#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

identity theft | Breaking Cybersecurity News | The Hacker News

Category — identity theft
Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks

Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks

Feb 15, 2024 Banking Trojan / Cybercrime
A Chinese-speaking threat actor codenamed  GoldFactory  has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that's capable of harvesting identity documents, facial recognition data, and intercepting SMS. "The GoldPickaxe family is available for both iOS and Android platforms," Singapore-headquartered Group-IB  said  in an extensive report shared with The Hacker News. "GoldFactory is believed to be a well-organized Chinese-speaking cybercrime group with close connections to  Gigabud ." Active since at least mid-2023, GoldFactory is also responsible for another Android-based banking malware called  GoldDigger  and its enhanced variant GoldDiggerPlus as well as GoldKefu, an embedded trojan inside GoldDiggerPlus. Social engineering campaigns distributing the malware have been found to target the Asia-Pacific region, specifically Thailand and Vietnam, by masqu...
Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore

Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore

Feb 08, 2024 Data Protection / Mobile Securit
Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive data. "This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for financial fraud when the user attempts to install the app from an Internet-sideloading source (web browsers, messaging apps, or file managers)," the company  said . The feature is designed to examine the permissions declared by a third-party app in real-time and look for those that seek to gain access to sensitive permissions associated with reading SMS messages, deciphering or dismissing notifications from legitimate apps, and accessibility services that have been  routinely   abused  by Android-based malware for  extracting valuable information . As part of the test, users in Singapore who attempt to sid...
How AI Is Transforming IAM and Identity Security

How AI Is Transforming IAM and Identity Security

Nov 15, 2024Machine Learning / Identity Security
In recent years, artificial intelligence (AI) has begun revolutionizing Identity Access Management (IAM), reshaping how cybersecurity is approached in this crucial field. Leveraging AI in IAM is about tapping into its analytical capabilities to monitor access patterns and identify anomalies that could signal a potential security breach. The focus has expanded beyond merely managing human identities — now, autonomous systems, APIs, and connected devices also fall within the realm of AI-driven IAM, creating a dynamic security ecosystem that adapts and evolves in response to sophisticated cyber threats. The Role of AI and Machine Learning in IAM AI and machine learning (ML) are creating a more robust, proactive IAM system that continuously learns from the environment to enhance security. Let's explore how AI impacts key IAM components: Intelligent Monitoring and Anomaly Detection AI enables continuous monitoring of both human and non-human identities , including APIs, service acc...
Belarusian National Linked to BTC-e Faces 25 Years for $4 Billion Crypto Money Laundering

Belarusian National Linked to BTC-e Faces 25 Years for $4 Billion Crypto Money Laundering

Feb 05, 2024 Cryptocurrency / Financial Fraud
A 42-year-old Belarusian and Cypriot national with alleged connections to the now-defunct cryptocurrency exchange BTC-e is facing charges related to money laundering and operating an unlicensed money services business. Aliaksandr Klimenka , who was arrested in Latvia on December 21, 2023, was extradited to the U.S. and is currently being held in custody. If convicted, he faces a maximum penalty of 25 years in prison. BTC-e, which had been operating since 2011, was seized by law enforcement authorities in late July 2017 following the arrest of another key member  Alexander Vinnik , in Greece. The exchange is alleged to have received deposits valued at over $4 billion, with Vinnik laundering funds received from the hack of another digital exchange, Mt. Gox, through various online exchanges, including BTC-e. Court documents  allege  that the exchange was a "significant cybercrime and online money laundering entity," allowing its users to trade in bitcoin with high level...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
BreachForums Founder Sentenced to 20 Years of Supervised Release, No Jail Time

BreachForums Founder Sentenced to 20 Years of Supervised Release, No Jail Time

Jan 23, 2024 Cyber Crime / Dark Web
Conor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised release for his role as the creator and administrator of BreachForums. Fitzpatrick, who went by the online alias "pompompurin," was arrested in March 2023 in New York and was subsequently charged with conspiracy to commit access device fraud and possession of child pornography. He was later released on a $300,000 bond, and in July 2023, he pleaded guilty to the charges. BreachForums was a major cyber crime marketplace that facilitated the trafficking of stolen data since March 2022. Prior to its shutdown exactly a year later, the website boasted of over 340,000 members. Among the stolen items commonly sold on the platform were bank account information, Social Security numbers, personally identifying information (PII), hacking tools, breached databases, and account login information for compromised online accounts with service providers and merchants. BreachForums also advertised servic...
DoJ Charges 19 Worldwide in $68 Million xDedic Dark Web Marketplace Fraud

