Gary Warner, UAB

CyberCrime & Doing Time

 An Interpol headline on November 25, 2020 announces "Three arrested as INTERPOL, Group-IB and the Nigeria Police Force disrupt prolific cybercrime group" however the article does not name the suspects.  The Interpol article says the three are "believed to be members of a wider organized crime group responsible for distributing ... Read More

Part One of this post, describing the many components of "The Enisa Cybersecurity Threat Landscape" went over ENISA's Year in Review, the emphasis on Cyber Threat Intelligence, Sector specific threats, Research Topics, and Emerging Trends.  This is "Part Two" where we review the 16 documents that ENISA released to cover ... Read More

 ENISA, the European Union Agency for CyberSecurity, met on October 6, 2020 to review their current recommendations and get any last minute changes.  On October 20, 2020, they released a huge batch of reports that many folks seem to have not seen.  We wanted to take a moment to give ... Read More

 On November 6, 2020, the US Attorney in the Eastern District of Virginia announced the sentence for a husband and wife, Chirag Choksi and Shachi Majmudar, both 36 years old.  This pair had involved themselves in the money laundering side of an international scam ring that preys on the elderly ... Read More

While shutting down the technical aspects of malware is critical (see Trickbot on the Ropes Part 1), the real disincentive to the criminals is when you hit them hard in the money.  That was the objective of Europol's Operation 2BaGoldMule case against QQAAZZ.   Working with partners in 16 countries, including ... Read More

 Trickbot is having a truly bad time this month!  While as of today, Trickbot binaries are being delivered by Emotet, there is every sign that they are struggling.   Emotet's daily activities are best documented by a team of researchers using the collective identity "Cryptolaemus" and sharing news of IOCs and ... Read More

The Eastern District of New York has ruled in the case "United States v. Nicholas Palumbo, et al" effectively putting TollFreeDeals.com and SIPRetail.com out of business.  These are the "Voice Over IP" companies that have allowed millions of overseas calls per day to be routed to Americans, often for the ... Read More

On July 7, 2020, a Grand Jury in Seattle was presented with evidence about the eleven year campaign of Computer Network Intrusion being conducted by two former classmates who hacked for personal profit and the benefit of the Chinese Ministry of State Security. Li Xiaoyu 李啸宇 and Dong Jiazhi 董家志 ... Read More

There are quite a few West African scammers who try to explain away their wealth by claiming they are a "bitcoin entrepreneur" or "real estate investor" when in fact they conduct Business Email Compromise scams against American companies, and Romance Scams against vulnerable women, and steal their money. Back in ... Read More

Last week we shared information about a particularly interesting cluster of scams that focus on their shared use of a set of nameservers where all of the related content seems to be criminal in nature. Working with CAUCE (The Coalition Against Unsolicited Commercial Email) and the ZETAlytics "Massive Passive DNS" ... Read More