The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis: hacker arrested

New York Man Sentenced to 4 Years in Transnational Cybercrime Scheme

New York Man Sentenced to 4 Years in Transnational Cybercrime Scheme
May 28, 2022Ravie Lakshmanan
A 37-year-old man from New York has been sentenced to four years in prison for buying stolen credit card information and working in cahoots with a cybercrime cartel known as the Infraud Organization. John Telusma, who went by the alias "Peterelliot," had previously pleaded guilty to one count of racketeering conspiracy on October 13, 2021. He joined the gang in August 2011 and remained a member for five-and-a-half years. "Telusma was among the most prolific and active members of the Infraud Organization, purchasing and fraudulently using compromised credit card numbers for his own personal gain," the U.S. Justice Department (DoJ)  said . Infraud, a transnational cybercrime behemoth, operated for more than seven years, advertising its activities under the slogan "In Fraud We Trust," before its online infrastructure was dismantled by U.S. law enforcement authorities in February 2018. The rogue enterprise dabbled in the large-scale acquisition and sale

Interpol Arrests Leader of SilverTerrier Cybercrime Gang Behind BEC Attacks

Interpol Arrests Leader of SilverTerrier Cybercrime Gang Behind BEC Attacks
May 25, 2022Ravie Lakshmanan
A year-long international investigation has resulted in the arrest of the suspected head of the SilverTerrier cybercrime group by the Nigeria Police Force. "The suspect is alleged to have run a transnational cybercrime syndicate that launched mass phishing campaigns and business email compromise schemes targeting companies and individual victims," Interpol  said  in a statement. Operation Delilah, as the coordinated international effort is called, involved tracking the 37-year-old Nigerian man's physical movements, before he was apprehended at Murtala Muhammed International Airport in Lagos in March 2022. Singapore-headquartered cybersecurity company Group-IB said it provided threat intelligence that led to the arrest as part of the police operation that commenced in May 2021. According to Palo Alto Networks' Unit 42 , which also assisted in the probe into SilverTerrier activity, the unnamed suspect is said to have been active since 2015 and involved in the cr

British Police Charge Two Teenagers Linked to LAPSUS$ Hacker Group

British Police Charge Two Teenagers Linked to LAPSUS$ Hacker Group
April 01, 2022Ravie Lakshmanan
The City of London Police on Friday disclosed that it has charged two of the seven teenagers, a 16-year-old and a 17-year-old, who were arrested last week for their alleged connections to the LAPSUS$ data extortion gang. "Both teenagers have been charged with: three counts of unauthorized access to a computer with intent to impair the reliability of data; one count of fraud by false representation and one count of unauthorized access to a computer with intent to hinder access to data," Detective Inspector Michael O'Sullivan, from the City of London Police,  said  in a statement. In addition, the unnamed 16-year-old minor has been charged with one count of causing a computer to perform a function to secure unauthorized access to a program. The charges come as the City of London Police moved to arrest seven suspected LAPSUS$ gang members aged between 16 and 21 on March 25, with the agency  telling  The Hacker News that all the individuals had been subsequently "re

7 Suspected Members of LAPSUS$ Hacker Gang, Aged 16 to 21, Arrested in U.K.

7 Suspected Members of LAPSUS$ Hacker Gang, Aged 16 to 21, Arrested in U.K.
March 25, 2022Ravie Lakshmanan
The City of London Police has arrested seven teenagers between the ages of 16 and 21 for their alleged connections to the prolific LAPSUS$ extortion gang that's linked to a recent burst of attacks targeting NVIDIA, Samsung, Ubisoft, LG, Microsoft, and Okta. "The City of London Police has been conducting an investigation with its partners into members of a hacking group," Detective Inspector, Michael O'Sullivan, said in a statement shared with The Hacker News. "Seven people between the ages of 16 and 21 have been arrested in connection with this investigation and have all been released under investigation. Our enquiries remain ongoing." The development, which was first  disclosed  by BBC News, comes after a report from Bloomberg  revealed  that a 16-year-old Oxford-based teenager is the mastermind of the group. It's not immediately clear if the minor is one among the arrested individuals. The said teen, under the online alias White or Breachbase, is al

