#rico--cybercrime
#rico--cybercrime

22 hours ago

ICE says it bought Paragon's spyware to use in drug trafficking cases | TechCrunch

ICE has utilized spyware from Paragon Solutions to combat drug trafficking and foreign terrorist organizations' use of encrypted communications.

US politics

fromSilicon Canals

18 hours ago

ICE confirms it deployed Paragon spyware inside the United States for drug trafficking cases - Silicon Canals

ICE is using commercial spyware domestically, raising constitutional concerns about warrantless surveillance and lack of oversight.

North Korean Hackers Drain $285 Million From Drift in 10 Seconds

A North Korean threat actor executed a $285 million heist from the Drift DeFi platform using sophisticated techniques and pre-signed transactions.

fromFortune

22 hours ago

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.

4 hours ago

North Korean Hackers Drain $285 Million From Drift in 10 Seconds

A North Korean threat actor executed a $285 million heist from the Drift DeFi platform using sophisticated techniques and pre-signed transactions.

fromFortune

22 hours ago

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Drift decentralized exchange lost $285 million due to a sophisticated attack involving unauthorized access and social engineering.

California

fromCalifornia Post

11 hours ago

'Hotel California' cocaine found stashed in secret compartment during $1M bust

Police found $1 million worth of cocaine hidden in a car during a traffic stop in Merced after the driver and passenger consented to a search.

France charges four over failed attack on US bank

Four individuals, including a young man and three minors, were charged in a thwarted attack on a Bank of America branch in Paris.

fromwww.aljazeera.com

France opens probe into suspected attack on Bank of America in Paris

A foiled terrorist attack targeting Bank of America's Paris headquarters was thwarted by police, leading to the arrest of a suspect.

fromThe Local France

France charges four over failed attack on US bank

Four individuals, including a young man and three minors, were charged in a thwarted attack on a Bank of America branch in Paris.

fromwww.aljazeera.com

France opens probe into suspected attack on Bank of America in Paris

A foiled terrorist attack targeting Bank of America's Paris headquarters was thwarted by police, leading to the arrest of a suspect.

Arts

Experts Break Down the Brazen $10 Million Museum Theft in Italy

fromThe Washington Post

France news

Thieves steal works by Cezanne, Renoir, Matisse in less than 3 minutes

fromArtnet News

Arts

Experts Break Down the Brazen $10 Million Museum Theft in Italy

fromThe Washington Post

France news

Thieves steal works by Cezanne, Renoir, Matisse in less than 3 minutes

more#art-theft

fromwww.dw.com

Cambodia: Alleged cyber scam boss extradited to China

Investigations found that Li Xiong, the former chairman of Huione Group under the Prince Group, is suspected of multiple crimes. Li was identified as a core member of Chen Zhi's criminal gang.

World news

Node JS

fromAxios

North Korean hackers implicated in major supply chain attack

A compromised maintainer account for the Axios npm package led to the publication of malicious software versions targeting various operating systems.

NYC politics

fromHoodline

Brooklyn Drivers Slammed With Scam 'Enforcement Action' Texts, NYPD Warns

Brooklyn drivers are targeted by a scam text claiming enforcement action, urging immediate payment to avoid penalties.

FBI Confirms Kash Patel Email Hack as US Offers $10M Reward for Hackers

Threat actors accessed FBI Director Kash Patel's personal email, but no government information was compromised.

EU data protection

European Commission Reports Cyber Intrusion and Data Theft

The European Commission confirmed a cyberattack that compromised its cloud infrastructure, resulting in the theft of hundreds of gigabytes of data.

Telnyx Targeted in Growing TeamPCP Supply Chain Attack

The WAV file is a valid audio file. It passes MIME-type checks. But the audio frame data contains a base64-encoded payload. Decode the frames, take the first 8 bytes as the XOR key, XOR the rest, and you have your executable or Python script.

Python

Careers

fromZDNET

3 red flags that job posting is a scam - and how to verify safely

Job scams are on the rise, exploiting vulnerable job seekers with vague offers and promises of high pay for little work.

#cybercrime

US news

Alleged RedLine Malware Administrator Extradited to US

Europe news

Russia arrests alleged owner of cybercrime forum LeakBase, report says | TechCrunch

Privacy professionals

LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace

Venom Stealer Raises Stakes With Continuous Credential Harvesting

Stolen credentials via infostealers like Venom Stealer are central to modern cybercrime.

