While shutting down the technical aspects of malware is critical (see Trickbot on the Ropes Part 1), the real disincentive to the criminals is when you hit them hard in the money.  That was the objective of Europol's Operation 2BaGoldMule case against QQAAZZ.   Working with partners in 16 countries, including ... Read More

 Trickbot is having a truly bad time this month!  While as of today, Trickbot binaries are being delivered by Emotet, there is every sign that they are struggling.   Emotet's daily activities are best documented by a team of researchers using the collective identity "Cryptolaemus" and sharing news of IOCs and ... Read More

The Eastern District of New York has ruled in the case "United States v. Nicholas Palumbo, et al" effectively putting TollFreeDeals.com and SIPRetail.com out of business.  These are the "Voice Over IP" companies that have allowed millions of overseas calls per day to be routed to Americans, often for the ... Read More

On July 7, 2020, a Grand Jury in Seattle was presented with evidence about the eleven year campaign of Computer Network Intrusion being conducted by two former classmates who hacked for personal profit and the benefit of the Chinese Ministry of State Security. Li Xiaoyu 李啸宇 and Dong Jiazhi 董家志 ... Read More

There are quite a few West African scammers who try to explain away their wealth by claiming they are a "bitcoin entrepreneur" or "real estate investor" when in fact they conduct Business Email Compromise scams against American companies, and Romance Scams against vulnerable women, and steal their money. Back in ... Read More

Last week we shared information about a particularly interesting cluster of scams that focus on their shared use of a set of nameservers where all of the related content seems to be criminal in nature. Working with CAUCE (The Coalition Against Unsolicited Commercial Email) and the ZETAlytics "Massive Passive DNS" ... Read More

There's a famous line in the movie Jerry McGuire where Tom Cruise's character says "Show me the Money!" In online investigations, I prefer the line "Show me the Data!" This morning I was doing just that and found an interesting cluster of badness.Dr. Elizabeth Gardner at UAB leads our Forensic ... Read More

Last month we shared information on the blog about spam-driven affiliate programs who were selling a variety of shady "anti-Coronavirus" products, including immunity oils, masks, disinfectants, and no-touch thermometers. (See: CAUCE Spamfighters Rally Against Corona Health Fraud Affiliate programs ). Today I wanted to share an update regarding another type ... Read More

This post may seem off-topic for my regular cybercrime and cyber security readers, but these are unusual times. Regular readers know that part of what my team at the UAB Computer Forensics Research Lab has been working on is looking for scams and fraud related to Covid-19 / CoronaVirus. Part ... Read More

Earlier this week I was chatting with one of the top experts on Russian Cybercrime (who has asked to remain anonymous here). We were discussing the news that was released on 24MAR2020 that the FSB had raided 62 addresses in 11 regions of Russia arresting cybercriminals for their involvement in ... Read More