Ukrainian Hacker Linked to REvil Ransomware Attacks Extradited to United States

Ukrainian Hacker Linked to REvil Ransomware Attacks Extradited to United States
March 10, 2022Ravie Lakshmanan
Yaroslav Vasinskyi , a Ukrainian national, linked to the Russia-based  REvil ransomware group  has been extradited to the U.S. to face charges for his role in carrying out the file-encrypting malware attacks against several companies, including Kaseya last July. The 22-year-old had been previously arrested in Poland in October 2021, prompting the U.S. Justice Department (DoJ) to  file charges  of conspiracy to commit fraud and related activity in connection with computers, damage to protected computers, and conspiracy to commit money laundering. Ransomware is the digital equivalent of extortion wherein cybercrime actors encrypt victims' data and take it hostage in return for a monetary payment to recover the data, failing which the stolen information is published online or sold to other third-parties. According to the DoJ, in addition to the headline-grabbing attacks on JBS and Kaseya, REvil is said to have propagated its infection to more than 175,000 computers, netting the

Interpol Busted 11 Members of Nigerian BEC Cybercrime Gang

Interpol Busted 11 Members of Nigerian BEC Cybercrime Gang
January 20, 2022Ravie Lakshmanan
A coordinated law enforcement operation has resulted in the arrest of 11 members allegedly belonging to a Nigerian cybercrime gang notorious for perpetrating business email compromise (BEC) attacks targeting more than 50,000 victims in recent years. The disruption of the BEC network is the result of a ten-day investigation dubbed  Operation Falcon II  undertaken by the Interpol along with participation from the Nigeria Police Force's Cybercrime Police Unit in December 2021. Cybersecurity firms  Group-IB  and Palo Alto Networks'  Unit 42 , both of which shared information on the threat actors and their infrastructure, said six of the 11 suspects are believed to be a part of a prolific group of Nigerian cyber actors known as SilverTerrier (aka TMT). BEC attacks, which began to gain dominance in 2013, are  sophisticated scams  that target legitimate business email accounts through social engineering schemes to infiltrate corporate networks and subsequently leverage their acce

Police Arrest Suspected Ransomware Hackers Behind 1,800 Attacks Worldwide

Police Arrest Suspected Ransomware Hackers Behind 1,800 Attacks Worldwide
October 30, 2021Ravie Lakshmanan
12 people have been detained as part of an international law enforcement operation for orchestrating ransomware attacks on critical infrastructure and large organizations that hit over 1,800 victims across 71 countries since 2019, marking the latest action against cybercrime groups. The arrests were made earlier this week on October 26 in Ukraine and Switzerland, resulting in the seizure of cash worth $52,000, five luxury vehicles, and a number of electronic devices that the agencies said are being examined to uncover new forensic evidence of their malicious activities and pursue new investigative leads. The suspects have been primarily linked to LockerGoga, MegaCortex, and Dharma ransomware, in addition to being in charge of  laundering the ransom payments  by funneling the ill-gotten Bitcoin proceeds through mixing services and cashing them out. "The targeted suspects all had different roles in these professional, highly organised criminal organisations," Europol  said

Ukraine Arrests Operator of DDoS Botnet with 100,000 Compromised Devices

Ukraine Arrests Operator of DDoS Botnet with 100,000 Compromised Devices
October 11, 2021Ravie Lakshmanan
Ukrainian law enforcement authorities on Monday disclosed the arrest of a hacker responsible for the creation and management of a "powerful botnet" consisting of over 100,000 enslaved devices that was used to carry out distributed denial-of-service (DDoS) and spam attacks on behalf of paid customers. The unnamed individual, from the Ivano-Frankivsk region of the country, is also said to have leveraged the automated network to detect vulnerabilities in websites and break into them as well as stage brute-force attacks in order to guess email passwords. The Ukrainian police agency said it conducted a raid of the suspect's residence and seized their computer equipment as evidence of illegal activity. "He looked for customers on the closed forums and Telegram chats and payments were made via blocked electronic payment systems," the Security Service of Ukraine (SSU)  said  in a press statement. The payments were facilitated via WebMoney, a Russian money transfer p