Russian Cybercriminal Gets 2-Year Prison Sentence in US

Ilya Angelov was sentenced to two years in prison for managing a botnet used in ransomware attacks against US corporations.

Miscellaneous

Appeal fails for hacker who opened port to coke smugglers

A man received a seven-year prison sentence for hacking port IT systems with malware-laden USB sticks to aid cocaine smuggling and extortion.

US news

Alleged RedLine Malware Administrator Extradited to US

Europe news

Russia arrests alleged owner of cybercrime forum LeakBase, report says | TechCrunch

Privacy professionals

LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace

Venom Stealer Raises Stakes With Continuous Credential Harvesting

Stolen credentials via infostealers like Venom Stealer are central to modern cybercrime.

Information security

Russian Cybercriminal Gets 2-Year Prison Sentence in US

Miscellaneous

Appeal fails for hacker who opened port to coke smugglers

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign targets Spanish-speaking users in Latin America and Europe, delivering banking trojans via malware called Horabot.

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

A phishing campaign impersonating CERT-UA distributed malware called AGEWHEEZE targeting various organizations in Ukraine.

fromSecuritymagazine

Tax Season Means Phishing Season: How Individuals and Businesses Can Protect Themselves

Phishing attacks during tax season have become more sophisticated, leveraging generative AI to impersonate trusted entities like the IRS.

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign targets Spanish-speaking users in Latin America and Europe, delivering banking trojans via malware called Horabot.

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

A phishing campaign impersonating CERT-UA distributed malware called AGEWHEEZE targeting various organizations in Ukraine.

fromSecuritymagazine

Tax Season Means Phishing Season: How Individuals and Businesses Can Protect Themselves

Phishing attacks during tax season have become more sophisticated, leveraging generative AI to impersonate trusted entities like the IRS.

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

Brooklyn Trio Charged in Greenwich Credit Card Fraud

Three men from Brooklyn face multiple felony charges for identity theft and credit card fraud after a police chase in Greenwich.

US Attorney Connecticut Forfeits $600,000 in Tether Linked to Ledger Phishing Letter

Federal prosecutors recovered over $600,000 in stolen cryptocurrency linked to a phishing scam targeting a hardware wallet user.

US Charges Uranium Crypto Exchange Hacker

Jonathan Spalletta was charged with hacking Uranium Finance, stealing over $53 million, and laundering the funds through various transactions.

12 hours ago

US Attorney Connecticut Forfeits $600,000 in Tether Linked to Ledger Phishing Letter

Federal prosecutors recovered over $600,000 in stolen cryptocurrency linked to a phishing scam targeting a hardware wallet user.

US Charges Uranium Crypto Exchange Hacker

Jonathan Spalletta was charged with hacking Uranium Finance, stealing over $53 million, and laundering the funds through various transactions.

Privacy professionals

Iran-Linked Hackers Breach FBI Director Kash Patel's Email, Leak Messages Online

23 hours ago

Information security

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

fromWIRED

6 days ago

Privacy professionals

Iranian Hackers Breached Kash Patel's Email-but Not the FBI's

Information security

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don't See It Coming)

Information security

Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains

Information security

Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit

fromTechRepublic

Iran-Linked Hackers Breach FBI Director Kash Patel's Email, Leak Messages Online

An Iran-linked hacking group breached FBI Director Kash Patel's personal email, releasing non-sensitive information as a retaliatory cyber attack.

23 hours ago

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The ThreatsDay Bulletin provides a concise overview of current cybersecurity threats and trends affecting system safety.

fromWIRED

6 days ago

Iranian Hackers Breached Kash Patel's Email-but Not the FBI's

Handala claimed to hack the FBI but actually breached a personal Gmail account, revealing no classified information.

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don't See It Coming)

Cyber attackers increasingly exploit legitimate tools within environments, making detection difficult and expanding the attack surface organizations must manage.

Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains

A campaign targets Chinese-speaking users with typosquatted domains to deliver the AtlasCross RAT, impersonating trusted software brands.

Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit

Star Blizzard, a Russian hacking group, is using the DarkSword iOS exploit kit in a new campaign targeting Apple devices and iCloud accounts.

more#cybersecurity

fromHoodline

ICE Arrests Latin Kings Member After NYC Release

ICE's Enforcement and Removal Operations team in New York has repeatedly moved to apprehend noncitizens whom federal judges have ordered removed, often after local jurisdictions decline to honor detainers.

NYC politics

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.