DoJ Charges 19 Worldwide in $68 Million xDedic Dark Web Marketplace Fraud

Jan 08, 2024 Financial Fraud / Cybercrime
The U.S. Department of Justice (DoJ) said it charged 19 individuals worldwide in connection with the now-defunct xDedic Marketplace , which is estimated to have facilitated more than $68 million in fraud. In  wrapping up its investigation  into the dark web portal, the agency said the transnational operation was the result of close cooperation with law enforcement authorities from Belgium, Germany, the Netherlands, Ukraine, and Europol. Of the 19 defendants, three have been sentenced to 6.5 years in prison, eight have been awarded jail terms ranging from one year to five years, and one individual has been ordered to serve five years' probation. One among them includes Glib Oleksandr Ivanov-Tolpintsev, a Ukrainian national who was  sentenced to four years in prison  in May 2022 for selling compromised credentials on xDedic and making $82,648 in illegal profits. Dariy Pankov, described by the DoJ as one of the highest sellers by volume, offered credentials of no ...
German Authorities Dismantle Dark Web Hub 'Kingdom Market' in Global Operation

German Authorities Dismantle Dark Web Hub 'Kingdom Market' in Global Operation

Dec 21, 2023 Dark Web / Cybercrime
German law enforcement has announced the disruption of a dark web platform called  Kingdom Market  that specialized in the sales of narcotics and malware to "tens of thousands of users." The  exercise , which involved collaboration from authorities from the U.S., Switzerland, Moldova, and Ukraine, began on December 16, 2023, the Federal Criminal Police Office (BKA) said. Kingdom Market is said to have been accessible over the TOR and Invisible Internet Project (I2P) anonymization networks since at least March 2021, trafficking in illegal narcotics as well as advertising malware, criminal services, and forged documents. As many as 42,000 products have been sold via several hundred seller accounts on the English language platform prior to its takedown, with 3,600 of them originating from Germany.  Transactions on the Kingdom Market were facilitated through cryptocurrency payments in the form of Bitcoin, Litecoin, Monero, and Zcash, with the website operators rece...
Alert: Chinese-Speaking Hackers Pose as UAE Authority in Latest Smishing Wave

Alert: Chinese-Speaking Hackers Pose as UAE Authority in Latest Smishing Wave

Dec 20, 2023 Identity Theft / SMS Phishing
The Chinese-speaking threat actors behind  Smishing Triad  have been observed masquerading as the United Arab Emirates Federal Authority for Identity and Citizenship to send malicious SMS messages with the ultimate goal of gathering sensitive information from residents and foreigners in the country. "These criminals send malicious links to their victims' mobile devices through SMS or iMessage and use URL-shortening services like Bit.ly to randomize the links they send," Resecurity  said  in a report published this week. "This helps them protect the fake website's domain and hosting location." Smishing Triad was  first documented  by the cybersecurity company in September 2023, highlighting the group's use of compromised Apple iCloud accounts to send smishing messages for carrying out identity theft and financial fraud.  The threat actor is also known to offer ready-to-use smishing kits for sale to other cybercriminals for $200 a month, alongside e...
Microsoft Takes Legal Action to Crack Down on Storm-1152's Cybercrime Network

Microsoft Takes Legal Action to Crack Down on Storm-1152's Cybercrime Network

Dec 14, 2023 Cybercrime / Threat intelligence
Microsoft on Wednesday said it obtained a court order to seize infrastructure set up by a group called Storm-1152 that peddled roughly 750 million fraudulent Microsoft accounts and tools through a network of bogus websites and social media pages to other criminal actors, netting the operators millions of dollars in illicit revenue. "Fraudulent online accounts act as the gateway to a host of cybercrime, including mass phishing, identity theft and fraud, and distributed denial-of-service (DDoS) attacks," Amy Hogan-Burney, the company's associate general counsel for cybersecurity policy and protection,  said . These cybercrime-as-a-service (CaaS) offerings, per Redmond, are designed to get around identity verification software across various technology platforms and help minimize the efforts needed to conduct malicious activities online, including phishing, spamming, ransomware, and fraud, effectively lowering the barriers to entry for attackers. Multiple threat actors,...
34 Cybercriminals Arrested in Spain for Multi-Million Dollar Online Scams

