Free Republic

“They’re coming.” That’s what Miguel, a Venezuelan migrant who came to America with his wife and two daughters, told me about the gang, Tren de Aragua, earlier this year. “And they’re very bad.” The past few days have shown how far the Venezuelan gang appears willing to go. In Aurora, Colorado, Tren de Aragua has allegedly terrorized the local community. According to Mayor Mike Coffman, at least two buildings in the city “have fallen to” a group of armed men, suspected to be gang members. “This is an organized criminal effort. Whether it’s Tren de Aragua, that remains to be...

A major cryptocurrency exchange says it was the victim of a sophisticated hack that stole about $1.5 billion worth of digital currency, marking one of the biggest online thefts of all time. Bybit said Friday that a routine transfer of Ethereum, one of the most popular cryptocurrencies, between digital wallets was “manipulated” by an attacker who transferred the crypto to an unidentified address. The company sought to reassure customers that their cryptocurrency holdings with the exchange were safe. The company added that news of the hack had led to a surge in withdrawal requests and there could be delays in...

It all happened overnight and in a matter of minutes. Ben Zhou, CEO of the cryptocurrency exchange Bybit, made a series of routine transfers from his home computer. A short while later, his company called to inform him that his reserves of Ethereum, the second most-used cryptocurrency after Bitcoin, worth $1.5 billion, had vanished. By then, the ethers had already been transferred to thousands of other people’s digital wallets. Bybit had just suffered the largest theft in history. Five days later, the FBI confirmed what some analysts suspected from the outset: the attack was the work of Lazarus, a hacking...

An anonymous reader quotes a report from Ars Technica: A technique that hostile nation-states and financially motivated ransomware groups are using to hide their operations poses a threat to critical infrastructure and national security, the National Security Agency has warned. The technique is known as fast flux. It allows decentralized networks operated by threat actors to hide their infrastructure and survive takedown attempts that would otherwise succeed. Fast flux works by cycling through a range of IP addresses and domain names that these botnets use to connect to the Internet. In some cases, IPs and domain names change every day...

A hack and data breach at location data broker Gravy Analytics is threatening the privacy of millions of people around the world whose smartphone apps unwittingly revealed their location data collected by the data giant. The full scale of the data breach isn’t yet known, but the alleged hacker has already published a large sample of location data from top consumer phone apps — including fitness and health, dating, and transit apps, as well as popular games. The data represents tens of millions of location data points of where people have been, live, work, and travel between. News of the...

The annual cost of cybercrime is expected to reach $10 trillion dollars next year. To put that figure into context, in terms of GDP it would be the third biggest economy in the world after the US and China. That’s why countries from Australia to China, the UK and US are racing to tighten up their cybersecurity laws – and why the UN is expected to pass a landmark cyber treaty in the next few weeks. For all the latest headlines follow our Google News channel online or via the app. From deep-fakes and disinformation to hacks and attacks on...

The Seattle-Tacoma International Airport was hit by an apparent cyberattack over the weekend, which has caused major internet outages affecting the airport's phones, email, and other systems. Port of Seattle officials are continuing to work on Monday to restore the airport's systems, which is the third day that the airport has been impacted by the attack. The airport has encouraged travelers to use their mobile phones to get their boarding passes, and to allow extra time at the airport to get to their gates. “We’re working around the clock to get necessary systems back online and to mitigate impacts to...

CrowdStrike Intelligence has since observed threat actors leveraging the event to distribute a malicious ZIP archive named crowdstrike-hotfix.zip. The ZIP archive contains a HijackLoader payload...Notably, Spanish filenames and instructions within the ZIP archive indicate this campaign is likely targeting Latin America-based (LATAM) CrowdStrike customers.

The Justice Department announced today the seizure of four domains used by the administrators and customers of a domain spoofing service. The domain seizures were authorized pursuant to seizure warrants issued in the Western District of Pennsylvania and were executed in coordination with the arrest of dozens of administrators and customers of the illicit service by foreign law enforcement agencies.“Together with our international partners, the Justice Department has disrupted another cybercrime scheme originating from Russia that enabled criminals to steal from over a million victims in the United States and around the world,” said Attorney General Merrick B. Garland. “I...

The hacking of a UnitedHealth affiliate is a symptom of consolidation within the health care sector, and it’s likely to get even worse.In a bid to win reelection, the Biden administration keeps trying to sell the country on all the supposed benefits of Obamacare. Before continuing their sales campaign, they might want to check in with the doctors’ offices struggling to make payroll.For over a month, the multitrillion-dollar health care sector has had to respond to a hack on a payment processor owned by UnitedHealthGroup, the nation’s largest insurer. Axios reported that hospitals, doctors, medical equipment suppliers, and pharmacies are...