FBI Sting Operation Exposes Crypto Price Rigging Network as 10 Foreign Nationals Charged, Over $1M Seized

Federal crackdown reveals a network of alleged crypto price manipulation, highlighting increased enforcement risks for digital asset firms.

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

Information security

Sophisticated CrystalX RAT Emerges

fromTechRepublic

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

Information security

New DeepLoad Malware Dropped in ClickFix Attacks

DeepLoad malware steals credentials and intercepts browser interactions, utilizing ClickFix for distribution and evading detection through sophisticated techniques.

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

fromTechRepublic

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

New DeepLoad Malware Dropped in ClickFix Attacks

DeepLoad malware steals credentials and intercepts browser interactions, utilizing ClickFix for distribution and evading detection through sophisticated techniques.

more#malware

Iran-Linked Hackers Breach FBI Director's Personal Email, Hit Stryker With Wiper Attack

Handala Hack Team, which carried out the breach, said on its website that Patel 'will now find his name among the list of successfully hacked victims.'

Privacy professionals

fromenglish.elpais.com

6 days ago

This is how the illegal market for buying and selling personal data on Telegram works

Illicit data markets on Telegram in Latin America expose personal data, contributing to gender-based violence and highlighting vulnerabilities in government data management.

Spanish Law Enforcement Arrests French Fugitive Linked to Violent Crypto Kidnapping

A fugitive wanted for kidnapping a cryptocurrency entrepreneur was arrested in Spain after a large-scale operation by the Civil Guard.

#ransomware

4 weeks ago

US news

Russian Ransomware Operator Pleads Guilty in US

US Prisons Russian Access Broker for Aiding Ransomware Attacks

Aleksei Volkov was sentenced to 81 months in prison for his role in ransomware attacks causing over $9 million in losses.

Information security

Extorting the Extorters? Moscow man accused of posing as FSB officer to extort Conti ransomware gang - DataBreaches.Net

fromArs Technica

Information security

Site catering to online criminals has been seized by the FBI

Information security

Ransomware Groups May Pivot Back to Encryption as Data Theft Tactics Falter

Information security

Ransomware gangs focus on winning hearts and minds | Computer Weekly

4 weeks ago

US news

Russian Ransomware Operator Pleads Guilty in US

US Prisons Russian Access Broker for Aiding Ransomware Attacks

Aleksei Volkov was sentenced to 81 months in prison for his role in ransomware attacks causing over $9 million in losses.

Information security

Extorting the Extorters? Moscow man accused of posing as FSB officer to extort Conti ransomware gang - DataBreaches.Net

fromArs Technica

Information security

Site catering to online criminals has been seized by the FBI

Information security

Ransomware Groups May Pivot Back to Encryption as Data Theft Tactics Falter

Information security

Ransomware gangs focus on winning hearts and minds | Computer Weekly

more#ransomware

fromComputerworld

Cyber criminals too are working from home... your home

The FBI warns that cybercriminals use residential proxies to mask illegal activities by hijacking IoT devices, smartphones, and routers, threatening both consumers and enterprises, particularly older devices.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

Chainalysis Deploys AI Agents to Counter Criminal Use of Artificial Intelligence in Crypto

Chainalysis introduces AI agents to enhance fraud detection and compliance without requiring deep technical expertise, ensuring data quality and human oversight.

#atm-jackpotting

Science

FBI says ATM 'jackpotting' attacks are on the rise, and netting hackers millions in stolen cash | TechCrunch

Information security

US Charges 31 More Defendants in Massive ATM Hacking Probe

Science

FBI says ATM 'jackpotting' attacks are on the rise, and netting hackers millions in stolen cash | TechCrunch

Information security

US Charges 31 More Defendants in Massive ATM Hacking Probe

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

macOS users are targeted by a ClickFix campaign delivering a Python-based information stealer through a fake Cloudflare verification page.

Turns out most cybercriminals are old enough to know better

Middle-aged adults aged 35-44 comprise 37% of cybercrime arrests, with 25-44 year-olds accounting for nearly 60% of cases, contradicting the teenage hacker stereotype.

World news

France swaps alleged ransomware crook for conflict researche

France exchanged an alleged US-wanted ransomware suspect for pardoned French researcher Laurent Vinatier, who was released from a Russian prison.

fromTechzine Global

Identity has become malleable for cyber attackers

Modern cyberattacks combine psychological manipulation, deepfakes, voice phishing, and stolen data to breach even well-defended organizations without exploiting software vulnerabilities.