Chinese Authorities Arrest Hackers Behind Mozi IoT Botnet Attacks

Chinese Authorities Arrest Hackers Behind Mozi IoT Botnet Attacks
September 02, 2021Ravie Lakshmanan
The operators of the Mozi IoT botnet have been taken into custody by Chinese law enforcement authorities, nearly two years after the malware emerged on the threat landscape in September 2019. News of the arrest, which originally  happened  in June, was  disclosed  by researchers from Netlab, the network research division of Chinese internet security company Qihoo 360, earlier this Monday, detailing its involvement in the operation. "Mozi uses a P2P [peer-to-peer] network structure, and one of the 'advantages' of a P2P network is that it is robust, so even if some of the nodes go down, the whole network will carry on, and the remaining nodes will still infect other vulnerable devices, that is why we can still see Mozi spreading," said Netlab, which spotted the botnet for the first time in late 2019. The development also comes less than two weeks after Microsoft Security Threat Intelligence Center  revealed  the botnet's new capabilities that enable it to inter

Interpol Arrests Moroccan Hacker Engaged in Nefarious Cyber Activities

Interpol Arrests Moroccan Hacker Engaged in Nefarious Cyber Activities
July 06, 2021Ravie Lakshmanan
Law enforcement authorities with the Interpol have apprehended a threat actor responsible for targeting thousands of unwitting victims over several years and staging malware attacks on telecom companies, major banks, and multinational corporations in France as part of a global phishing and credit card fraud scheme. The two-year investigation, dubbed  Operation Lyrebird  by the international, intergovernmental organization, resulted in the arrest of a Moroccan citizen nicknamed Dr HeX, cybersecurity firm Group-IB disclosed today in a report shared with The Hacker News. Dr HeX is said to have been "active since at least 2009 and is responsible for a number of cybercrimes, including phishing, defacing, malware development, fraud, and carding that resulted in thousands of unsuspecting victims," the Singapore-headquartered company said . The cyber attacks involved deploying a phishing kit consisting of web pages that spoofed banking entities in the country, followed by sendin

Ukrainian Police Arrest Author of World's Largest Phishing Service U-Admin

Ukrainian Police Arrest Author of World's Largest Phishing Service U-Admin
February 09, 2021Ravie Lakshmanan
Law enforcement officials in Ukraine, in coordination with authorities from the U.S. and Australia, last week shut down one of the world's largest phishing services that were used to attack financial institutions in 11 countries, causing tens of millions of dollars in losses. The Ukrainian attorney general's office  said  it worked with the National Police and its Main Investigation Department to identify a 39-year-old man from the Ternopil region who developed a phishing package and a special administrative panel for the service, which were then aimed at several banks located in Australia, Spain, the U.S., Italy, Chile, the Netherlands, Mexico, France, Switzerland, Germany, and the U.K. Computer equipment, mobile phones, and hard drives were seized as part of five authorized searches conducted during the course of the operation. Security researcher Brian Krebs  noted  the raids were in connection with  U-Admin , a phishing framework that makes use of fake web pages to pil

Police Arrest 21 WeLeakInfo Customers Who Bought Breached Personal Data

Police Arrest 21 WeLeakInfo Customers Who Bought Breached Personal Data
December 25, 2020Ravie Lakshmanan
21 people have been arrested across the UK as part of a nationwide cyber crackdown targeting customers of WeLeakInfo[.]com, a now-defunct online service that had been previously selling access to data hacked from other websites. The suspects used stolen personal credentials to commit further cyber and fraud offences, the UK National Crime Agency (NCA)  said . Of the 21 arrested — all men aged between 18 and 38 — nine have been detained on suspicion of Computer Misuse Act offences, nine for Fraud offences, and three are under investigation for both. The NCA also seized over £41,000 in bitcoin from the arrested individuals. Earlier this  January , the US Federal Bureau of Investigation (FBI), the NCA, the Netherlands National Police Corps, the German Bundeskriminalamt, and the Police Service of Northern Ireland jointly  seized the domain  of WeLeakInfo.com. Launched in 2017, the service provided its users a search engine to access the personal information illegally obtained from ov