Living off the Land: How hackers blend into your environment Cyber-criminals are increasingly ‘Living off the Land’, leveraging commonly-used tools to fly under the radar of conventional cyber defenses. Discover why Self-Learning AI is uniquely positioned to identify attacks leveraging this technique. What is Living off the Land attack? Living off the Land is a strategy which involves threat actors leveraging the utilities readily available within the target organization’s digital environment to move through the cyber kill chain. This is a popular method because It is often cheaper, easier, and more effective to make use of an organization’s own infrastructure...

Your personal information may have been leaked in the 'Mother of all Breaches' (MOAB), cybersecurity researchers have warned. Over 26 billion personal records have been exposed, in what researchers believe to be the biggest-ever data leak. Sensitive information from several sites including Twitter, Dropbox, and Linkedin was discovered on an unsecured page. Worryingly, the researchers who found it claim this breach is extremely dangerous and could prompt a tsunami of cybercrime.

SAN FRANCISCO/WASHINGTON (Reuters) - The U.S. Federal Bureau of Investigation (FBI) has struggled to stop a hyper-aggressive cybercrime gang that's been tormenting corporate America over the last two years, according to nine cybersecurity responders, digital crime experts and victims. For more than six months, the FBI has known the identities of at least a dozen members tied to the hacking group responsible for the devastating September break-ins at casino operators MGM Resorts International and Caesars Entertainment, according to four people familiar with the investigation. Industry executives have told Reuters they were baffled by an apparent lack of arrests despite many...

The FBI and Ukrainian police have seized nine cryptocurrency exchange websites that facilitated money laundering for scammers and cybercriminals, including ransomware actors. In its announcement, the FBI says the operation was carried out with the help of the Virtual Currency Response Team, the National Police of Urkaine, and legal prosecutors in the country. The nine websites and their servers seized in this operation are: 24xbtc.com 100btc.pro pridechange.com 101crypta.com uxbtc.com trust-exchange.org bitcoin24.exchange paybtc.pro owl.gold Visiting any of these domains today displays the seizure banner below, alternating its message between Russian and English. [Banner behind the article link above.] The seized sites...

Distributed Denial of Service (DDoS) attacks have become an everyday or, some might argue, an hourly problem. Using a variety of techniques, a wide range of threat actors from lone hackers, criminal gangs and hacktivists, to nation-states have and are using DDoS attacks. These attacks are carried out to degrade or disable the performance and network communications of target systems. These targets can be small or large businesses, internet service providers, manufacturers, retailers, healthcare providers, schools and universities, or other nation-states. Essentially, any entity with an online presence can become a DDoS target. Now, here is the why. There are...

He was the “king of revenge porn” — until his shocked and fed-up victims took him down. The “king” in question is Hunter Moore, the founder of the now-defunct revenge porn website IsAnyoneUp.com and whose horrific enterprise is examined — along with his victims’ desperate fight for justice — in a new three-part Netflix documentary, “The Most Hated Man on the Internet.” Moore, 36, created the site in 2010 and it allowed people allegedly hurt by relationships to post anonymous NSFW sexual content without the consent of their partners. “Me and my friends would post [photos of] a bunch of...

Today we saw some important testimony in the Michael Sussmann case. First, Rodney Joffe, an FBI confidential human source, went around his FBI handler to relay dubious Alfa Bank information to a friend at the FBI. Second, there were indications that Joffe previously worked on Russia cyber security matters. This leads us to ask whether Joffe was in some way involved in the Trump/Russia investigation. More on that below. The testimony of retired FBI Agent Tom Grasso. Grasso, a witness for Sussmann, was a Special Agent with the FBI whose “primary responsibility involved investigating cyber crimes.” He was part of...

Brett Johnson was a US Most Wanted cybercriminal, called the Original Internet Godfather by US Secret Service for building the first organized cybercrime community called ShadowCrew, which was the precursor to today's darknet and darknet markets.

Apple and Facebook reportedly provided sensitive customer information to hackers who faked being law enforcement officials in 2021. Facebook parent company Meta and Apple gave the hackers basic customer details — such as phone numbers, home addresses, and IP addresses — in response to forged "emergency data requests," Bloomberg reported. Typically, such data requests can only be granted through search warrants or subpoenas provided by a judge, but emergency requests don't require a full-court order. The hackers who duped the companies are affiliated with cybercrime groups known as “Recursion Team,” who have a history of using fake legal requests to...

Sinclair Broadcast Group, which operates dozens of TV stations across the U.S., said Monday that some of its servers and work stations were encrypted with ransomware and that some of its data was stolen from the company's network. The company said in a regulatory filing it started investigating the potential security incident on Saturday and on Sunday it and found that certain office and operational networks were disrupted.,,, ...Sinclair said it's taken measures to contain the incident and that its forensic investigation is ongoing. However, the company said that the data breach has caused – and may continue to cause...