AI-driven fraud far more profitable, Interpol warns

AI-enhanced financial fraud schemes are 4.5 times more profitable than non-AI schemes, with criminals using generative AI to improve text quality, create deepfakes, and scale operations efficiently.

Security Firm Executive Targeted in Sophisticated Phishing Attack

A C-level executive at Outpost24 was targeted by a sophisticated phishing attack using the Kratos phishing-as-a-service kit that exploited legitimate services like Cisco and Nylas to bypass security defenses.

Interpol obliterates cyber criminal infrastructure | Computer Weekly

Interpol's Operation Synergia III neutralized 45,000 malicious IP addresses and servers across 72 countries, resulting in 94 arrests and over 100 investigations targeting cyber fraud, phishing, malware, and ransomware infrastructure.

Interpol sinkholes 45,000 IPs linked to global cybercrime

Interpol arrested 94 cybercriminals across multiple countries during Operation Synergia III, seizing 212 devices and sinkholing over 45,000 malicious IP addresses linked to phishing, romance scams, and credit card fraud.

Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks

AI-generated malware Slopoly enables threat actors to develop malware frameworks significantly faster, demonstrating the weaponization of AI for cybercriminal purposes.

Crims hit EV charger firm ELECQ, steal customer contact data

In a notice sent to customers on Monday and seen by The Register, the EV charging outfit said that it detected "unusual activity" on its AWS cloud platform on March 7 and quickly discovered that attackers had launched a ransomware attack against parts of its infrastructure. According to the message, some databases were both encrypted and copied during the intrusion, meaning that the crooks likely walked off with user information before the company pulled the plug.

Information security

fromPCWorld

Phishing scammers weaponize ICE ragebait

The email seen by at least some customers of the Emma email platform was a phishing scam. Hackers hoped to inspire instant panic with the words, 'As part of our commitment to supporting U.S. Immigration and Customs Enforcement (ICE), we will be adding a Support ICE donation button to the footer of every email sent through our platform.'

Information security

4 weeks ago

Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks

Law enforcement and security companies dismantled Tycoon 2FA, a major phishing-as-a-service toolkit that facilitated credential harvesting attacks affecting nearly 100,000 organizations globally.

Qilin crew continues to dominate ransomware ecosystem | Computer Weekly

Given the scale and disruption of 2025, this pattern could be an early signal that 2026 may follow a similar path. Organisations should not mistake the month-on-month drop for a decline in risk. As for Qilin, its attacks show no signs of stopping - within the past few days it has claimed a breach of the Local 100 Chapter of the Transport Workers Union of America, affecting 41,000 current and 26,000 former employees.

Information security

#ai-security

fromwww.mercurynews.com

Information security

Hacker used Anthropic's Claude to steal sensitive Mexican data

Information security

Are criminals vibe coding malware? All signs point to yes

fromwww.mercurynews.com

Information security

Hacker used Anthropic's Claude to steal sensitive Mexican data

Information security

Are criminals vibe coding malware? All signs point to yes

more#ai-security

Nigerian Man Sentenced to Eight Years in Prison for Computer Intrusion and Theft - DataBreaches.Net

Matthew A. Akande, 37, was sentenced by U.S. District Court Judge Indira Talwani to eight years in prison, to be followed by three years of supervised release. Akande was also ordered to pay $1,393,230 in restitution. Akande was arrested in October 2024 at Heathrow Airport in the United Kingdom at the request of the United States and extradited to the United States on March 5, 2025.

Man Linked to Phobos Ransomware Arrested in Poland

A 47-year-old man arrested by police in Poland for allegedly being involved in cybercriminal activities has been linked to the Phobos ransomware operation. According to Poland's Central Cybercrime Bureau, officers found hacking tools, credentials, payment card numbers, and server IP addresses on the unnamed suspect's devices during a search. They also discovered that the suspect had exchanged messages with the Phobos ransomware group.

Information security

For the price of Netflix, crooks can rent AI crime ops

AI tools, including Dark LLMs and deepfakes, have commodified cybercrime into rentable, automated services that enable large-scale impersonation and fraud.

#ramp

Information security

Russian ransomware forum seized by U.S. law enforcement - DataBreaches.Net

Information security

Ransomware crims forced to take off-RAMP as FBI seizes forum

Information security

RAMP ransomware forum goes dark in probable FBI sting | Computer Weekly

Information security

Russian ransomware forum seized by U.S. law enforcement - DataBreaches.Net

Information security

Ransomware crims forced to take off-RAMP as FBI seizes forum