Indian National Gets 20-Year Jail in United States for Running Scam Call Centers

Indian National Gets 20-Year Jail in United States for Running Scam Call Centers
November 30, 2020Ravie Lakshmanan
An Indian national on Monday was  sentenced to 20 years in prison  in the Southern District of Texas for operating and funding India-based call centers that defrauded US victims out of millions of dollars between 2013 and 2016. Hitesh Madhubhai Patel (aka Hitesh Hinglaj), who hails from the city of Ahmedabad, India, was sentenced in connection with charges of fraud and money laundering. He was also ordered to pay restitution of $8,970,396 to identified victims of his crimes. Earlier this January, Patel  pleaded guilty  to wire fraud conspiracy and general conspiracy to commit identification fraud, access device fraud, money laundering, and impersonation of a federal officer or employee. "The defendant defrauded vulnerable US victims out of tens of millions of dollars by spearheading a conspiracy whose members boldly impersonated federal government officials and preyed on victims' fears of adverse government action," said Acting Attorney General Brian C. Rabbitt of t

US Charges 2 Chinese Hackers for Targeting COVID-19 Research and Trade Secrets

US Charges 2 Chinese Hackers for Targeting COVID-19 Research and Trade Secrets
July 22, 2020Ravie Lakshmanan
The U.S. Department of Justice (DoJ) yesterday revealed charges against two Chinese nationals for their alleged involvement in a decade-long hacking spree targeting dissidents, government agencies, and hundreds of organizations in as many as 11 countries. The 11-count indictment , which was unsealed on Tuesday, alleges LI Xiaoyu (李啸宇) and DONG Jiazhi (董家志) stole terabytes of sensitive data, including from companies developing COVID-19 vaccines, testing technology, and treatments while operating both for private financial gain and behalf of China's Ministry of State Security. "China has now taken its place, alongside Russia, Iran and North Korea, in that shameful club of nations that provide a safe haven for cyber criminals in exchange for those criminals being 'on call' to work for the benefit of the state, [and] to feed the Chinese Communist party's insatiable hunger for American and other non-Chinese companies' hard-earned intellectual property, includ

Ukrainian Police Arrest Hacker Who Tried Selling Billions of Stolen Records

Ukrainian Police Arrest Hacker Who Tried Selling Billions of Stolen Records
May 20, 2020Swati Khandelwal
The Ukrainian police have arrested a hacker who made headlines in January last year by posting a massive database containing some 773 million stolen email addresses and 21 million unique plaintext passwords for sale on various underground hacking forums. In an official statement released on Tuesday, the Security Service of Ukraine (SBU) said it identified the hacker behind the pseudonym "Sanix," who is a resident of the Ivano-Frankivsk region of Ukraine, but it did not reveal his actual identity to the media. In January last year, the hacker tried to sell the massive 87-gigabyte database labeled as "the largest array of stolen data in history," which, according to security experts, was just a fraction of the stolen data Sanix collected. According to the authorities, Sanix had at least 6 more similar databases of stolen and broken passwords, totaling in terabytes in size, which also included billions of phone numbers, payment card details, and Social Secu

Europol Arrests 26 SIM Swapping Fraudsters For Stealing Over $3 Million

Europol Arrests 26 SIM Swapping Fraudsters For Stealing Over $3 Million
March 16, 2020Ravie Lakshmanan
Europol, along with the Spanish and the Romanian national police, has arrested 26 individuals in connection with the theft of over €3.5 million ($3.9 million) by hijacking people's phone numbers via SIM swapping attacks. The law enforcement agencies arrested 12 and 14 people in Spain and Romania, respectively, as part of a joint operation against two different groups of SIM swappers, Europol said . The development comes as SIM swapping attacks are emerging as one of the biggest threats to telecom operators and mobile users alike. The increasingly popular and damaging hack is a clever social engineering trick used by cybercriminals to persuade phone carriers into transferring their victims' cell services to a SIM card under their control. The SIM swap then grants attackers access to incoming phone calls, text messages, and one-time verification codes (or one-time passwords ) that various websites send via SMS messages as part of the two-factor authentication (2FA) proc

