Author Archives: BrianKrebs

New Site Recovers Files Locked by Cryptolocker Ransomware

August 6, 2014

Until today, Microsoft Windows users who’ve been unfortunate enough to have the personal files on their computer encrypted and held for ransom by a nasty strain of malware called CryptoLocker have been faced with a tough choice: Pay cybercrooks a ransom of a few hundred to several thousand dollars to unlock the files, or kiss those files goodbye forever. That changed this morning, when two security firms teamed up to launch a free new online service that can help victims unlock and recover files scrambled by the malware.

Q&A on the Reported Theft of 1.2B Email Accounts

August 6, 2014

109 Comments

My phone and email have been flooded with requests from various media outlets over the past 12 hours since security consultancy Hold Security dropped the news that a Russian gang has stolen more than a billion email account credentials. Rather than respond to each of them in turn, allow me to add a bit of perspective here in the most direct way possible: The Q&A.

‘White Label’ Money Laundering Services

August 4, 2014

42 Comments

Laundering the spoils from cybercrime can be a dicey affair, fraught with unreliable middlemen and dodgy, high-priced services that take a huge cut of the action. But large-scale cybercrime operations can avoid these snares and become much more profitable when they’re able to disguise their operations as legitimate businesses operating in the United States, and increasingly they are doing just that.

Sandwich Chain Jimmy John’s Investigating Breach Claims

July 31, 2014

86 Comments

Sources at a growing number of financial institutions in the United States say they are tracking a pattern of fraud that indicates nationwide sandwich chain Jimmy John’s may be the latest retailer dealing with a breach involving customer credit card data. The company says it is working with authorities on an investigation.

Hackers Plundered Israeli Defense Firms that Built ‘Iron Dome’ Missile Defense System

July 28, 2014

138 Comments

Three Israeli defense contractors responsible for building the “Iron Dome” missile shield currently protecting Israel from a barrage of rocket attacks were compromised by hackers and robbed of huge quantities of sensitive documents pertaining to the shield technology, KrebsOnSecurity has learned.

Service Drains Competitors’ Online Ad Budget

July 25, 2014

72 Comments

The longer one lurks in the Internet underground, the more difficult it becomes to ignore the harsh reality that for nearly every legitimate online business there is a cybercrime-oriented anti-business. Case in point: Today’s post looks at a popular service that helps crooked online marketers exhaust the Google AdWords budgets of their competitors.

Feds: Hackers Ran Concert Ticket Racket

July 23, 2014

34 Comments

A Russian man detained in Spain is facing extradition to the United States on charges of running an international cyber crime ring that allegedly stole more than $10 million in electronic tickets from e-tickets vendor StubHub.

Banks: Card Breach at Goodwill Industries

July 21, 2014

84 Comments

Heads up, bargain shoppers: Financial institutions across the country report that they are tracking what appears to be a series of credit card breaches involving Goodwill locations nationwide. Goodwill Industries International Inc. says it is working with federal authorities on an investigation into these reports.

Even Script Kids Have a Right to Be Forgotten

July 18, 2014

36 Comments

Indexeus, a new search engine that indexes user account information acquired from more than 100 recent data breaches, has caught many in the hacker underground off-guard. That’s because the breached databases crawled by this search engine are mostly sites frequented by young ne’er-do-wells who are just getting their feet wet in the cybercrime business.

Wireless Live CD Alternative: ZeusGard

July 16, 2014

126 Comments

I’ve long recommended that small business owners and others concerned about malware-driven bank account takeovers consider adopting a “Live CD” solution, which is a free and relatively easy way of temporarily converting your Windows PC into a Linux operating system. The trouble with many of these Live CD solutions is that they require a CD player (something many laptops no longer have) — but more importantly – they don’t play well with wireless access. Today’s post looks at an alternative that addresses both of these issues.