Cybercrime

Pierluigi Paganini April 24, 2017
US authorities indicted the suspected operator of the Kelihos Botnet

The Russian hacker Petr Levashov has been indicted in connection with the infamous Kelihos Botnet that was recently dismantled. It isn’t a good period for Russian cyber criminals, last week Roman Valeryevich Seleznev, aka “Track2”, was sentenced to 27 years in prison, he was convicted of causing $170 million in damage by hacking into point-of-sale systems. Today the […]

Pierluigi Paganini April 24, 2017
Europol, European police agencies and private actors dismantled cybercrime ring

The Europol coordinated an international operation that dismantled a cybercrime ring that was offering services and tools to conceal malware. The Europol dismantled a cybercrime ring as the result of a joint investigation conducted by Spanish and British law enforcement authorities (The Spanish National Police, the UK’s Regional Cyber Crime Unit for Tackling North West […]

Pierluigi Paganini April 22, 2017
US Court sentenced Russian hacker Roman Seleznev to 27 years in jail for hacking

Roman Seleznev, the son of the prominent Russian Parliament member Valery Seleznev was sentenced to 27 years in jail for hacking. The Russian hacker Roman Seleznev, aka Track2, was sentenced to 27 years in prison, he was convicted of causing $170 million in damage by hacking into point-of-sale systems. This sentence is the longest one ever imposed in […]

Pierluigi Paganini April 21, 2017
Anatomy of Cybercriminal Communications: Why do crooks prefer Skype

Security firm Flashpoint published an interesting paper titled, ‘Cybercrime Economy: An Analysis of Cybercriminal Communication Strategies‘ about cybercriminal communications of threat actors. A recent research by the threat intelligence firm Flashpoint has uncovered how malicious threat actors communicate to share information between them. The research has found out that there is a growing economy in the […]

Pierluigi Paganini April 19, 2017
Critical vulnerability in Drupal References Module opens 120,000 Sites to hack

A critical vulnerability affects the Drupal References module that is used by hundreds of thousands of websites using the popular CMS. The Drupal security team has discovered a critical vulnerability in a third-party module named References. The Drupal team published a Security advisory on April 12 informing its users of the critical flaw. The flaw has a huge impact on […]

Pierluigi Paganini April 19, 2017
InterContinental Hotels Group, the international hotel chain confirmed a second credit card breach

The InterContinental Hotels Group announced that last week payment card systems at more than 1,000 of its hotels had been compromised by crooks. The multinational hotel chain owns prestigious brands like Holiday Inn and Crowne Plaza. This is the second time that the InterContinental Hotels Group suffers a credit card breach, early this year the hotel chain […]

Pierluigi Paganini April 18, 2017
Karmen Ransomware, a cheap RaaS service that implements anti-analysis features

Experts at Recorded Future have discovered a cheap RaaS, the Karmen Ransomware that deletes decryptor if detects a sandbox. Security experts from threat intelligence firm Recorded Future have spotted a new ransomware as a service (RaaS) called Karmen. The service allows customers to easy create their ransomware campaign in a few steps and without specific skills. Wannabe-crooks […]

Pierluigi Paganini April 18, 2017
Who is offering the CradleCore Ransomware as source code?

CradleCore ransomware is a malware offered in the underground as a source code, instead of the classic ransomware-as-a-service (RaaS) model. According to the experts at Forcepoint, the author is offering the malware in many Tor-based crime forums as source code allowing crooks to request a customized version of the code. The CradleCore ransomware is offered by the author as a […]

Pierluigi Paganini April 17, 2017
Terror EK rising in the threat landscape while Sundown EK drops

The Sundown EK has been inactive since early this year, the Terror EK is being very popular in the cybercriminal ecosystem. One year ago the Angler EK and Nuclear EK disappeared from the threat landscape, while the Sundown EK was conquering the criminal underground. What’s happening now? The Sundown EK has been inactive since early this year, the […]

Pierluigi Paganini April 16, 2017
Facebook dismantled a huge spam campaign leveraging bogus accounts

Facebook disrupted an international spam campaign leveraging on bogus accounts used to create “likes” and bogus comments. The security team at Facebook has disrupted an international spam operation after a six months investigation. The company has neutralized a coordinated campaign that was leveraging on bogus accounts used to create inauthentic likes and comments. “Today we are taking another […]