on RAMP , a new and fairly exclusive Russian-language darknet cybercrime forum. In a post on the Russian cybercrime forum XSS , an established cybercrook using the handle “ Boriselcin ” explained that Groove was little more than a pet project to screw with the media and security industry. Groove was first announced Aug.

Ransomware 252

Ransomware Passwords Information Security Government 252

Krebs on Security

JULY 13, 2020

Since its inception in 2018, Data Viper has billed itself as a “threat intelligence platform designed to provide organizations, investigators and law enforcement with access to the largest collection of private hacker channels, pastes, forums and breached databases on the market.” ” SMOKE AND MIRRORS. is finally here!”

Sales 347

Sales Marketing e-Discovery Passwords 347

Security Affairs

FEBRUARY 5, 2024

Hewlett Packard Enterprise (HPE) is investigating a new data breach after a threat actor claimed to have stolen data on a hacking forum. Hewlett Packard Enterprise (HPE) is investigating a new data breach, following the discovery of an offer on a hacking forum where a threat actor claimed to be selling the allegedly stolen data.

Security 116

Security Data breaches Cybersecurity Marketing 116

Krebs on Security

FEBRUARY 24, 2023

com has been advertised for nearly a decade on the forum Black Hat World by the user BHProxies. BHProxies has authored 129 posts on Black Hat World since 2012, and their last post on the forum was in December 2022. The account didn’t resume posting on the forum until April 2014. WHO’S BEHIND BHPROXIES?

Passwords 225

Passwords Blockchain Mining Marketing 225

Krebs on Security

JANUARY 28, 2022

A confidential source recently had a private conversation with a support representative who fields questions and inquiries on several cybercrime forums on behalf of a large and popular ransomware affiliate program. On the cybercrime forum RAMP , the user Binrs says they are a Rust developer who’s been coding for 6 years.

Ransomware 266

Ransomware IT Government Security 266

Security Affairs

MAY 22, 2022

Researchers uncovered a malware campaign targeting the infoSec community with fake Proof Of Concept to deliver a Cobalt Strike beacon. Researchers from threat intelligence firm Cyble uncovered a malware campaign targeting the infoSec community. Hence, this malware might only target people from this community. Pierluigi Paganini.

Libraries 144

Libraries Information Security Cybersecurity Security 144

The Last Watchdog

OCTOBER 27, 2023

million grant through the MassTech Collaborative’s MassCyberCenter to CyberTrust Massachusetts, a nonprofit dedicated to strengthening the cybersecurity ecosystem, to support cybersecurity resiliency for Massachusetts communities and help develop a talent pipeline at Masschusetts colleges and universities to encourage students to enter the field.

Cybersecurity 100

Cybersecurity Artificial Intelligence Government Education 100

Krebs on Security

NOVEMBER 20, 2020

Freeman was named as a member of a group of alleged SIM swappers called “The Community” charged last year with wire fraud in connection with SIM swapping attacks that netted in excess of $2.4 At least twice in the past few years OGUsers was hacked , and its database of profiles and user messages posted online.

Authentication 243

Authentication Passwords Sales Access 243

Rocket Software

DECEMBER 16, 2021

We strive to create a community that shares experience and knowledge to gain the most value from our solutions and ensure they are meeting customer needs. The Rocket Forum. Our customers can find a community of support on the Rocket Forum, a place where users can participate in discussions and share resources with other members.

IT 81

IT Customer Experience Digital transformation Access 81

Security Affairs

FEBRUARY 19, 2024

The Raccoon stealer is written in C++ by Russian-speaking developers who initially promoted it exclusively on Russian-speaking hacking forums. The malware is now promoted on English-speaking hacking forums, it works on both 32-bit and 64-bit operating systems.

Sales 105

Sales IT Information Security Security 105

Rocket Software

SEPTEMBER 15, 2020

In the past 30 years, Rocket Software has managed to build a strong community of Rocketeers, partners, and customers. Now, we’re looking forward to creating a space for all things Rocket—where all members of the Rocket community can discover, learn, engage, and network. .

Customer Experience 52

Customer Experience 52

Krebs on Security

JUNE 21, 2023

Cyber intelligence firm Intel 471 reports that obelisk57@gmail.com was used to register an account on the forum Blacksoftware under the nickname “ Kerens.” has been associated with the user Kerens on the Russian hacking forum Exploit from 2011 to the present day. ” Meanwhile, the Jabber address masscrypt@exploit.im

e-Delivery 216

e-Delivery Passwords Cybersecurity Sales 216

Krebs on Security

JANUARY 6, 2022

From reading user posts on the Norton Crypto community forum, it seems some longtime Norton customers were horrified at the prospect of their antivirus product installing coin-mining software, regardless of whether the mining service was turned off by default. However, many users have reported difficulty removing the mining program.

Mining 330

Mining Computer and Electronics Blockchain Marketing 330