#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
Cloud Security

Digital Fraud | Breaking Cybersecurity News | The Hacker News

Category — Digital Fraud
⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More

⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More

Mar 17, 2025 Cybersecurity / Hacking News
From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week's cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats are on the rise, with open-source repositories becoming a playground for credential theft and hidden backdoors. But it's not all bad news—law enforcement is tightening its grip on cybercriminal networks, with key ransomware figures facing extradition and the security community making strides in uncovering and dismantling active threats. Ethical hackers continue to expose critical flaws, and new decryptors offer a fighting chance against ransomware operators. In this week's recap, we dive into the latest attack techniques, emerging vulnerabilities, and defensive strategies to keep you ahead of the curve. Stay informed, stay sec...
Cybercriminals Can Now Clone Any Brand’s Site in Minutes Using Darcula PhaaS v3

Cybercriminals Can Now Clone Any Brand's Site in Minutes Using Darcula PhaaS v3

Feb 21, 2025 Dark Web / Cybercrime
The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform appear to be readying a new version that allows prospective customers and cyber crooks to clone any brand's legitimate website and create a phishing version, further bringing down the technical expertise required to pull off phishing attacks at scale. The latest iteration of the phishing suite "represents a significant shift in criminal capabilities, reducing the barrier to entry for bad actors to target any brand with complex, customizable phishing campaigns," Netcraft said in a new analysis. The cybersecurity company said it has detected and blocked more than 95,000 new Darcula phishing domains, nearly 31,000 IP addresses, and taken down more than 20,000 fraudulent websites since it was first exposed in late March 2024. The biggest change incorporated into Darcula is the ability for any user to generate a phishing kit for any brand in an on-demand fashion. "The new and remastered v...
How PAM Mitigates Insider Threats: Preventing Data Breaches, Privilege Misuse, and More

How PAM Mitigates Insider Threats: Preventing Data Breaches, Privilege Misuse, and More

Mar 26, 2025Insider Threat / Regulatory Compliance
When people think of cybersecurity threats, they often picture external hackers breaking into networks. However, some of the most damaging breaches stem from within organizations. Whether through negligence or malicious intent, insiders can expose your organization to significant cybersecurity risks. According to Verizon's 2024 Data Breach Investigations Report , 57% of companies experience over 20 insider-related security incidents a year, with human error involved in 68% of data breaches. With that, insider attacks result in the highest costs, averaging USD 4.99 million per attack, as per the 2024 Cost of a Data Breach Report by IBM Security.  What are insider threats? An insider threat originates from within an organization – it's the potential for anyone with authorized access to your critical systems to misuse their access, harming your organization. The worst part is that insiders are already within your IT perimeter and are familiar with your internal security prot...
DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects

DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects

Feb 10, 2025 Malware / Web Security
Threat actors have been observed targeting Internet Information Services (IIS) servers in Asia as part of a search engine optimization (SEO) manipulation campaign designed to install BadIIS malware. "It is likely that the campaign is financially motivated since redirecting users to illegal gambling websites shows that attackers deploy BadIIS for profit," Trend Micro researchers Ted Lee and Lenart Bermejo said in an analysis published last week, Targets of the campaign include IIS servers located in India, Thailand, Vietnam, Philippines, Singapore, Taiwan, South Korea, Japan, and Brazil. These servers are associated with government, universities, technology companies, and telecommunications sectors. Requests to the compromised servers can then be served altered content from attackers, ranging from redirections to gambling sites to connecting to rogue servers that host malware or credential harvesting pages. It's suspected that the activity is the work of a Chinese-s...
cyber security

Protect Your Organization's use of GenAI and Guard Against AI-Powered Threats

websiteZscalaerZero Trust / AI Security
AI drives innovation and efficiency—but also helps bad actors deliver more relentless and effective attacks.
INTERPOL Arrests 5,500 in Global Cybercrime Crackdown, Seizes Over $400 Million

INTERPOL Arrests 5,500 in Global Cybercrime Crackdown, Seizes Over $400 Million

Dec 02, 2024 Financial Fraud / Cryptocurrency
A global law enforcement operation has led to the arrest of more than 5,500 suspects involved in financial crimes and the seizure of more than $400 million in virtual assets and government-backed currencies. The coordinated exercise saw the participation of authorities from 40 countries, territories, and regions as part of the latest wave of Operation HAECHI-V , which took place between July and November 2024, INTERPOL said. "The effects of cyber-enabled crime can be devastating – people losing their life savings, businesses crippled, and trust in digital and financial systems undermined," INTERPOL Secretary General Valdecy Urquiza said in a statement. "The borderless nature of cybercrime means international police cooperation is essential, and the success of this operation supported by INTERPOL shows what results can be achieved when countries work together. It's only through united efforts that we can make the real and digital worlds safer." As part of H...
Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware

Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware

Oct 30, 2024 Malware / Cyber Threat
Cybersecurity researchers have uncovered an ongoing malvertising campaign that abuses Meta's advertising platform and hijacked Facebook accounts to distribute an information stealer known as SYS01stealer. "The hackers behind the campaign use trusted brands to expand their reach," Bitdefender Labs said in a report shared with The Hacker News. "The malvertising campaign leverages nearly a hundred malicious domains, utilized not only for distributing the malware but also for live command and control (C2) operations, allowing threat actors to manage the attack in real-time." SYS01stealer was first documented by Morphisec in early 2023, describing attack campaigns targeting Facebook business accounts using Google ads and fake Facebook profiles that promote games, adult content, and cracked software. Like other stealer malware, the end goal is to steal login credentials, browsing history, and cookies. But it's also focused on obtaining Facebook ad and busin...
4 FIN9-linked Vietnamese Hackers Indicted in $71M U.S. Cybercrime Spree

4 FIN9-linked Vietnamese Hackers Indicted in $71M U.S. Cybercrime Spree

Jun 25, 2024 Cyber Crime / Financial Fraud
Four Vietnamese nationals with ties to the FIN9 cybercrime group have been indicted in the U.S. for their involvement in a series of computer intrusions that caused over $71 million in losses to companies. The defendants, Ta Van Tai (aka Quynh Hoa and Bich Thuy), Nguyen Viet Quoc (aka Tien Nguyen), Nguyen Trang Xuyen, and Nguyen Van Truong (aka Chung Nguyen), have been accused of conducting phishing campaigns and supply chain compromises to orchestrate cyber attacks and steal millions of dollars. "From at least May 2018 through October 2021, the defendants hacked the computer networks of victim companies throughout the United States and used their access to steal or attempt to steal non-public information, employee benefits, and funds," the U.S. Department of Justice said in an unsealed indictment last week. According to court documents, the individuals – after successfully gaining initial access to target networks – stole gift card data, personally identifiable informat...
Expert Insights / Articles Videos
Cybersecurity Resources