Articles about Cybercrime

Probing the online phish market reveals thriving, profitable underworld

A new study has lifted the lid on the booming ecosystems of fake websites that underpin phishing scams, revealing a wide variety of prices and products from cheap knock-ups to bespoke fraud services offering concierge-level customer support. Infosec firm Clearsky surfed popular Russian and English-speaking underground boards …
John Leyden, 24 Aug 2017
businessman shrugging - illustration via shutterstock

10% of UK's top firms would be screwed in a cyber attack – survey

Most of the UK's top businesses are underprepared for new data protection rules, while 10 per cent have no response plan for a cyber attack, according to a government survey. This year's annual cyber governance health check (PDF) asked FTSE 350 companies about both their cyber security and data protection measures – the latter …
Rebecca Hill, 21 Aug 2017
Leigh-Anne Galloway  B Sides manchester talk on ATM. screen grab from video

What weighs 800kg and runs Windows XP? How to buy an ATM for fun and profit

BSides Weighing in at 800kg secondhand, freestanding ATMs - a “safe with a computer on top” - are a logistical nightmare to own and research, security boffin Leigh-Anne Galloway warned delegates at the BSides Manchester infosec conference yesterday. b sides manchester talk on ATM. scrren grab from video Security boffin Leigh-Anne …
John Leyden, 18 Aug 2017

APT-style attack against over 4,000 infrastructure firms blamed on lone Nigerian 20-something

A seemingly state-sponsored cyberattack aimed at more than 4,000 infrastructure companies has been blamed on a lone Nigerian cybercriminal. The campaign started in April 2017, and has targeted some of the largest international organisations in the oil, gas, manufacturing, banking and construction industries. The global scale …
John Leyden, 15 Aug 2017
Marcus Hutchins

WannaCry vanquisher Marcus Hutchins pleads not guilty to flogging banking trojan Kronos

Marcus Hutchins, the WannaCry kill-switch hero, has today pleaded not guilty to charges of creating and selling malware at a hearing in Milwaukee, Wisconsin. The court took the unusual step of relaxing the the 23-year-old's bail terms, allowing him to access the internet and work again. He will also be able to live in Los …
John Leyden, 14 Aug 2017

Ukrainian man, 51, cuffed on suspicion of distributing NotPetya

A middle-aged Ukrainian has been arrested on suspicion of acting as an agent in distributing the infamous NotPetya ransomware. Sergey Neverov, 51, a video blogger and computer enthusiast from Nikopol, was cuffed by Ukrainian police on August 7 (official statement in Ukrainian here). Neverov is accused of posting a video …
John Leyden, 11 Aug 2017

Strong and stable, my arse. UK wobbles when coping with ransomware

A third of businesses have suffered a ransomware attack in the last 12 months, according to a new survey sponsored by Malwarebytes. Globally, most organisations experienced some form of attack or breach during the past year, with 35 per cent suffering a ransomware attack specifically. Ransomware demands are relatively low, …
John Leyden, 27 Jul 2017

Briton admits to router hack that DDoSed Deutsche Telekom

An as yet unnamed 29-year-old pleaded guilty on Friday to charges relating to the hijacking of more than 1.25 million Deutsche Telekom routers, according to reports in the German press. German news agency DPA and others quoted a court spokesman as saying the accused, who pleaded guilty to "attempted computer sabotage", had " …
John Leyden, 24 Jul 2017

AlphaBay and Hansa: About those dark web marketplaces takedowns

Analysis A US Federal Bureau of Investigation veteran has spoken out on the international police ops that led to the takedown of dark web drug souks AlphaBay and Hansa, giving an insider's look at the process. Joseph Campbell served for 25 years in the FBI, where he led criminal investigations into child exploitation and the trade in …
John Leyden, 24 Jul 2017

But how does our ransomware make you feel?

Ransomware crooks have become skilled psychological manipulators in their attempts to fleece victims of file-encrypting malware. Analysis of the psychology behind ransomware "splash screens", the initial warning screens of ransomware attacks, commissioned by SentinelOne, reveals how social engineering tactics are used by cyber …
John Leyden, 21 Jul 2017

School of card knocks: Russophone criminals offered online courses in credit card fraud

Cyber crime lords have come up with a new money-spinner – Russian-language e-learning courses geared towards teaching the skills necessary to rip off consumers and card companies. Risk management firm Digital Shadows flagged up the course as part of a wider report into trends in underground carding forums. The study, published …
John Leyden, 19 Jul 2017
Image by gyn9037

Targeted, custom ransomware menace rears its ugly head

Attackers are manually deploying ransomware directly into target networks to maximise the damage and potential payout. Unlike "spray-and-pray" attacks such as WannaCrypt, which hit victims at random, targeted attacks that manually execute the ransomware enable criminals to ensure they have locked mission-critical files that …
John Leyden, 19 Jul 2017

CoinDash crowdfunding hack further dents trust in crypto-trading world

More than $7m was stolen by hackers on Monday from folks investing in a cryptocurrency startup. Israel-based CoinDash – which bills itself as an "an operating system" for "interacting, handling and trading crypto assets" – launched what's called an initial coin offering. This is a process in which people buy virtual tokens …
John Leyden, 18 Jul 2017
Dread Pirate Roberts

Dark web souk AlphaBay shuts for good after police raids

Dark web marketplace AlphaBay's closure last week followed an international law enforcement operation and multiple raids, it has emerged. It has also been reported that a key suspect who was arrested in the raids has died in custody. The world’s biggest online drug bazaar dropped offline on 5 July, sparking fears that its …
John Leyden, 14 Jul 2017

Dial S for SQLi: Now skiddies can order web attacks via text message

Hackers are touting a tool that allows any idiot with a smartphone to conveniently order up mass SQL injection attacks against websites. From what we can tell, you can either rent an instance of the crooks' Katyusha Scanner Pro for $200 per month, or install a copy on your own system for $500. This software uses the Anarchi …
John Leyden, 12 Jul 2017
Bitcoin, photo via Shutterstock

Breached Bitcoin Bithumb bosses blame bod's BYOD

South Korean cyber-cops are probing a hacking attack on Bithumb, one of the world's biggest Bitcoin exchanges. Miscreants were able to get hold of personal information – email addresses, names, and cellphone numbers – of roughly 32,000 Bithumb users, or three per cent of the exchange's user base. The website is a pretty big …
John Leyden, 6 Jul 2017
bank robbery

Ker-ching! NotPetya hackers cash out, demand 100 BTC for master decrypt key

All the Bitcoins paid by victims of the NotPetya ransomware attack were withdrawn overnight. Some paid the equivalent of $300 in Bitcoin even though there were no real means to recover their data. Just over 3.96 Bitcoins ($10,382) were drained from a wallet tied to NotPetya early on Wednesday morning, according to a Twitter …
John Leyden, 5 Jul 2017

For all the chaos it sows, fewer than 1% of threats are actually ransomware

Ransomware dominated the threat landscape last year even though file-encrypting nasties made up less than one in a hundred examples of different Windows malware during 2016. The mode of action and damage created by file-encrypting trojans makes them a much greater threat than implied by a consideration of the numbers, …
John Leyden, 4 Jul 2017

Create a news alert about Cybercrime, or find more stories about Cybercrime.

Biting the hand that feeds IT © 1998–2018