The Purple Hat - Cyber Gangs & Criminals Naked

Posts

Recent posts

Carbanak brain arrested

Spanish Police has arrested the alleged leader of an organised Russian cybercrime gang behind the Carbanak and Cobalt malware attacks, which stole over a billion euros from banks worldwide since 2013. In a coordinated operation with law enforcement agencies across the globe, including the FBI and Europol, Police detained the suspected leader of Carbanak hacking group in Alicante, Spain. Carbanak hacking group started its activities almost five years ago by launching a series of malware attack campaigns such as Anunak and Carbanak to compromise banks and ATM networks, from which they swiped millions of credit card details from US-based retailers. According to the Europol, the group later developed a sophisticated heist-ready banking malware known as Cobalt, based on the Cobalt Strike penetration testing software, which was in use until 2016. "The magnitude of the losses is significant: the Cobalt malware alone allowed criminals to steal up to EUR 10 million p

North Korean Hidden Cobra APT targets Turkish financial industry with new Bankshot malware

North Korea-linked APT group Hidden Cobra (aka Lazarus Group) is targeting the Turkish financial system. Experts from McAfee observed the hackers using the Bankshot implant in targeted attacks against the financial organizations in Turkey. The attack resembles previous attacks conducted by Hidden Cobra against the global payment network SWIFT. Bankshot was first reported by the US DHS in December, now new variants of the malicious code were observed in the wild The sample analyzed by McAfee is 99% similar to the variants detected in 2017. The hackers used spear-phishing messages with a weaponized Word document containing an embedded Flash exploit that triggers the CVE-2018-4878, Flash vulnerability that was disclosed in late January. Adobe promptly patched the vulnerability with an emergency patch, but many computers are still vulnerable because the owners did not apply the patch. According to McAfee, the implant’s first target was a major government-controlle

Russian crime gang stole 3.8 million slopes (860,000 euros) from 32 ATMs from the Raiffeisen Romania bank

Cybercriminals stole 3.8 million slopes (860,000 euros) from 32 ATMs belonging to the Raiffeisen Romania bank using an infected RTF document. The criminal organization led by Dmitriy Kvasov operated in Romania, the gang stole the money in just one night in 2016. “One night Raiffeisen Bank lost control of all ATMs in Romania • Although it seems impossible, the control of ATMs across the country was taken over by a group of Russian hackers • It is one of the biggest thefts of cash money in the history of Romania, and the authorities did not blow a word” reported the website bzi .ro. The Organized Crime and Counterterrorism Office (DIICOT) who investigated the culprits managed to arrest the leader of the criminal organization. The Russian hackers launched a spear-phishing attack against Raiffeisen Romania between August 9, 2016, and September 4, 2016, they sent email messaging using a weaponized RTF document. The bait document that appeared as sent on behalf of th

NanoCore developper busted and senteced for 33 months

A hacker who was arrested and pleaded guilty last year—not because he hacked someone, but for creating and selling a remote access trojan that helped cyber criminals—has finally been sentenced to serve almost three years in prison. Taylor Huddleston, 26, of Hot Springs, Arkansas, pleaded guilty in July 2017 to one charge of aiding and abetting computer intrusions by building and intentionally selling a remote access trojan (RAT), called NanoCore , to hackers for $25. Huddleston was arrested in March, almost two months before the FBI raided his house in Hot Springs, Arkansas and left with his computers after 90 minutes, only to return eight weeks later with handcuffs. This case is a rare example of the US Department of Justice (DOJ) charging someone not for actively using malware to hack victims' computers, but for developing and selling it to other cybercriminals. Huddleston admitted to the court that he created his software knowing it would be used