34 Cybercriminals Arrested in Spain for Multi-Million Dollar Online Scams

Oct 24, 2023 Cyber Fraud / Cyber Crime
Spanish law enforcement officials have  announced  the arrest of 34 members of a criminal group that carried out various online scams, netting the gang about €3 million ($3.2 million) in illegal profits. Authorities conducted searches across 16 locations Madrid, Malaga, Huelva, Alicante, and Murcia, seizing two simulated firearms, a katana sword, a baseball bat, €80,000 in cash, four high-end vehicles, and computer and electronic material worth thousands of euros. The operation also uncovered a database with cross-referenced information on four million people that was collated after infiltrating databases belonging to financial and credit institutions. The scams, which were conducted via email, SMS, and phone calls, entailed the threat actors masquerading as banks and electricity supply companies to defraud victims, in some cases even perpetrating  "son in distress" calls  and manipulating delivery notes from technology firms. In one instance, the miscreants re...
Android Banking Trojan Tricks Victims into Submitting Selfie Holding their ID Card

Android Banking Trojan Tricks Victims into Submitting Selfie Holding their ID Card

Oct 15, 2016
While some payment card companies like Mastercard have switched to selfies as an alternative to passwords when verifying IDs for online payments, hackers have already started taking advantage of this new security verification methods. Researchers have discovered a new Android banking Trojan that masquerades primarily as a video plugin, like Adobe Flash Player, pornographic app, or video codec, and asks victims to send a selfie holding their ID card, according to a blog post published by McAfee. The Trojan is the most recent version of Acecard that has been labeled as one of the most dangerous Android banking Trojans known today, according to Kaspersky Lab Anti-malware Research Team. Once successfully installed, the trojan asks users for a number of device's permissions to execute the malicious code and then waits for victims to open apps, specifically those where it would make sense to request payment card information. Acecard Steals your Payment Card and Real ID det...
How Hackers Can Hack Your Chip-and-PIN Credit Cards

How Hackers Can Hack Your Chip-and-PIN Credit Cards

Oct 21, 2015
October 1, 2015, was the end of the deadline for U.S. citizens to switch to Chip-enabled Credit Cards for making the transactions through swipe cards safer. Now, a group of French forensics researchers have inspected a real-world case in which criminals played smart in such a way that they did a seamless chip-switching trick with a slip of plastic that it was identical to a normal credit card. The researchers from the École Normale Supérieure University and the Science and Technology Institute CEA did a combined study of the subject, publishing a research paper [ PDF ] that gives details of a unique credit card fraud analyzed by them. What's the Case? Back in 2011 and 2012, police arrested five French citizens for stealing about 600,000 Euros (~ $680,000) as a result of the card fraud scheme, in spite of the Chip-and-PIN cards protections. How did the Chip-and-Pin Card Fraud Scheme Work? On investigating the case, the researchers discovered that the n...
Data Breach Day — Patreon (2.3M), T-Mobile (15M) and Scottrade (4.6M) — HACKED!

Data Breach Day — Patreon (2.3M), T-Mobile (15M) and Scottrade (4.6M) — HACKED!

Oct 03, 2015
This week, three high-profile data breaches took place, compromising personal and sensitive details of millions of people. Telecommunication giant T-Mobile Crowdfunding website Patreon US brokerage firm Scottrade In T-Mobile's case, its credit application processor Experian was hacked , potentially exposing highly sensitive details of 15 Million people who applied for its service in the past two years. The stolen data includes home addresses, birth dates, driver's license number, passport number, military I.D. numbers and – most unfortunately – the Social Security numbers, among other information. Patreon Hack Hits 2.3 Million Users In Patreon's case, hackers managed to steal almost 15 gigabytes' worth of data including names, shipping addresses and email addresses of 2.3 Million users . In a post published late Wednesday, Patreon CEO Jack Conte confirmed that the crowdfunding firm had been hacked and that the personal data of its users h...
How to Freeze Credit Report To Protect Yourself Against Identity Theft

How to Freeze Credit Report To Protect Yourself Against Identity Theft

Oct 03, 2015
If your Social Security number gets hacked in any data breaches, including recently hacked T-Mobile , then there's a way to prevent hackers from misusing your identity (i.e. identity theft ). The solution here is that you can institute a security freeze at each of the three credit bureaus, Equifax , Experian , or TransUnion . Once frozen, nobody will be allowed to access your credit report, which will prevent any identity thieves from opening new accounts in your name. Because most creditors required to see your credit report before approving a new account. But, if they are restricted to see your file, they may not extend the credit or open a new account in your name. However, there are some disadvantages of doing so. 1.   Cost The cost of a security freeze differs by state (check yours here ). However, it is often free for already affected people, but the issue is – if you want to let anyone check your credit, you will need to pay a fee every time to ...
Experian Breach: 15 Million T-Mobile Customers' Data Hacked

