Europol Now Going After People Who Bought DDoS-for-Hire Services

If you were a buyer of any online DDoS-for-hire service, you might be in trouble.

After taking down and arresting the operators of the world's biggest DDoS-for-hire service last year, the authorities are now in hunt for customers who bought the service that helped cyber criminals launch millions of attacks against several banks, government institutions, and gaming industry.

Europol has announced that British police are conducting a number of live operations worldwide to track down the users of the infamous Webstresser.org service that the authorities dismantled in April 2018.

FACEBOOK LET DOZENS OF CYBERCRIME GROUPS OPERATE IN PLAIN SIGHT

FACEBOOK'S FAILURE TO moderate bad behavior on the sprawling online world it created, what with political trolls, extremist content, and livestreamed acts of horrific violence, has received a torrent of criticism. But researchers have found that the social media giant is also failing to police a far more basic and decades-old internet problem among its users: plain old cybercrime.

Researchers at Cisco's Talos security division on Friday revealed that they'd uncovered 74 Facebook groups devoted to the sale of stolen credit card data, identity info, spam lists, hacking tools, and other cybercrime commodities. The researchers say those groups sat in plain sight, with names like Spam Professional and Spammer and Hacker Professional, attracting 385,000 members in all. Anyone could find them with a site search for basic terms like "carding" or "CVVs," a reference to the security codes on the back of credit cards.

FIN6 cybercrime actor adds ransomware to its repertoire

Traditionally associated with payment card theft, the cybercriminal group FIN6 has expanded its operations to apparently include ransomware attacks using the malicious encryption programs Ryuk and LockerGoga, according to researchers.

Investigations by the FireEye Intelligence research team and the company’s Mandiant division have revealed that FIN6’s ransomware activity dates back to July 2018, and has reportedly caused tens of millions of dollars in damage. Such behavior is a far cry from the group’s more traditional m.o., which involves using malware to steal card data from retail and hospital companies, and then selling that information on underground marketplaces.