Category: Hacker

May 18, 2023

A U.S. national has pleaded guilty in a Missouri court to operating a darknet carding site and selling financial information belonging to tens of thousands of victims in the country. Michael D. Mihalo, aka Dale Michael Mihalo Jr. and ggmccloud1, […]

May 17, 2023

The US Justice Department charged Russian national Mikhail Pavlovich Matveev (30), aka Wazawaka, m1x, Boriselcin, and Uhodiransomwar, for his alleged role in multiple ransomware attacks. The DoJ unsealed two indictments charging the man with using three different ransomware families in […]

May 15, 2023

A former employee of Ubiquiti has been sentenced to six years in jail after he pleaded guilty to posing as an anonymous hacker and a whistleblower in an attempt to extort almost $2 million worth of cryptocurrency while working at […]

April 18, 2023

The Iranian threat actor known as MuddyWater is continuing its time-tested tradition of relying on legitimate remote administration tools to commandeer targeted systems. While the nation-state group has previously employed ScreenConnect, RemoteUtilities, and Syncro, a new analysis from Group-IB has […]

April 3, 2023

According to data collected by Fortinet, based on the number of devices connecting to attacker-controlled infrastructure, the highest percentage of victims is in Italy, followed by Germany, Austria, the United States, South Africa, Australia, Switzerland, the Netherlands, Canada and the […]

March 24, 2023

A recent campaign undertaken by Earth Preta indicates that nation-state groups aligned with China are getting increasingly proficient at bypassing security solutions. The threat actor, active since at least 2012, is tracked by the broader cybersecurity community under Bronze President, […]

March 10, 2023

Google-owned Mandiant said the threat cluster shares “multiple overlaps” with a long-running operation dubbed “Dream Job” that employs job recruitment lures in email messages to trigger the infection sequence. UNC2970 is the new moniker designated by the threat intelligence firm […]

March 9, 2023

Fortinet researchers observed the mining group 8220 Gang using a new crypter called ScrubCrypt in cryptojacking attacks. “Between January and February 2023, FortiGuard Labs observed a payload targeting an exploitable Oracle Weblogic Server in a specific URI.” reads the analysis […]

March 8, 2023

The North Korea-linked Lazarus Group has been observed weaponizing flaws in an undisclosed software to breach a financial business entity in South Korea twice within a span of a year. While the first attack in May 2022 entailed the use […]

March 6, 2023

In a joint effort, the German Regional Police, Ukrainian National Police, Europol, Dutch Police, and FBI joined forces on February 28, 2023, to take down the masterminds behind a notorious criminal organization responsible for unleashing devastating cyberattacks using the DoppelPaymer […]

February 27, 2023

The Dutch police announced the arrest of three individuals in connection with a “large-scale” criminal operation involving data theft, extortion, and money laundering. The suspects include two 21-year-old men from Zandvoort and Rotterdam and an 18-year-old man without a permanent […]

February 24, 2023

The war in Ukraine has seen the emergence of new forms of cyberattacks, and hacktivists became savvier and more emboldened to deface sites, leak information and execute DDoS attacks, according to Trellix. “Q4 saw malicious actors push the limits of […]

February 23, 2023

Materials research organizations in Asia have been targeted by a previously unknown threat actor using a distinct set of tools. Symantec, by Broadcom Software, is tracking the cluster under the moniker Clasiopa. The origins of the hacking group and its […]

February 15, 2023

A U.S. jury returned a guilty verdict against a man who ran a criminal hacking scheme that earned $90 million via insider trading while running a Moscow-based IT services firm associated with the Russian government. After a 10-day trial, a […]

February 14, 2023

Nine suspects have been arrested — eight in Madrid and one in Miami — for their suspected participation in a cybercriminal organization accused of stealing more than 5 million euros from unsuspecting victims in less than a year. The joint […]

February 13, 2023

Cybercriminals remained active in spying and information stealing, with lottery-themed adware campaigns used as a tactic to obtain people’s contact details, according to Avast. Threats using social engineering to steal money, such as refund and invoice fraud and tech support […]

February 8, 2023

A Russian national on February 7, 2023, pleaded guilty in the U.S. to money laundering charges and for attempting to conceal the source of funds obtained in connection with Ryuk ransomware attacks. Denis Mihaqlovic Dubnikov, 30, was arrested in Amsterdam […]

February 7, 2023

Threat actors are leveraging known flaws in Sunlogin software to deploy the Sliver command-and-control (C2) framework for carrying out post-exploitation activities. The findings come from AhnLab Security Emergency response Center (ASEC), which found that security vulnerabilities in Sunlogin, a remote […]

February 2, 2023

A threat intelligence firm spotted North Korean hackers engaged in technological espionage in a campaign that betrayed recurring elements of the Pyongyang hacking toolkit. Cybersecurity firm WithSecure says it detected a campaign targeting the medical research and energy sectors that […]

February 2, 2023

Security researchers on Feb. 2 reported that they have detected a cyberattack campaign by the North Korean Lazarus Group, targeting medical research and energy organizations for espionage purposes. The attribution was made by threat intelligence analysts for WithSecure, which discovered […]