Search results for internet fraud | Breaking Cybersecurity News | The Hacker News

A 15-year-old  UG Nazi hacker  going by the name of Cosmo or Cosmo the God  was sentenced in juvenile court on Wednesday with terms for six years without any computers or Internet, until his 21st birthday. During these 6 years, he'll need approval from his parole officer to access the internet. Wired report that hacker resides in Long Beach, California, and began as a politicized group that opposed SOPA, took down a bevy of websites this year, including those for NASDAQ, CIA.gov, and UFC.com. It redirected 4Chan's DNS to point to its own Twitter feed. Hacker pled guilty to more than a few felonies, with charges ranging from credit card fraud to online impersonation. The probation that Cosmo agreed to as part of his plea limits his use of the internet to solely educational purposes, and all use will be supervised. As part of the hacker group UGNazi, he was able to gain access to accounts on sites including Amazon, PayPal, Microsoft, Netflix, and many more. He is prohibited from

A Swedish man accused of being involved in the creation of the malicious software used to infect over half a million systems in more than dozens of countries, has pleaded not guilty in New York on Thursday to computer hacking charges brought against him. Alex Yucel, 24, who is the co-author of the Blackshades Remote Access Trojan (RAT), owned and operate an organization called Blackshades, which sold the notorious software to the other people and hackers across the country for prices ranging from $40 to $50. This allowed the hackers to remotely control the victims' computers and to steal keystrokes, passwords and access to victims' private files, according to the authorities. Blackshades malware is designed to steal victims' usernames and passwords for email and Web services, instant messaging applications, FTP clients and lots more. In worst cases, the malicious software program even allows hackers to take remote control of users' computer and webcam to take photos or v

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

WhatsApp on Wednesday fired a legal salvo against the Indian government to block new regulations that would require messaging apps to trace the "first originator" of messages shared on the platform, thus effectively breaking encryption protections. "Requiring messaging apps to 'trace' chats is the equivalent of asking us to keep a fingerprint of every single message sent on WhatsApp, which would break end-to-end encryption and fundamentally undermines people's right to privacy," a WhatsApp spokesperson told The Hacker News via email. "We have consistently joined civil society and experts around the world in opposing requirements that would violate the privacy of our users." With over 530 million active users, India is WhatsApp's biggest market by users.  The lawsuit, filed by the Facebook-owned messaging service in the Delhi High Court, seeks to bar new internet rules that come into force effective May 26. Called the Intermediary Guide

Recently, the cybersecurity landscape has been confronted with a daunting new reality – the rise of malicious Generative AI, like FraudGPT and WormGPT. These rogue creations, lurking in the dark corners of the internet, pose a distinctive threat to the world of digital security. In this article, we will look at the nature of Generative AI fraud, analyze the messaging surrounding these creations, and evaluate their potential impact on cybersecurity. While it's crucial to maintain a watchful eye, it's equally important to avoid widespread panic, as the situation, though disconcerting, is not yet a cause for alarm. Interested in how your organization can protect against generative AI attacks with an advanced email security solution?  Get an IRONSCALES demo .  Meet FraudGPT and WormGPT FraudGPT  represents a subscription-based malicious Generative AI that harnesses sophisticated machine learning algorithms to generate deceptive content. In stark contrast to ethical AI models, Fr

The United States Department of Justice yesterday sentenced a 22-year-old Washington-based hacker to 13 months in federal prison for his role in creating botnet malware, infecting a large number of systems with it, and then abusing those systems to carry out large scale distributed denial-of-service (DDoS) attacks against various online service and targets. According to court documents, Kenneth Currin Schuchman , a resident of Vancouver, and his criminal associates–Aaron Sterritt and Logan Shwydiuk–created multiple DDoS botnet malware since at least August 2017 and used them to enslave hundreds of thousands of home routers and other Internet-connected devices worldwide. Dubbed Satori, Okiru, Masuta, and Tsunami or Fbot, all these botnets were the successors of the infamous IoT malware Mirai , as they were created mainly using the source code of Mirai, with some additional features added to make them more sophisticated and effective against evolving targets. Even after the orig

