Tag Archives: U.S. Justice Department

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

December 16, 2019
46 Comments

The U.S. Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “Evil Corp” and stole roughly $100 million from businesses and consumers. As it happens, for several years KrebsOnSecurity closely monitored the day-to-day communications and activities of the accused and his accomplices. What follows is an insider’s look at the back-end operations of this gang.

Expert: IoT Botnets the Work of a ‘Vast Minority’

January 24, 2018
24 Comments

In December 2017, the U.S. Department of Justice announced indictments and guilty pleas by three men in the United States responsible for creating and using Mirai, a malware strain that enslaves poorly-secured “Internet of Things” or IoT devices like security cameras and digital video recorders for use in large-scale cyberattacks.

The FBI and the DOJ had help in their investigation from many security experts, but this post focuses on one expert whose research into the Dark Web and its various malefactors was especially useful in that case. Allison Nixon is director of security research at Flashpoint, a cyber intelligence firm based in New York City. Nixon spoke with KrebsOnSecurity at length about her perspectives on IoT security and the vital role of law enforcement in this fight.

Some Basic Rules for Securing Your IoT Stuff

January 17, 2018
60 Comments

Most readers here have likely heard or read various prognostications about the impending doom from the proliferation of poorly-secured “Internet of Things” or IoT devices. Loosely defined as any gadget or gizmo that connects to the Internet but which most consumers probably wouldn’t begin to know how to secure, IoT encompasses everything from security cameras, routers and digital video recorders to printers, wearable devices and “smart” lightbulbs.

Throughout 2016 and 2017, attacks from massive botnets made up entirely of hacked IoT devices had many experts warning of a dire outlook for Internet security. But the future of IoT doesn’t have to be so bleak. Here’s a primer on minimizing the chances that your IoT things become a security liability for you or for the Internet at large.

Feds Charge Carding Kingpin in Retail Hacks

July 8, 2014
60 Comments

The U.S. Justice Department on Monday announced the arrest of a Russian hacker accused of running a network of online crime shops that sold credit and debit card data stolen in breaches at restaurants and retailers throughout the United States. The government alleges that the hacker known in the underground as “nCux” and “Bulba” was Roman Seleznev, a 30-year-old Russian citizen who was recently arrested by the U.S. Secret Service.

MoneyGram Fined $100 Million for Wire Fraud

November 19, 2012
19 Comments

A week ago Friday, the U.S. Justice Department announced that MoneyGram International had agreed to pay a $100 million fine and admit to criminally aiding and abetting wire fraud and failing to maintain an effective anti-money laundering program. Loyal readers of this blog no doubt recognize the crucial role that MoneyGram and its competitors play in the siphoning of millions of dollars annually from hacked small- to mid-sized business, but incredibly this settlement appears to be unrelated to these cyber heists.