Rogue WordPress Plugin Exposes E-Commerce Sites to Credit Card Theft

Threat hunters have discovered a rogue WordPress plugin that's capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information.

The skimming activity is part of a Magecart campaign targeting e-commerce websites, according to Sucuri.

3,500 Arrested in Global Operation HAECHI-IV Targeting Financial Criminals

A six-month-long international police operation codenamed HAECHI-IV has resulted in the arrests of nearly 3,500 individuals and seizures worth $300 million across 34 countries.

The exercise, which took place from July through December 2023, took aim at various types of financial crimes such as voice phishing, romance scams, online sextortion, investment fraud, money laundering associated with illegal online gambling, business email compromise fraud, and e-commerce fraud.

34 Cybercriminals Arrested in Spain for Multi-Million Dollar Online Scams

Spanish law enforcement officials have announced the arrest of 34 members of a criminal group that carried out various online scams, netting the gang about €3 million ($3.2 million) in illegal profits.

Authorities conducted searches across 16 locations Madrid, Malaga, Huelva, Alicante, and Murcia, seizing two simulated firearms, a katana sword, a baseball bat, €80,000 in cash, four high-end vehicles, and computer and electronic material worth thousands of euros.

U.K. and U.S. Sanction 11 Russia-based TrickBot Cybercrime Gang Members

The U.K. and U.S. governments on Thursday sanctioned 11 individuals who are alleged to be part of the notorious Russia-based TrickBot cybercrime gang.

"Russia has long been a safe haven for cybercriminals, including the TrickBot group," the U.S. Treasury Department said, adding it has "ties to Russian intelligence services and has targeted the U.S. Government and U.S. companies, including hospitals."

The targets of the sanctions are administrators, managers, developers, and coders who are believed to have provided material assistance in its operations. Their names and roles are as follows -

Group-IB Co-Founder Sentenced to 14 Years in Russian Prison for Alleged High Treason

A city court in Moscow on Wednesday convicted Group-IB co-founder and CEO Ilya Sachkov of "high treason" and jailed him for 14 years in a "strict regime colony" over accusations of passing information to foreign spies.

"The court found Sachkov guilty under Article 275 of the Russian Criminal Code (high treason) sentencing him to 14 years of incarceration in a maximum-security jail, restriction of freedom for one year and a fine of 500,000 rubles (about $5,550)," state news agency TASS reported. Sachkov, who has been in custody since September 2021 and denied wrongdoing, had been accused of handing over classified information to foreign intelligence in 2011, which the prosecutors said caused reputational damage to Russia's national interests. The exact nature of the charges is unclear.

INTERPOL Nabs Hacking Crew OPERA1ER's Leader Behind $11 Million Cybercrime

A suspected senior member of a French-speaking hacking crew known as OPERA1ER has been arrested as part of an international law enforcement operation codenamed Nervone, Interpol has announced.

"The group is believed to have stolen an estimated USD 11 million -- potentially as much as 30 million -- in more than 30 attacks across 15 countries in Africa, Asia, and Latin America," the agency said.

The arrest was made by authorities in Côte d'Ivoire early last month. Additional insight was provided by the U.S. Secret Service's Criminal Investigative Division and Booz Allen Hamilton DarkLabs.

CryptosLabs Scam Ring Targets French-Speaking Investors, Rakes in €480 Million

Cybersecurity researchers have exposed the workings of a scam ring called CryptosLabs that's estimated to have made €480 million in illegal profits by targeting users in French-speaking individuals in France, Belgium, and Luxembourg since April 2018.

The syndicate's massive fake investment schemes primarily involve impersonating 40 well-known banks, fin-techs, asset management firms, and crypto platforms, setting up a scam infrastructure spanning over 350 domains hosted on more than 80 servers, Group-IB said in a deep-dive report. The Singapore-headquartered company described the criminal outfit as "operated by a hierarchy of kingpins, sales agents, developers, and call center operators" who are recruited to ensnare potential victims by promising high returns on their capital.

EncroChat Bust Leads to 6,558 Criminals' Arrests and €900 Million Seizure

Europol on Tuesday announced that the takedown of EncroChat in July 2020 led to 6,558 arrests worldwide and the seizure of €900 million in illicit criminal proceeds.