Evolution -- The largest Deep Web drugs marketplace, disappeared suddenly overnight from the Internet. But unlike Silk Road, there is no indication that the law enforcement took down the Evolution marketplace. The Darknet's most popular markets for drugs and bespoke carjacking services is mysteriously offline Wednesday with rumours circulating over the Internet that its own administrators may have just scammed its huge user base and stole $12 Millions in Bitcoin. The Evolution black marketplace opened in January 2014, and gained popularity after the shutdown of Silk ​Road and arrest of its unassuming founder, Ross U​lbricht , with a promise of less fraud. Like Silk Road , Evolution also dealt in drugs, as well as illegal weapons, counterfeit goods, stolen credit cards and guides to committing fraud. Evolution was only accessible through anonymity Tor network. At the time of its apparent vanish, Evolution was home to nearly 20,000 drug sales, far more than Silk Road

Remember the DNS Changer malware that infected at least four million computers in more than 100 countries, including 500,000 in the United States, with malicious software or malware ? Valeri Aleksejev, 32 years old from Estonia, is the first of the seven individuals to enter a plea, admitting his guilt for his role in the global scam that netted approximately $14 million. He faces up to 25 years in prison, deportation and the forfeiture of $7 million. The other six individuals have been named as Anton Ivanov, Vladimir Tsastsin, Timur Gerassimenko, Dmitri Jegorov, Konstantin Poltev, and Andrey Taame.  Alekseev was the first large-scale Internet fraud criminal case came to trial. The scam had several components, including a click-hijacking fraud in which Malware was delivered to victims' PCs when they visited specially crafted websites or when they downloaded phony video codec software. The malware changed the DNS settings of the infected computers, and even in case

Researchers from cybersecurity firm Proofpoint have recently discovered a large-scale malvertising campaign that exposed millions of Internet users in the United States, Canada, the UK, and Australia to malware infections. Active for more than a year and still ongoing, the malware campaign is being conducted by a hacking group called KovCoreG , which is well known for distributing Kovter ad fraud malware that was used in 2015 malicious ad campaign s, and most recently earlier in 2017 . The KovCoreG hacking group initially took advantage of P0rnHub—one of the world's most visited adult websites—to distribute fake browser updates that worked on all three major Windows web browsers, including Chrome, Firefox, and Microsoft Edge/Internet Explorer. According to the Proofpoint researchers, the infections in this campaign first appeared on P0rnHub web pages via a legitimate advertising network called Traffic Junky, which tricked users into installing the Kovtar malware onto the

The 2023/2024 Axur Threat Landscape Report provides a comprehensive analysis of the latest cyber threats. The information combines data from the platform's surveillance of the Surface, Deep, and Dark Web with insights derived from the in-depth research and investigations conducted by the Threat Intelligence team. Discover the full scope of digital threats in the Axur Report 2023/2024. Overview In 2023, the cybersecurity landscape witnessed a remarkable rise in cyberattacks.  One notable shift was the cyber risk integration with business risk, a concept gaining traction in boardrooms worldwide. As the magnitude of losses due to cyberattacks became evident, organizations started reevaluating their strategies.  Geopolitical factors played a significant role in shaping information security. The conflicts between nations like Russia and Ukraine had ripple effects, influencing the tactics of cybercriminals. It was a year where external factors intertwined with digital threats. Ran

The International Criminal Police Organization, also called the Interpol, has announced the arrests of 75 individuals as part of a coordinated global operation against an organized cyber crime syndicate called  Black Axe . "'Black Axe' and other West African organized crime groups have developed transnational networks, defrauding victims of millions while channeling their profits into lavish lifestyles and other criminal activities, from drug trafficking to sexual exploitation," the agency  said . The law enforcement effort, codenamed Operation Jackal, involved the participation of Argentina, Australia, Côte d'Ivoire, France, Germany, Ireland, Italy, Malaysia, Nigeria, Spain, South Africa, the U.A.E, the U.K., and the U.S. Black Axe, which originated as a confraternity in Nigeria around 1977 before evolving into a mafia group, has not only been linked to killing and scamming operations, but also has been accused of infiltrating the country's political s