Interpol Arrests 3 Indonesian Credit Card Hackers for Magecart Attacks

Interpol Arrests 3 Indonesian Credit Card Hackers for Magecart Attacks
January 25, 2020Mohit Kumar
The Indonesian National Police in a joint press conference with Interpol and cybersecurity firm Group-IB earlier today announced the arrest of three Magecart-style Indonesian hackers who had compromised hundreds of international e-commerce websites and stolen payment card details of their online shoppers. Dubbed ' Operation Night Fury ,' the investigation was led by Interpol's ASEAN Cyber Capability Desk, a joint initiative by law enforcement agencies of Southeast Asian countries to combat cybercrime. According to the press conference, all three accused (23, 26, and 35 years old) were arrested last year in December from Jakarta and Yogyakarta and charged with criminal laws related to the data theft, fraud, and unauthorized access. "The operation is still ongoing in the other five ASEAN countries with which the intelligence was also shared. This case marks the first successful multi-jurisdictional operation against the operators of JavaScript-sniffers in the re

Silk Road Admin Sentenced to 78 Months in Prison On Drug Trafficking Charges

Silk Road Admin Sentenced to 78 Months in Prison On Drug Trafficking Charges
July 26, 2019Swati Khandelwal
An Irish national has been jailed for six-and-a-half years for his role as one of the administrators and forum moderators who helped run now-defunct dark web marketplace " Silk Road ." Gary Davis , 31, of Wicklow, Ireland, was known as 'Libertas' on the Silk Road website, then-largest underground black marketplace on the Internet used by thousands of people to buy and sell drugs and other illegal goods and services. Silk Road site administrators were responsible for, among other things, monitoring user activity on the underground website for any problem, responding to customer service inquiries, and resolving any dispute between buyers and vendors. Davis was indicted by U.S. federal prosecutors in 2013 when authorities shut down the Silk Road website and arrested its founder Ross William Ulbricht , who was sentenced to life in prison in 2015 after being convicted on multiple counts related to the black marketplace. "During its operation from 2011 un

WikiLeaks Founder Julian Assange Arrested After Ecuador Withdraws Asylum

WikiLeaks Founder Julian Assange Arrested After Ecuador Withdraws Asylum
April 11, 2019Mohit Kumar
WikiLeaks founder Julian Assange has been arrested at the Ecuadorian Embassy in London—that's almost seven years after he took refuge in the embassy to avoid extradition to Sweden over a sexual assault case. According to a short note released by London's Metropolitan Police Service, Assange was arrested immediately after the Ecuadorian government today withdraws his political asylum. Assange has now been taken into custody at a central London police station, from where he will be presented before Westminster Magistrates' Court as soon as possible. U.S. Department of Justice also confirmed today that Assange would face extradition proceedings for his alleged role in "one of the largest compromises of classified information in the history of the United States." "The indictment [unsealed today] alleges that in March 2010, Assange engaged in a conspiracy with Chelsea Manning, a former intelligence analyst in the U.S. Army, to assist Manning in cracki

Ex-NSA Contractor Pleads Guilty to 20-Year-Long Theft of Classified Data

Ex-NSA Contractor Pleads Guilty to 20-Year-Long Theft of Classified Data
March 28, 2019Mohit Kumar
A former National Security Agency contractor—who stole an enormous amount of sensitive information from the agency and then stored it at his home and car for over two decades—today changed his plea to guilty. The theft was labeled as the largest heist of classified government material in America's history. Harold Thomas Martin III, a 54-year-old Navy veteran from Glen Burnie, abused his top-secret security clearances to stole at least 50 terabytes of classified national defense data from government computers over two decades while working for a number of NSA departments between 1996 and 2016. In August 2016, the FBI arrested Martin at his Maryland home and found "six full bankers' boxes" worth of documents, many of which were marked "Secret" and "Top Secret," in his home and car. At the time of his arrest in August 2016, Martin also worked for Booz Allen Hamilton Holding Corp, the same company that previously employed  Edward Snowden  
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.