The law enforcement agency said that a subsequent joint investigation initiated by French and Dutch authorities intercepted and analyzed over 115 million conversations that took place over the encrypted messaging platform between no less than 60,000 users.

Now almost three years later, the information obtained from digital correspondence has resulted in -

20-Year-Old Russian LockBit Ransomware Affiliate Arrested in Arizona

The U.S. Department of Justice (DoJ) on Thursday unveiled charges against a Russian national for his alleged involvement in deploying LockBit ransomware to targets in the U.S., Asia, Europe, and Africa.

Ruslan Magomedovich Astamirov, 20, of Chechen Republic has been accused of perpetrating at least five attacks between August 2020 and March 2023. He was arrested in the state of Arizona last month.

"Astamirov allegedly participated in a conspiracy with other members of the LockBit ransomware campaign to commit wire fraud and to intentionally damage protected computers and make ransom demands through the use and deployment of ransomware," the DoJ said. Astamirov, as part of his LockBit-related activities, managed various email addresses, IP addresses, and other online accounts to deploy the ransomware and communicate with the victims.

U.K. Fraudster Behind iSpoof Scam Receives 13-Year Jail Term for Cyber Crimes

A U.K. national responsible for his role as the administrator of the now-defunct iSpoof online phone number spoofing service has been sentenced to 13 years and 4 months in prison.

Tejay Fletcher, 35, of Western Gateway, London, was awarded the sentence on May 18, 2023. He pleaded guilty last month to a number of cyber offenses, including facilitating fraud and possessing and transferring criminal property.

iSpoof, which was available as a paid service, allowed fraudsters to mask their phone numbers and masquerade as representatives from banks, tax offices, and other official bodies to defraud victims.

The help desk scam purported to warn targets of suspicious activity on their accounts and tricked them into disclosing sensitive financial information or transferring money to accounts under the threat actor's control.

U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator

A Russian national has been charged and indicted by the U.S. Department of Justice (DoJ) for launching ransomware attacks against "thousands of victims" in the country and across the world.

Mikhail Pavlovich Matveev (aka Wazawaka, m1x, Boriselcin, and Uhodiransomwar), the 30-year-old individual in question, is alleged to be a "central figure" in the development and deployment of LockBit, Babuk, and Hive ransomware variants since at least June 2020. "These victims include law enforcement and other government agencies, hospitals, and schools," DoJ said. "Total ransom demands allegedly made by the members of these three global ransomware campaigns to their victims amount to as much as $400 million, while total victim ransom payments amount to as much as $200 million."

Former Ubiquiti Employee Gets 6 Years in Jail for $2 Million Crypto Extortion Case

LockBit, Babuk, and Hive operate alike, leveraging unlawfully obtained access to exfiltrate valuable data and deploy ransomware on compromised networks. The threat actors also threaten to publicize the stolen information on a data leak site in an attempt to negotiate a ransom amount with victims.

Matveev has been charged with conspiring to transmit ransom demands, conspiring to damage protected computers, and intentionally damaging protected computers. If convicted, which is unlikely, he faces over 20 years in prison.

The U.S. State Department has also announced an award of up to $10 million for information that leads to the arrest and/or conviction of Matveev.

Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested

The National Police of Spain said it arrested 40 individuals for their alleged involvement in an organized crime gang called Trinitarians.

Among those apprehended include two hackers who carried out bank scams through phishing and smishing techniques and 15 other members of the crime syndicate, who have all been charged with a number of offenses such as bank fraud, forging documents, identity theft, and money laundering. In all, the nefarious scheme is believed to have defrauded more than 300,000 victims, resulting in losses of over €700,000.

"The criminal organization used hacking tools and business logistics to carry out computer scams," officials said.

U.S. Authorities Seize 13 Domains Offering Criminal DDoS-for-Hire Services

To pull off the attacks, the cybercriminals sent bogus links via SMS that, when clicked, redirected users to a phishing panel masquerading as legitimate financial institutions to steal their credentials and abuse the access to request for loans and link the cards to cryptocurrency wallets under their control.

These SMS messages sought to induce a false sense of urgency and increase the actors' chance of success by urging the recipients to click on the accompanying link in order to resolve a purported security issue with their bank accounts.

