Category Archives: Ne’er-Do-Well News

Carding Kingpin Sentenced Again. Yahoo Hacker Pleads Guilty

December 1, 2017

Roman Seleznev, a Russian man who is already serving a record 27-year sentence in the United States for cybercrime charges, was handed a 14-year sentence this week by a federal judge in Atlanta for his role in a credit card and identity theft conspiracy that prosecutors say netted more than $50 million. Separately, a Canadian national has pleaded guilty to charges of helping to steal more than a billion user account credentials from Yahoo.

Correcting the Record on vDOS Prosecutions

November 21, 2017

11 Comments

KrebsOnSecurity recently featured a story about a New Mexico man who stands accused of using the now-defunct vDOS attack-for-hire service to hobble the Web sites of several former employers. That piece stated that I wasn’t aware of any other prosecutions related to vDOS customers, but as it happens there was a prosecution in the United Kingdom earlier this year of a man who’s admitted to both using and helping to administer vDOS. Here’s a look at some open-source clues that may have led to the U.K. man’s arrest.

Canadian Man Behind Popular ‘Orcus RAT’

July 21, 2016

98 Comments

Far too many otherwise intelligent and talented software developers these days apparently think they can get away with writing, selling and supporting malicious software and then couching their commerce as a purely legitimate enterprise. Here’s the story of how I learned the real-life identity of Canadian man who’s laboring under that same illusion as proprietor of one of the most popular and affordable tools for hacking into someone else’s computer.

Serial Swatter, Stalker and Doxer Mir Islam Gets Just 1 Year in Jail

July 11, 2016

89 Comments

Mir Islam, a 21-year-old Brooklyn man who pleaded guilty to an impressive array of cybercrimes including cyberstalking, “doxing” and “swatting” celebrities and public officials (as well as this author), was sentenced in federal court today to two years in prison. Unfortunately, thanks to time served in this and other cases, Islam will only see a year of jail time in connection with some fairly heinous assaults that are becoming all too common.

FBI Raids Spammer Outed by KrebsOnSecurity

June 16, 2016

25 Comments

Michael A. Persaud, a California man profiled in a Nov. 2014 KrebsOnSecurity story about a convicted junk email artist currently identified by anti-spam activists as one of the world’s Top 10 Worst Spammers, was reportedly raided by the FBI in connection with a federal spam investigation.

Mir Islam – the Guy the Govt Says Swatted My Home – to be Sentenced June 22

June 1, 2016

57 Comments

On March 14, 2013 our humble home in Annandale, Va. was “swatted” — that is to say, surrounded by a heavily-armed police force that was responding to fraudulent reports of a hostage situation at our residence. Later this month the government will sentence 21-year-old hacker named Mir Islam for that stunt and for leading a criminal conspiracy allegedly engaged in a pattern of swatting, identity theft and wire fraud.

Got $90,000? A Windows 0-Day Could Be Yours

May 31, 2016

32 Comments

How much would a cybercriminal, nation state or organized crime group pay for blueprints on how to exploit a serious, currently undocumented, unpatched vulnerability in all versions of Microsoft Windows? That price probably depends on the power of the exploit and what the market will bear at the time, but here’s a look at one convincing recent exploit sales thread from the cybercrime underworld where the current asking price for a Windows-wide bug that allegedly defeats all of Microsoft’s current security defenses is USD $90,000.

SpyEye Makers Get 24 Years in Prison

April 20, 2016

46 Comments

Two hackers convicted of making and selling the infamous SpyEye botnet creation kit were sentenced in Atlanta today to a combined 24 years in prison for helping to infect hundreds of thousands of computers with malware and stealing millions from unsuspecting victims.

‘Blackhole’ Exploit Kit Author Gets 7 Years

April 14, 2016

42 Comments

A Moscow court this week convicted and sentenced seven hackers for breaking into countless online bank accounts — including “Paunch,” the nickname used by the author of the infamous “Blackhole” exploit kit. Once an extremely popular crimeware-as-a-service offering, Blackhole was for several years responsible for a large percentage of malware infections and stolen banking credentials, and likely contributed to tens of millions of dollars stolen from small to mid-sized businesses over several years.

Guy Who Tried to Frame Me In Heroin Plot Pleads Guilty to Cybercrime Charges

January 20, 2016

52 Comments

A Ukrainian man who tried to frame me for heroin possession has pleaded guilty to multiple cybercrime charges in U.S. federal court, including credit card theft and hacking into more than 13,000 computers.