Cybersecurity authorities have taken down an infrastructure used by a Russian botnet, RSOCKS, that compromised millions of internet-connected devices and computers worldwide. The threat actors have utilised the botnet to execute credential-stuffing attacks against hacked devices, an attack tactic that automatically enters a user’s login credentials on login pages of websites. The DOJ’s published press...Continue Reading
For this year, several dark web domains that trade data from cybercriminal activities have been seized and shut down by the US law enforcement agencies. Last June 7, a new announcement of malicious site seizure was published, which involved the SSNDOB marketplace – a dark web marketplace selling over 24 million stolen social security numbers....Continue Reading
After India announced requiring VPN service providers to retain their clients’ logs for 180 days, some have decided to pull out their services from the country, including Surfshark and ExpressVPN. This decision follows the strict policy of the VPN providers about collecting customers’ logs such as their IP addresses, browsing history, network traffic, session data,...Continue Reading
Last April, the notorious stolen database marketplace RaidForums was seized by the US authorities, alongside the arrest of its founder Diogo Santos Coelho. And just recently, three more malicious dark web portals were announced to have been seized by the FBI and the DOJ, including IPStress, WeLeakInfo, and OVH-Booter. These three cybercrime domains are reported...Continue Reading
A French-Venezuelan cybercriminal named Moises Luis Zagala Gonzalez had been detained for forming two ransomware strains dubbed Thanos and Jigsaw version 2. The US DoJ disclosed the report about Zagala, a cardiologist, who successfully conducted hackings alongside ransomware development to be sold to other cybercriminals. The law enforcement agency also added that Zagala’s crimes are...Continue Reading
India has recently mandated all internet service providers to gather their respective user data for the last five years, based on a press release by the CERT-IN (Indian Computer Emergency Response Team). CERT-In also added that they would be amassing data from service providers such as data centres, VPNs, body corporate, and intermediaries under the...Continue Reading
The sanctions imposed on Russia have forced the cybercrime community in the country to look for alternative options in laundering their illegally-gained money, especially since authorities have also shut down many dark web marketplaces. The Russian threat operators have sought workable solutions to withdraw their profit despite the limited options due to the ongoing Russian-Ukraine...Continue Reading
ZLoader experienced the wrath of Microsoft’s Digital Crimes Unit after it had taken down multiple domains owned by the botnet used as its command-and-control server. The domain takedowns were made possible by Microsoft DCU after it joined forces with several security researchers. According to them, the task given to them by their superiors was more...Continue Reading
The notorious dark web hacker forum and underground marketplace, RaidForums, had recently been shut down by the US authorities during Operation TOURNIQUET, alongside Europol and other law enforcement agencies worldwide. Three of the dark web forum’s administrators were arrested, while the authorities also seized their main website, which now shows a ‘domain seizure’ message from...Continue Reading
A threat actor from Cameroon is found by Google operating malicious websites that sell basset hound puppies to defraud people looking for pet dogs amid the pandemic. Dubbed the ‘puppy fraud scheme’, the identified campaign had already been sued by Google. The operator behind the malicious campaign was a Cameroon-based individual named Nche Noel Ntse,...Continue Reading