The stolen cards were used to purchase digital assets, which were then cashed out to fund the group's operations, such as paying legal fees, sending money to members in prison, and the purchase of narcotics and weapons.

Some of the illicit proceeds were also sent to foreign bank accounts, from where other group members used the money to purchase real estate in the Dominican Republic.

Operation SpecTor: $53.4 Million Seized, 288 Vendors Arrested in Dark Web Drug Bust

An international law enforcement operation has resulted in the arrest of 288 vendors who are believed to be involved in drug trafficking on the dark web, adding to a long list of criminal enterprises that have been shuttered in recent years.

The effort, codenamed Operation SpecTor, also saw the authorities confiscating more than $53.4 million in cash and virtual currencies, 850 kg of drugs, and 117 firearms.

The largest number of arrests were made in the U.S. (153), followed by the U.K. (55), Germany (52), the Netherlands (10), Austria (9), France (5), Switzerland (2), Poland (1), and Brazil (1).

Cyber Police of Ukraine Busted Phishing Gang Responsible for $4.33 Million Scam

The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal gang that set up phishing sites to target European users.

Two of the apprehended affiliates are believed to be organizers, with 10 others detained in other territories across the European Union.

The suspects are alleged to have created more than 100 phishing portals aimed at users in France, Spain, Poland, Czechia, Portugal, and other nations in the region.

20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison

Conor Brian Fitzpatrick, the 20-year-old founder and the administrator of the now-defunct BreachForums has been formally charged in the U.S. with conspiracy to commit access device fraud.

If proven guilty, Fitzpatrick, who went by the online moniker "pompompurin," faces a maximum penalty of up to five years in prison. He was arrested on March 15, 2023.

"Cybercrime victimizes and steals financial and personal information from millions of innocent people," said U.S. Attorney Jessica D. Aber for the Eastern District of Virginia. "This arrest sends a direct message to cybercriminals: your exploitative and illegal conduct will be discovered, and you will be brought to justice."

U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals

In what's a case of setting a thief to catch a thief, the U.K. National Crime Agency (NCA) revealed that it has created a network of fake DDoS-for-hire websites to infiltrate the online criminal underground.

"All of the NCA-run sites, which have so far been accessed by around several thousand people, have been created to look like they offer the tools and services that enable cyber criminals to execute these attacks," the law enforcement agency said.

"However, after users register, rather than being given access to cyber crime tools, their data is collated by investigators."

BreachForums Administrator Baphomet Shuts Down Infamous Hacking Forum

The effort is part of an ongoing international joint effort called Operation PowerOFF in collaboration with authorities from the U.S., the Netherlands, Germany, Poland, and Europol aimed at dismantling criminal DDoS-for-hire infrastructures worldwide.

DDoS-for-hire (aka "Booter" or "Stresser") services rent out access to a network of infected devices to other criminal actors seeking to launch distributed denial-of-service (DDoS) attacks against websites and force them offline.

Such illegal platforms offer a range of membership options, charging their clientele anywhere between $10 to $2,500 per month.

Pompompurin Unmasked: Infamous BreachForums Mastermind Arrested in New York

U.S. law enforcement authorities have arrested a New York man in connection with running the infamous BreachForums hacking forum under the online alias "Pompompurin."

The development, first reported by Bloomberg Law, comes after News 12 Westchester, earlier this week, said that federal investigators "spent hours inside and outside of a home in Peekskill."

"At one point, investigators were seen removing several bags of evidence from the house," the New York-based local news service added.

Brazil seizing Flipper Zero shipments to prevent use in crime

The Brazilian National Telecommunications Agency is seizing incoming Flipper Zero purchases due to its alleged use in criminal activity, with purchasers stating that the government agency has rejected all attempts to certify the equipment.

Flipper Zero is a portable multi-function cybersecurity tool that allows pentesters and hacking enthusiasts to tinker with a wide range of hardware by supporting RFID emulation, digital access key cloning, radio communications, NFC, infrared, Bluetooth, and more.

Since it was released, security researchers have demonstrated Flipper Zero's features on social media, showing how it can trigger doorbells, perform replay attacks to open garage doors and unlock cars, and be used as a digital key.

Brazil requiring certification