From malware and botnets to the latest cybercriminal schemes, check out what today’s black hat hackers are up to.

Blog > Cybercrime

IoT Hacks May Bring Frenzy of Litigation

August 21, 2018

The rush-to-market for connected, embedded, and smart devices has already left security in the rear-view mirror. And despite the Mirai attacks of 2016 and other countless Internet-of-things-related vulnerabilities and security research, little has been accomplished in keeping these devices from becoming an easy port of entry or pivot point for attacks targeting enterprises. Now to […]

Read more

Chatbots Say Plenty About New Threats to Data

Chatbots are becoming a useful customer interaction and support tool for businesses. These bots are powered by an artificial intelligence that allows customers to ask simple questions, pay bills, or resolve conflicts over transactions; they’re cheaper than hiring more call center personnel, and they’re popping up everywhere. As with most other innovations, threat actors have […]

Read more

Money Mules Remain Instrumental in Money-Laundering Schemes

July 30, 2018

In May, it was reported that criminals had siphoned hundreds of millions of pesos from Mexican banks through unauthorized transfers. The attack exploited problems with third-party software used by banks to connect to Mexico’s interbanking electronic payment system to send unauthorized transfers to various accounts at other banks. The transfers were quickly withdrawn as cash, […]

Read more

Malware Loaders Continue to Evolve, Proliferate

Loaders, for the most part, have one job: grab malicious executables or payloads from an attacker-controlled server. But that doesn’t mean there isn’t more happening under the hood of some, such as a user-friendly UI, self-healing capabilities, or the equivalent of a retail shop where a botmaster can sell his bots to potential clients. Loaders […]

Read more

Combating Online Extortion with Readiness and Response

July 18, 2018

Extortion over the internet is often a cybercriminal’s quickest path to profits. It can take little more than a commodity exploit to drop ransomware onto a vulnerable endpoint, or a weak password to commandeer a poorly configured online storage service or database. The end result for the victim is instant angst as proprietary or customer […]

Read more

Peer-to-Peer Cryptocurrency Exchanges Abused in Cash-Out Schemes

By Flashpoint Analyst Team
July 16, 2018

Cybercriminals responding to security measures such as Know-Your-Customer implemented by Coinbase and other reputable cryptocurrency exchanges have begun to abuse legitimate peer-to-peer exchanges instead to convert or launder stolen funds. Flashpoint analysts have observed a growing number of underground discussions and specific recommendations around certain peer-to-peer services that threat actors consider valuable for converting cash […]

Read more

Wait Continues for AlphaBay Successor

July 9, 2018

The day international authorities announced last summer they had shuttered the AlphaBay and Hansa Deep & Dark Web (DDW) markets signaled a new order of doing business on the cybercrime and fraud underground. Gone in a relative instant were the days of the massive, centralized markets peddling drugs, guns, malware and more, and introduced instead […]

Read more

Banco de Chile ‘MBR Killer’ Reveals Hidden Nexus to Buhtrap Malware Kit Used to Target Financial Institutions, Payment Networks

Wiper malware that may have destroyed as many as 9,000 workstations and 500 servers inside the Banco de Chile in a late-May attack has similarities to the Buhtrap malware component known as MBR Killer, leaked to the underground in February 2016. Analysts at Flashpoint reverse-engineered the identified malware linked to the May 24 attack against […]

Read more

SIM Swap Fraud Offers Account Takeover Opportunities for Cybercriminals

By Flashpoint Analyst Team
June 8, 2018

Key Takeaways • The term SIM swapping has historically referred to phone number takeover using a variety of different methods. These have included password reuse, social engineering of customer service professionals, and using leaked databases and personal information (such as Social Security numbers (SSNs) to facilitate phone line takeover. More recently, observed online activity suggests […]

Read more