Big names among thousands infected by payment-card-stealing CosmicSting crooks

October 3, 2024 at 11:49PM Numerous well-known brands’ web stores, including Ray-Ban and National Geographic, were targeted by criminals using the CosmicSting flaw in Adobe’s Commerce and Magento software. The vulnerability, CVE-2024-34102, allowed stolen shopper payment card information. At least seven cybercrime gangs exploited the flaw, despite Adobe’s patch. Multiple groups are fighting for control … Read more

Two British-Nigerian men sentenced over multimillion-dollar business email scam

October 3, 2024 at 08:39AM British-Nigerian men Oludayo Kolawole John Adeagbo, 45, and Donald Ikenna Echeazu, 42, have been sentenced for email fraud schemes in the US, earning millions. Adeagbo was sentenced to seven years for affecting Texas and North Carolina organizations, while Echeazu received 18 months. Their scams involved construction projects and local government … Read more

INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa

October 3, 2024 at 06:39AM INTERPOL announced the arrest of eight individuals in Côte d’Ivoire and Nigeria as part of Operation Contender 2.0 to tackle cyber-enabled crimes in West Africa. The campaign targeted phishing and romance scams, resulting in financial losses of over $1.4 million. The importance of continued international cooperation in combating cybercrime was … Read more

FIN7 hackers launch deepfake nude “generator” sites to spread malware

October 2, 2024 at 04:05PM FIN7, a notorious APT hacking group, has launched fake AI-powered deepnude generator sites to spread malware. This Russian group is known for financial fraud and social engineering attacks. The network of fake deepnude sites lures in users with promises of generating explicit images, but actually spreads information-stealing malware. Other campaigns … Read more

Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals

October 2, 2024 at 11:27AM A recent spear-phishing email campaign targeted recruiters using the More_eggs JavaScript backdoor, with actors posing as fake job applicants to infect systems. The malware, attributed to the Golden Chickens group, enables credential theft and has been linked to several e-crime groups. Trend Micro observed a variation of the campaign utilizing … Read more

LockBit Associates Arrested, Evil Corp Bigwig Outed

October 1, 2024 at 04:39PM In recent actions under Operation Cronos, Europol and Eurojust have made multiple arrests and seized devices associated with the LockBit ransomware gang. New ties have been revealed between LockBit and the infamous Evil Corp cybercrime organization. Efforts are ongoing to recover files affected by LockBit ransomware in various sectors through … Read more

Euro cops arrest 4 including suspected LockBit dev chilling on holiday

October 1, 2024 at 01:38PM Authorities have arrested four individuals linked to the dismantled LockBit ransomware empire. French law prohibits naming the arrested, but a post on LockBit’s leak blog confirms severe charges in France. The UK also apprehended two individuals linked to LockBit. The Spanish Guardia Civil arrested a key suspect at Madrid airport. … Read more

Evil Corp hit with new sanctions, BitPaymer ransomware charges

October 1, 2024 at 12:37PM The United States, United Kingdom, and Australia have imposed new sanctions on the cybercrime syndicate Evil Corp, with the US indicting an individual for conducting BitPaymer ransomware attacks. The sanctions target both individuals and entities associated with Evil Corp, freezing assets and prohibiting transactions with businesses based in the US, … Read more

Police arrest four suspects linked to LockBit ransomware gang

October 1, 2024 at 11:43AM Law enforcement agencies from 12 countries arrested four suspects connected to the LockBit ransomware gang, including a developer, a hosting service admin, and two others involved in LockBit activity. The joint action led to server seizures and involved Operation Cronos, resulting in additional sanctions and previous arrests of LockBit actors. … Read more

Evil Corp’s deep ties with Russia and NATO member attacks exposed

October 1, 2024 at 11:42AM Evil Corp, a notorious cybercrime organization, is believed to have had an exceptionally close relationship with the Russian state, which allegedly ordered the group to carry out cyberattacks on NATO members. The group’s leader, Maksim Yakubets, is suspected to have strong ties to the Russian intelligence services, with support from … Read more