cybercriminal behavior – Experimental News Clipping Site

The Register: More packages poisoned in npm attack, but would-be crypto thieves left pocket change

Sep 9, 2025

—

by

Source URL: https://www.theregister.com/2025/09/09/npm_supply_chain_attack/ Source: The Register Title: More packages poisoned in npm attack, but would-be crypto thieves left pocket change Feedly Summary: Miscreants cost victims time rather than money During the two-hour window on Monday in which hijacked npm versions were available for download, malware-laced packages reached one in 10 cloud environments, according to Wiz…

Krebs on Security: UK Charges Four in ‘Scattered Spider’ Ransom Group

Jul 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://krebsonsecurity.com/2025/07/uk-charges-four-in-scattered-spider-ransom-group/ Source: Krebs on Security Title: UK Charges Four in ‘Scattered Spider’ Ransom Group Feedly Summary: Authorities in the United Kingdom this week arrested four alleged members of “Scattered Spider," a prolific data theft and extortion group whose recent victims include multiple airlines and the U.K. retail chain Marks & Spencer. AI Summary and…

Krebs on Security: Oops: DanaBot Malware Devs Infected Their Own PCs

May 22, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://krebsonsecurity.com/2025/05/oops-danabot-malware-devs-infected-their-own-pcs/ Source: Krebs on Security Title: Oops: DanaBot Malware Devs Infected Their Own PCs Feedly Summary: The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer…

Cisco Talos Blog: Ghosted by a cybercriminal

May 22, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/ghosted-by-a-cybercriminal/ Source: Cisco Talos Blog Title: Ghosted by a cybercriminal Feedly Summary: Hazel observes that cybercriminals often fumble teamwork, with fragile alliances crumbling over missed messages. Plus, how UAT-6382 is exploiting Cityworks and what you can do to stay secure. AI Summary and Description: Yes Summary: The text elaborates on the evolving dynamics…

The Register: Extortion crew threatened to inform Edward Snowden (?!) if victim didn’t pay up

Mar 18, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/03/18/extortionists_ox_thief_legal_threats/ Source: The Register Title: Extortion crew threatened to inform Edward Snowden (?!) if victim didn’t pay up Feedly Summary: Don’t laugh. This kind of warning shows crims are getting desperate Dark web analysts at infosec software vendor Fortra have discovered an extortion crew named Ox Thief that threatened to contact Edward Snowden…

The Register: INC ransomware rebrands to Lynx – same code, new name, still up to no good

Oct 11, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/11/inc_ransomware_lynx/ Source: The Register Title: INC ransomware rebrands to Lynx – same code, new name, still up to no good Feedly Summary: Researchers point to evidence that scumbags visited the strategy boutique Researchers at Palo Alto’s Unit 42 believe the INC ransomware crew is no more and recently rebranded itself as Lynx over…

Tag: cybercriminal behavior

The Register: More packages poisoned in npm attack, but would-be crypto thieves left pocket change

Krebs on Security: UK Charges Four in ‘Scattered Spider’ Ransom Group

Krebs on Security: Oops: DanaBot Malware Devs Infected Their Own PCs

Cisco Talos Blog: Ghosted by a cybercriminal

The Register: Extortion crew threatened to inform Edward Snowden (?!) if victim didn’t pay up

The Register: INC ransomware rebrands to Lynx – same code, new name, still up to no good