Category Archives: A Little Sunshine

Includes investigative blog posts meant to shine a light on the darker corners of the Internet.

Should Failing Phish Tests Be a Fireable Offense?

May 29, 2019

Would your average Internet user would be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails? Recently, I met someone at a conference who said his employer had in fact terminated employees for such repeated infractions. As this was the first time I’d ever heard of an organization actually doing this, I asked some phishing experts what they thought (spoiler alert: they’re not fans of this particular teaching approach).

Account Hijacking Forum OGusers Hacked

May 18, 2019

72 Comments

Ogusers[.]com — a forum popular among people involved in hijacking online accounts and conducting SIM swapping attacks to seize control over victims’ phone numbers — has itself been hacked, exposing the email addresses, hashed passwords, IP addresses and private messages for nearly 113,000 forum users.

Credit Union Sues Fintech Giant Fiserv Over Security Claims

May 3, 2019

41 Comments

A Pennsylvania credit union is suing financial industry technology giant Fiserv, alleging that “baffling” security vulnerabilities in the company’s software are “wreaking havoc” on its customers. The credit union said the investigation that fueled the lawsuit was prompted by a 2018 KrebsOnSecurity report about a glaring security weakness a Fiserv platform that exposed personal and financial details of customers across hundreds of bank Web sites.

Data: E-Retail Hacks More Lucrative Than Ever

April 30, 2019

60 Comments

For many years and until quite recently, credit card data stolen from online merchants has been worth far less in the cybercrime underground than cards pilfered from hacked brick-and-mortar stores. But new data suggests that over the past year, the economics of supply-and-demand have helped to double the average price fetched by card-not-present data, meaning cybercrooks now have far more incentive than ever to target e-commerce stores.

Who’s Behind the RevCode WebMonitor RAT?

April 22, 2019

65 Comments

The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT, a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.

Wipro Intruders Targeted Other Major IT Firms

April 18, 2019

47 Comments

The criminals responsible for launching phishing campaigns that netted dozens of employees and more than 100 computer systems last month at Wipro, India’s third-largest IT outsourcing firm, also appear to have targeted a number of other competing providers, including Infosys and Cognizant — two other large technology consulting companies, new evidence suggests.

How Not to Acknowledge a Data Breach

April 17, 2019

112 Comments

I’m not a huge fan of stories about stories, or those that explore the ins and outs of reporting a breach. But occasionally it seems necessary to publish such accounts when companies respond to a breach report in such a way that it’s crystal clear that they wouldn’t know what to do with a breach if it bit them in the nose, let alone festered unmolested in some dark corner of their operations.

‘Land Lordz’ Service Powers Airbnb Scams

April 14, 2019

28 Comments

Scammers who make a living swindling Airbnb.com customers have a powerful new tool at their disposal: A software-as-a-service offering called “Land Lordz,” which helps automate the creation and management of fake Airbnb Web sites and the sending of messages to advertise the fraudulent listings.

A Year Later, Cybercrime Groups Still Rampant on Facebook

April 8, 2019

63 Comments

Almost exactly one year ago, KrebsOnSecurity reported that a mere two hours of searching turned up more than 100 Facebook groups with some 300,000 members openly advertising services to support all types of cybercrime, including spam, credit card fraud and identity theft. Facebook responded by deleting those groups. Last week, a similar analysis found some 74 cybercrime groups operating openly on Facebook with more than 385,000 members.

Alleged Child Porn Lord Faces US Extradition

March 22, 2019

94 Comments

In 2013, the FBI exploited a zero-day vulnerability in Firefox to seize control over a Dark Web network of child pornography sites. The alleged owner of that ring – 33-year-old Freedom Hosting operator Eric Eoin Marques – was arrested in Ireland later that year on a U.S. warrant and has been in custody ever since. This week, Ireland’s Supreme Court cleared the way for Marques to be extradited to the United States.