Hot Topics

DomainTools.com

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

| | @htmalgae, 8Base Ransomware, AtomicStealer, Breadcrumbs, Data breaches, DomainTools.com, Google.com, MalwareBytes, Microsoft Teams, Mihail Kolesnikov, Ne'er-Do-Well News, Ransomware, Rilide, Trustwave SpiderLabs
The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has ...
Krebs on Security
Who and What is Behind the Malware Proxy Service SocksEscort?

Who and What is Behind the Malware Proxy Service SocksEscort?

| | A Little Sunshine, Adrian Crismaru, AVrecon, Black Lotus Labs, DomainTools.com, Intel471, Internet of Things (IoT), Lumen, Riley Kilmer, SocksEscort, spur.us, Web Fraud 2.0, wiremo
Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Now new findings reveal that AVrecon ...
Krebs on Security
Ask Fitis, the Bear: Real Crooks Sign Their Malware

Ask Fitis, the Bear: Real Crooks Sign Their Malware

| | 165540027, [email protected], [email protected], Breadcrumbs, code signing certificates, Constella Intelligence, DomainTools.com, featar24, Fitis, Flashpoint, Glavmed, Intel 471, Konstantin Evgenievich Fetisov, Megatraffer, Ne'er-Do-Well News, O.R.Z., Spamit, [email protected]
Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these ...
Krebs on Security
A Serial Tech Investment Scammer Takes Up Coding?

A Serial Tech Investment Scammer Takes Up Coding?

| | A Little Sunshine, Alan John Mykhailov, Blackstone Corporate Alliance Ltd, Breadcrumbs, CodesToYou, Colette Davies, David Bruno, DomainTools.com, Drydennow.com, Igor Gubskyi, Igor Hubskyi, Iryna Davies, John Bernard, John Clifton Davies, Maria Yakovleva, Mariya Kulikova, MySolve, Ne'er-Do-Well News, SafeSwiss Secure Communication AG, Secure Swiss Data, The Inside Knowledge GmbH
John Clifton Davies, a 60-year-old con man from the United Kingdom who fled the country in 2015 before being sentenced to 12 years in prison for fraud, has enjoyed a successful life ...
Krebs on Security
Who’s Behind the ‘Web Listings’ Mail Scam?

Who’s Behind the ‘Web Listings’ Mail Scam?

| | Appco Group, Breadcrumbs, charity muggers, Chris Niarchos, Cobra Group, DomainTools.com, Farsight Security, GDS International, gdsinternationalus.com, gobananas.com, helpmego.to, HMGT Services Ltd., Mark A. Scott, Redwoods Advance, reputationmanagementfor.com, Robert Paul Graham Scott, scubadog_uk, Web Fraud 2.0, web-listings.net, web-listingsinc.com, weblistingservices.com, weblistingsinc.net, weblistingsinc.org, weblistingsreports.net, webservicescorp.net, websiteservicescorp.com, webtechnologiesletter.com
In December 2018, KrebsOnSecurity looked at how dozens of U.S. political campaigns, cities and towns had paid a shady company called Web Listings Inc. after receiving what looked like a bill for ...
Krebs on Security
The Case for Limiting Your Browser Extensions

The Case for Limiting Your Browser Extensions

| | 212b3d4039ab5319ec.js, Blue Shield of California, Breadcrumbs, cndpps, DomainTools.com, [email protected], icontent, linkojager, metrext, monetizus, Page Ruler extension, Peter Newnham, thisadsfor
Last week, KrebsOnSecurity reported to health insurance provider Blue Shield of California that its Web site was flagged by multiple security products as serving malicious content. Blue Shield quickly removed the unauthorized ...
Krebs on Security
French Firms Rocked by Kasbah Hacker?

French Firms Rocked by Kasbah Hacker?

| | +212611604438, 4iq.com, Breadcrumbs, DomainTools.com, fatal.001, FatalW01, Hyas, hyas.com, [email protected], njrat, Sasha Angus, talainine.com, Yamosoft, Yassine Algangaf, Yassine Majidi
A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity ...
Krebs on Security
Hackers Sell Access to Bait-and-Switch Empire

Hackers Sell Access to Bait-and-Switch Empire

| | A Little Sunshine, arrestrecords.us.org, autohistorychecks.com, backgroundchecks.us.org, Breadcrumbs, carhistory.us.org, carhistoryindex.com, carinfo2.com, carrecordusa.com, census.us.org, courtrecords.us.org, criminalrecords.us.org, Data breaches, deathcertificates.us.org, deathrecord.com, deathrecords.us.org, dmv.us.org, dmvinfocheck.com, dmvrecords.co, DomainTools.com, homevalue.us.org, jailinmates.us.org, Jason Oster, Jesse Willms, Latest Warnings, memberreportaccess.com, Mike Stef, mugshots.us.org, myfeeplan.com, myinfobill.com, Ne'er-Do-Well News, Penguin Marketing, Peter Graver, phonelookup.us.org, police.us.org, prison.us.org, propertyrecord.com, propertysearch.us.org, publicrecords.us.org, reversephonelookup.us.org, Taylor Clark, Terra Marketing Group, The Atlantic, The Coming Storm, The Dark Overlord, trafficticket.us.org, vehiclehistoryreports.us.org, vehiclereportusa.com, vinsearchusa.org, warrantcheck.com
Cybercriminals are auctioning off access to customer information stolen from an online data broker behind a dizzying array of bait-and-switch Web sites that sell access to a vast range of data on ...
Krebs on Security

Secure Guardrails