#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Online Crime | Breaking Cybersecurity News | The Hacker News

Category — Online Crime
German Police Disrupt DDoS-for-Hire Platform dstat[.]cc; Suspects Arrested

German Police Disrupt DDoS-for-Hire Platform dstat[.]cc; Suspects Arrested

Nov 04, 2024 DDoS Attack / Cybercrime
German law enforcement authorities have announced the disruption of a criminal service called dstat[.]cc that made it possible for other threat actors to easily mount distributed denial-of-service (DDoS) attacks. "The platform made such DDoS attacks accessible to a wide range of users, even those without any in-depth technical skills of their own," the Federal Criminal Police Office (aka Bundeskriminalamt or BKA) said . "The use of stresser services to carry out DDoS attacks has recently become increasingly known in the context of police investigations." The BKA described dstat[.]cc as a platform that offered recommendations and evaluations of stresser services in order to conduct DDoS attacks against websites of interest and render them unresponsive. According to an alert published by Radware in January 2023, dstat[.]cc offered botnet owners the ability to assess the capacity and capabilities of their DDoS attack services. "Bot herders use DStat sites ...
Telegram Agrees to Share User Data With Authorities for Criminal Investigations

Telegram Agrees to Share User Data With Authorities for Criminal Investigations

Sep 24, 2024 Data Privacy / Cybercrime
In a major policy reversal, the popular messaging app Telegram has announced it will give users' IP addresses and phone numbers to authorities in response to valid legal requests in an attempt to rein in criminal activity on the platform. "We've made it clear that the IP addresses and phone numbers of those who violate our rules can be disclosed to relevant authorities in response to valid legal requests," Telegram CEO Pavel Durov said in a post. To that end, the company now explicitly states - "If Telegram receives a valid order from the relevant judicial authorities that confirms you're a suspect in a case involving criminal activities that violate the Telegram Terms of Service, we will perform a legal analysis of the request and may disclose your IP address and phone number to the relevant authorities." Such data disclosures, it said, will be included in its periodic transparency reports . It further noted that the service may collect metadata...
The Future of Serverless Security in 2025: From Logs to Runtime Protection

The Future of Serverless Security in 2025: From Logs to Runtime Protection

Nov 28, 2024Cloud Security / Threat Detection
Serverless environments, leveraging services such as AWS Lambda, offer incredible benefits in terms of scalability, efficiency, and reduced operational overhead. However, securing these environments is extremely challenging. The core of current serverless security practices often revolves around two key components: log monitoring and static analysis of code or system configuration. But here is the issue with that: 1. Logs Only Tell Part of the Story Logs can track external-facing activities, but they don't provide visibility into the internal execution of functions. For example, if an attacker injects malicious code into a serverless function that doesn't interact with external resources (e.g., external APIs or databases), traditional log-based tools will not detect this intrusion. The attacker may execute unauthorized processes, manipulate files, or escalate privileges—all without triggering log events. 2. Static Misconfiguration Detection is Incomplete Static tools that check ...
Dark Web Malware Logs Expose 3,300 Users Linked to Child Abuse Sites

Dark Web Malware Logs Expose 3,300 Users Linked to Child Abuse Sites

Jul 08, 2024 Dark Web / Cyber Crime
An analysis of information-stealing malware logs published on the dark web has led to the discovery of thousands of consumers of child sexual abuse material (CSAM), indicating how such information could be used to combat serious crimes. "Approximately 3,300 unique users were found with accounts on known CSAM sources," Recorded Future said in a proof-of-concept (PoC) report published last week. "A notable 4.2% had credentials for multiple sources, suggesting a higher likelihood of criminal behavior." Over the past few years, off-the-shelf info-stealer variants have become a pervasive and ubiquitous threat targeting various operating systems with an aim to siphon sensitive information such as credentials, cryptocurrency wallets, payment card data, and screenshots. This is evidenced in the rise of new stealer malware strains such as Kematian Stealer , Neptune Stealer , 0bj3ctivity , Poseidon (formerly RodStealer), Satanstealer , and StrelaStealer . Distribut...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Interpol Arrests Over 1,000 Cyber Criminals From 20 Countries; Seizes $27 Million

Interpol Arrests Over 1,000 Cyber Criminals From 20 Countries; Seizes $27 Million

Nov 29, 2021
A joint four-month operation coordinated by Interpol, the international criminal police organization, has culminated in the arrests of more than 1,000 cybercriminals and the recovery of $27 million in illicit proceeds. Codenamed " HAECHI-II ," the crackdown enabled law enforcement units from across 20 countries, as well as Hong Kong and Macao, close 1,660 cases alongside blocking 2,350 bank accounts linked to the fraudulent illicit funds amassed from a range of online financial crimes, such as romance scams, investment fraud, and money laundering associated with illegal online gambling. "The results of Operation HAECHI-II show that the surge in online financial crime generated by the COVID-19 pandemic shows no signs of waning,"  said  Interpol Secretary General Jürgen Stock in a press statement issued on November 26. The coordinated law enforcement probe took place over a period of four months, starting from June 2021 until September 2021, with ten new criminal...
New U.S. Government Initiative Holds Contractors Accountable for Cybersecurity

New U.S. Government Initiative Holds Contractors Accountable for Cybersecurity

Oct 07, 2021
The U.S. government on Wednesday announced the formation of a new Civil Cyber-Fraud Initiative that aims to hold contractors accountable for failing to meet required cybersecurity requirements in order to safeguard public sector information and infrastructure. "For too long, companies have chosen silence under the mistaken belief that it is less risky to hide a breach than to bring it forward and to report it,"  said  Deputy Attorney General Monaco in a press statement. "Well that changes today, [and] we will use our civil enforcement tools to pursue companies, those who are government contractors who receive federal funds, when they fail to follow required cybersecurity standards — because we know that puts all of us at risk." The Civil Cyber-Fraud Initiative is part of the U.S. Justice Department's (DoJ) efforts to build resilience against cybersecurity intrusions and holding companies to task for deliberately providing deficient cybersecurity products or ...
Adelaide Hacker Infects 2,370 Computers in Global Cyber Attack

Adelaide Hacker Infects 2,370 Computers in Global Cyber Attack

Dec 02, 2010
An Adelaide hacker infected over 2,000 computers in Australia and overseas with a program designed to capture banking details, a court has heard. Anthony Scott Harrison, 20, learned hacking and programming skills online and launched his attack in 2009. He was caught when suspicious web activity was detected and tracked by federal police. Harrison also modified and sold software, allowing others to infect computers. His actions stemmed from his obsession with the world of cyber fantasy. Harrison pleaded guilty to seven charges, including four counts of modifying computer data to cause harm. Defense counsel John Edwards told the South Australian District Court that from the age of 14, Harrison had become obsessed with online computer games and was "immersed in the world of cyber fantasy." At one point, he played online for up to 15 hours a day, often using a simulated hacking game called Slave Hack. Mr. Edwards explained that Harrison became quite skilled at computer program...
Expert Insights / Articles Videos
Cybersecurity Resources