Winter Olympic Game 2018 Malware Attack

The Pyeongchang Winter Olympics taking place in South Korea was disrupted over the weekend following a malware attack before and during the opening ceremony on Friday. The cyber attack coincided with 12 hours of downtime on the official website for the Winter Games, the collapse of Wi-Fi in the Pyeongchang Olympic stadium and the failure of televisions and internet at the main press center, leaving attendees unable to print their tickets for events or get venue information. The Pyeongchang Winter Olympics organizing committee confirmed Sunday that a cyber attack hit its network helping run the event during the opening ceremony, which was fully restored on 8 am local time on Saturday—that's full 12 hours after the attack began. Multiple cybersecurity firms published reports on Monday, suggesting that the cause of the disruption was "destructive" wiper malware that had been spread throughout the Winter Games' official network using stolen cr

‘Infraud’ Cybercrime Forum is Busted, 13 hackers arrested & 36 charged

The U.S. Justice Department announced charges on Wednesday against three dozen individuals thought to be key members of ‘ Infraud ,” a long-running cybercrime forum that federal prosecutors say cost consumers more than a half billion dollars. In conjunction with the forum takedown, 13 alleged Infraud members from the United States and six other countries were arrested. Started in October 2010, Infraud was short for “In Fraud We Trust,” and collectively the forum referred to itself as the “Ministry of Fraudulently [sic] Affairs.” As a mostly English-language fraud forum, Infraud attracted nearly 11,000 members from around the globe who sold, traded and bought everything from stolen identities and credit card accounts to ATM skimmers, botnet hosting and malicious software. “Today’s indictment and arrests mark one of the largest cyberfraud enterprise prosecutions ever undertaken by the Department of Justice,” said John P. Cronan , acting assistant attorne

Contact me

If you wish to contact me, please de not hesitate to communicate with me via marc.miller@protonmail.com.

Also, please encrypt your message for sensitive information using my public key:

-----BEGIN PGP PUBLIC KEY BLOCK----- mI0EWjJ6vAEEALxE2Zb3cAhUURXMS1AEisRE4gx0qbzrS/551c+iG0DgmxHvtTLF FRz3n0bZttdUPE99edV6ZO89udDfUTq8q6r+QFarCn1y0Tn675sIXYqbE0+NaVj1 QfzdxJ2FTdZva6cC/v/86btho7QZIPacGWgqmCK2G/mRUCMR1gtd+wh9ABEBAAG0 KE1hcmMgTWlsbGVyIDxtYXJjLm1pbGxlckBwcm90b25tYWlsLmNvbT6IvAQTAQoA JgUCWjJ6vAIbAwUJCWbdlAULCQgHAwUVCgkICwQWAgEAAh4BAheAAAoJEPEQM5EJ 7CEVL2IEAIPmvSaAelpVG6pZ1PTtr7lwaduQo1vLd7qI5B+44HWtk/w6ffjqsbVY Xk7HA/zhii2RPZkLdvnaQIkY3/torTQr2F0FPxZkCwpyHzWxdJFvyeB4wLTiNE45 6IM58IHAH1smswxCI2tMvaOJXboe9qBO9wfmyHOB7BZd0FaT2p5VuI0EWjJ6vAEE AMH3/zDo+EkK1ZeR5N0aUO3NnPJHc1tgESHg/dVFju92JJ5MliE0f4GGFmHGSFiY ZyhDGf0bGGTfevJox1jGusMaEivw1isnuHqdaM5vgFDJTL8q17L1yQkvjQGW4Xaz m0FVco/JISLu8zyX4A0eqkgKV0xs3QBPUJw93Gv3ESDHABEBAAGIpQQYAQoADwUC WjJ6vAIbDAUJCWbdlAAKCRDxEDORCewhFbHSBACZyT9niTYD6hyC2TPVs7qGMTVa dWsD3PRpJDlvDpTSkkDxyBoE0maE1q2YN2cTBr5OcEKz83bmFMp6dHTAP0wsXVY0 iHnmekHis24JJwSwf4Ljn/ihutjmslGH4Of0TELAgnm/w8mUwdF19jSM/JM/f+t/ eEhfXUHv2Rwto33RGw== =l4Wh -----END PGP PUBLIC KEY BLOCK-----

You can also communicate with me via Jabber (please write me an email to receive it)

Follow me on Facebook & Twitter.