Author Archives: BrianKrebs

Hacking Team Used Spammer Tricks to Resurrect Spy Network

July 13, 2015

Last week, hacktivists posted online 400 GB worth of internal emails, documents and other data stolen from Hacking Team, an Italian security firm that has earned the ire of privacy and civil liberties groups for selling spy software to governments worldwide. New analysis of the leaked Hacking Team emails suggests that in 2013 the company used techniques perfected by spammers to hijack Internet address space from a spammer-friendly Internet service provider in a bid to regain control over a spy network it apparently had set up for the Italian National Military Police.

Adobe To Fix Another Hacking Team Zero-Day

July 11, 2015

44 Comments

For the second time in a week, Adobe Systems Inc. says it plans fix a zero-day vulnerability in its Flash Player software that came to light after hackers broke into and posted online hundreds of gigabytes of data from Hacking Team, a controversial Italian company that’s long been accused of helping repressive regimes spy on dissident groups.

Cybercrime Kingpin Pleads Guilty

July 10, 2015

21 Comments

An Estonian man who ran an organized cybercrime ring that infected more than 4 million PCs in over 100 countries with moneymaking malware has pleaded guilty in New York to wire fraud and computer intrusion charges.

Credit Card Breach at a Zoo Near You

July 9, 2015

38 Comments

Service Systems Associates, a company that serves gift shops at zoos and cultural centers across the United States, has acknowledged a breach of its credit and debit card processing systems.

Finnish Decision is Win for Internet Trolls

July 8, 2015

146 Comments

In a win for Internet trolls and teenage cybercriminals everywhere, a Finnish court has decided not to incarcerate a 17-year-old found guilty of more than 50,000 cybercrimes, including data breaches, payment fraud, operating a huge botnet and calling in bomb threats, among other violations.

Adobe to Patch Hacking Team’s Flash Zero-Day

July 7, 2015

57 Comments

Adobe Systems Inc. said today it plans to issue a patch on Wednesday to fix a zero-day vulnerability in its Flash Player software that is reportedly being exploited in active attacks. The flaw was disclosed publicly over the weekend after hackers broke into and posted online hundreds of gigabytes of data from Hacking Team, a controversial Italian company that’s long been accused of helping repressive regimes spy on dissident groups.

Don’t Be Fooled By Phony Online Reviews

July 5, 2015

104 Comments

The Internet is a fantastic resource for researching the reputation of companies with which you may wish to do business. Unfortunately, this same ease-of-use can lull the unwary into falling for marketing scams originally perfected by spammers: Namely, fake reviews and dodgy search engine manipulation techniques that seek to drown out legitimate, negative reviews in a sea of glowing but fake endorsements.

Banks: Card Breach at Trump Hotel Properties

July 1, 2015

55 Comments

The Trump Hotel Collection, a string of luxury hotel properties tied to business magnate and now Republican presidential candidate Donald Trump, appears to be the latest victim of a credit card breach, according to data shared by several U.S.-based banks.

Crooks Use Hacked Routers to Aid Cyberheists

June 29, 2015

54 Comments

Cybercriminals have long relied on compromised Web sites to host malicious software for use in drive-by download attacks, but at least one crime gang is taking it a step further: New research shows that crooks spreading the Dyre malware for use in cyberheists are leveraging hacked wireless routers to deliver their password-stealing crimeware.

A Busy Week for Ne’er-Do-Well News

June 27, 2015

28 Comments

We often hear about the impact of cybercrime, but too seldom do we read about the successes that law enforcement officials have in apprehending those responsible and bringing them to justice. Last week was an especially busy time for cybercrime justice, with authorities across the globe bringing arrests, prosecutions and some cases stiff sentences in connection with a broad range of cyber crimes, including ATM and bank account cashouts, malware distribution and “swatting” attacks.