Tag Archives: U.S. Treasury Department

Task Force Seeks to Disrupt Ransomware Payments

April 29, 2021

Some of the world’s top tech firms are backing a new industry task force focused on disrupting cybercriminal ransomware gangs by limiting their ability to get paid, and targeting the individuals and finances of the organized thieves behind these crimes.

Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

April 16, 2021

On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. An analysis of the malicious file and other submissions by the same VirusTotal user suggest the account that initially flagged the backdoor as suspicious belongs to IT personnel at the National Telecommunications and Information Administration (NTIA), a division of the U.S. Commerce Department that handles telecommunications and Internet policy.

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

December 14, 2020

Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks. Given the breadth of the company’s customer base, experts say the incident may be just the first of many such disclosures.

Two Russians Charged in $17M Cryptocurrency Phishing Spree

September 16, 2020

U.S. authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges.

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

December 16, 2019

The U.S. Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “Evil Corp” and stole roughly $100 million from businesses and consumers. As it happens, for several years KrebsOnSecurity closely monitored the day-to-day communications and activities of the accused and his accomplices. What follows is an insider’s look at the back-end operations of this gang.

Treasury Dept: Tor a Big Source of Bank Fraud

December 5, 2014

A new report from the U.S. Treasury Department found that a majority of bank account takeovers by cyberthieves over the past decade might have been thwarted had affected institutions known to look for and block transactions coming through Tor, a global communications network that helps users maintain anonymity by obfuscating their true location online.

Counterfeit U.S. Cash Floods Crime Forums

August 20, 2014

One can find almost anything for sale online, particularly in some of the darker corners of the Web and on the myriad cybercrime forums. These sites sell everything from credit cards to identities and stolen merchandise, but until very recently, one illicit good I had never seen for sale on the forums was counterfeit U.S. currency.

Underweb Payments, Post-Liberty Reserve

May 30, 2013

Following the U.S. government’s seizure this week of virtual currency Liberty Reserve, denizens of the cybercrime underground collectively have been progressing through the classic stages of grief, from denial to anger and bargaining, and now grudging acceptance that any funds they had stashed in the e-currency system are likely gone forever. Over the past few days, the top discussion on many cybercrime forums has been which virtual currency will be the safest bet going forward?

U.S. Government Seizes LibertyReserve.com

May 28, 2013

U.S. federal law enforcement agencies on Tuesday announced the closure and seizure of Liberty Reserve, an online, virtual currency that the U.S. government alleges acted as “a financial hub of the cyber-crime world” and processed more more than $6 billion in criminal proceeds over the past seven years.

Trade Sanctions Cited in Hundreds of Syrian Domain Seizures

May 8, 2013

In apparent observation of international trade sanctions against Syria, a U.S. firm that ranks as the world’s fourth-largest domain name registrar has seized hundreds of domains belonging to various Syrian entities, including a prominent hacker group and sites associated with the regime of Syrian President Bashar al-Assad.