If your business operations and security of sensitive data rely on Oracle's E-Business Suite (EBS) , make sure you recently updated and are running the latest available version of the software. In a report released by enterprise cybersecurity firm Onapsis and shared with The Hacker News, the firm today disclosed technical details for vulnerabilities it reported in its integrated group of applications designed to automate CRM, ERP, and SCM operations for organizations. The two vulnerabilities, dubbed " BigDebIT " and rated a CVSS score of 9.9, were patched by Oracle in a critical patch update (CPU) pushed out earlier this January. But the company said an estimated 50 percent of Oracle EBS customers have not deployed the patches to date. The security flaws could be exploited by bad actors to target accounting tools such as General Ledger in a bid to steal sensitive information and commit financial fraud. According to the researchers, "an unauthenticated hacker

A federal indictment unsealed earlier today alleges that a 35-year-old Texas man hacked into the computer network of an Eden Prairie business and stole approximately $274,000. The indictment, which was filed in Minneapolis on October 13, 2010, charges Jeremey Parker, of Houston, Texas, with one count of unauthorized access to a protected computer in furtherance of fraud and one count of wire fraud. The indictment was unsealed following Parker's initial appearance in United States District Court. The indictment alleges that from December 23, 2008, through October 15, 2009, Parker hacked into the computer network in order to obtain money belonging to Digital River, Inc ., a cyber-based business, through a subsidiary, SWReg ., Inc. SWReg. pays independent software developers who write code that can run on Digital River's system. Royalties owed to those developers are accumulated at SWReg, and the developers have the ability to go online, view the royalty balances i

The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70 bogus domains mimicking URL shorteners and infect over 10,800 websites. "The main objective is still ad fraud by artificially increasing traffic to pages which contain the AdSense ID which contain Google ads for revenue generation," Sucuri researcher Ben Martin  said  in a report published last week. Details of the malicious activity were  first exposed  by the GoDaddy-owned company in November 2022. The campaign, which is said to have been active since September last year, is orchestrated to redirect visitors to compromised WordPress sites to fake Q&A portals. The goal, it appears, is to increase the authority of spammy sites in search engine results. "It's possible that these bad actors are simply trying to convince Google that real people from different IPs using different browsers are clicking on their search results," Sucuri noted at

Watch out Windows users! There's a new strain of malware making rounds on the Internet that has already infected thousands of computers worldwide and most likely, your antivirus program would not be able to detect it. Why? That's because, first, it's an advanced fileless malware and second, it leverages only legitimate built-in system utilities and third-party tools to extend its functionality and compromise computers, rather than using any malicious piece of code. The technique of bringing its own legitimate tools is effective and has rarely been spotted in the wild, helping attackers to blend in their malicious activities with regular network activity or system administration tasks while leaving fewer footprints. Independently discovered by cybersecurity researchers at Microsoft and Cisco Talos, the malware — dubbed " Nodersok " and " Divergent " — is primarily being distributed via malicious online advertisements and infecting users using

A 31-year-old Moldovan national has been sentenced to 42 months in prison in the U.S. for operating an illicit marketplace called E-Root Marketplace that offered for sale hundreds of thousands of compromised credentials, the Department of Justice (DoJ) announced. Sandu Boris Diaconu was charged with conspiracy to commit access device and computer fraud and possession of 15 or more unauthorized access devices. He pleaded guilty on December 1, 2023. "The E-Root Marketplace operated across a widely distributed network and took steps to hide the identities of its administrators, buyers, and sellers," the DoJ  said  last week. "Buyers could search for compromised computer credentials on E-Root, such as usernames and passwords that would allow buyers to access remote computers for purposes of stealing private information or manipulating the contents of the remote computer." Prospective customers could also search for RDP and SSH credentials based on various filter c