Experian Breach: 15 Million T-Mobile Customers' Data Hacked

Oct 03, 2015
If you applied for financing from T-Mobile anytime between 1 September 2013 and 16 September 2015, you have been HACKED! – even if you never had T-Mobile service. T-Mobile's credit application processor Experian was hacked, potentially exposing the highly personal information of more than 15 million people in the United States. The stolen information includes names, addresses, phone numbers and – most unfortunately – Social Security numbers . The massive data breach was first discovered in mid-September and has now been confirmed by T-Mobile CEO John Legere . According to Legere, Hackers successfully obtained Millions of people's private information through Experian, one of the world's largest credit check companies that process T-Mobile's credit applications. Both customers and people who submitted to a T-Mobile credit check ( but either canceled or never activated their T-Mobile service ) between September 1, 2013, and September 16, 2015, are most at ris...
25 Million 'NAVER' Accounts Breached using Stolen Data

25 Million 'NAVER' Accounts Breached using Stolen Data

Mar 27, 2014
A 31-year-old South Korean has been recently accused by the police for the allegation of infiltrating and hacking the accounts of 25 million users of   Naver , one of the popular search portal in South Korea. On Wednesday, the Asian National Police Agency revealed that the suspect purchased the private information of 25 million users, including names, residential numbers, Internet IDs and passwords from a Korean-Chinese, back in August last year, Korea Herald reported. The suspect surnamed  ' Seo ', supposedly used the purchased information to hack into the accounts of Naver users and sent out spam messages and other ' illicit emails ' to the account holders. He had made an illegal profit of some 160 million won ( $148,000 ) using this, according to the report. Also a hacker surnamed  ' Hong ', has been arrested by the police who was suspected to develop the hacking program that automatically enter users' IDs and passwords, which was apparently used by ...
16 Million German Users' Data Compromised in mysterious Botnet Malware attack

16 Million German Users' Data Compromised in mysterious Botnet Malware attack

Jan 22, 2014
A New day begins with a Cup of Coffee and with new massive Data Breach News. This time in Germany, the Digital identities of about 16 million online users had been stolen, and posing a risk to their accounts linked to social media and other services. Federal Office for Information Security (BSI) discovered a security breach after running an analysis of the botnet network of computers infected with malware . The compromised accounts have email addresses as their username and also the passwords were stolen, that could also be sold to spammers and people looking to " phish " account holders. Until now it hasn't been known that how and when the analysis was carried out and who exactly were involved behind this massive data breach, as the BSI refused to give details on the source of the information. Authorities have set up a German-language website which allows users to enter their email address and check whether their email accounts are compromised or not. ...
Russian hackers stole Personal details of 54 million Turkish Citizens

Russian hackers stole Personal details of 54 million Turkish Citizens

Dec 17, 2013
The Publicized Hacks, Cyber attacks and Data breaches continue to increase, and the majority of attacks are from outsiders. Recently, Some unknown Russian hackers have reportedly stolen Personal details of nearly 54 million Turkish citizens, about 70% of the whole Turkish population. According to a report published by ' Hurriyet News ', Researchers from  KONDA  Security firm revealed that the hackers have stolen data from a political party's  vulnerable  system that include Name, ID numbers and address of 54 million voters across the Nation. Researchers claimed that the hacked system (being used for Database and website Management) did not have any antivirus product installed and voter information was also uploaded online on a vulnerable website. This was really a bad idea, and they mentioned that " in two hours hackers downloaded all the information. " In another statement, they mentioned that some government instituti...
Hacker sold personal data of 4 million US citizens online; risk of potential Identity Theft

Hacker sold personal data of 4 million US citizens online; risk of potential Identity Theft

Sep 27, 2013
An illegal service that sells personal data of US citizens online, which can then be used for identity theft hacked into the networks of three major data brokers and Hacker stole their databases. Cyber attack has given them access to Social Security Numbers , dates of birth, and other personal details that could put all our finances at risk. Krebs's blog revealed that the service, known as SSNDOB ( ssndob.ms)  (Social Security Number Date of Birth) used malware to obtain secret access to the databases of LexisNexis, Dun & Bradstreet and Kroll Background America. Hackers are charging from 50 cents to $2.50 per record and from $5 to $15 for credit and background checks. It was discovered in March that another website, exposed.su was using data collected by SSNDOB to sell to its customers.  Through the use of a botnet Malware, ID thieves the ID thieves gained access to the networks of LexisNexis, that it provides coverage of more than 5...
Expert Insights / Articles Videos
Cybersecurity Resources