< ciso
brief />
Tag Banner

All news with #cybercriminal tag

118 articles · page 4 of 6

Global Collaboration to Deter Systemic Cybercrime at Scale

🤝 At Davos, Fortinet argues that cybercrime has evolved into an economic system sustained by specialized markets such as ransomware collectives and Cybercrime-as-a-Service. Attackers are leveraging automation and AI to scale and personalize campaigns, while defenders remain constrained by fragmented jurisdictions, voluntary sharing, and an enduring skills gap. The piece calls for scalable, incentive-driven collaboration, trusted reporting, expert validation, and stronger law enforcement partnerships to shift the economics in favor of defenders.
read more →

Tudou Guarantee Telegram Operations Shut After Sanctions

🛑 Elliptic reports that Tudou Guarantee, a major marketplace in the Southeast Asia scam economy, is shutting down its Telegram groups after US and UK sanctions tied to the Prince Group. Launched in 2023, the platform is linked to roughly $12bn in crypto transactions and absorbed merchants migrating from Huione Guarantee. While gambling and other non-fraud arms appear to continue, Elliptic notes a sharp drop in central wallet activity after the January 2026 arrest of Prince Group chairman Chen Zhi, and warns displaced actors will likely disperse across other marketplaces.
read more →

Tudou Guarantee Marketplace Halts Public Transactions

🔍 Elliptic reports that Tudou Guarantee, a Telegram-based guarantee marketplace, has effectively ceased processing transactions through its public Telegram groups after rapid growth and is estimated to have handled over $12 billion, ranking it among the largest illicit marketplaces. Some operations, notably gambling services, remain active, so Elliptic says this may be a staged shutdown or a strategic pivot. The pause in public activity coincides with law enforcement moves tied to the arrest and extradition of Prince Group CEO Chen Zhi.
read more →

Microsoft Seizes Servers, Disrupts RedVDS Cyberplatform

🔒 Microsoft says it disrupted RedVDS, a cybercrime-as-a-service platform tied to at least $40 million in U.S. losses since March 2025. The company filed civil lawsuits in the U.S. and U.K., and — working with Europol and German authorities — seized servers, took the marketplace and customer portal offline, and removed malicious infrastructure. RedVDS rented disposable Windows cloud servers worldwide to enable large-scale phishing, BEC, credential theft and AI‑enhanced impersonation campaigns.
read more →

Cybercrime Inc.: Organized Hackers Outpacing IT Defense

🔒 Cybercrime has evolved into a structured, global underground economy that mirrors legitimate corporations, with departments, KPIs, and scalable supply chains. Models like ransomware-as-a-service let nontechnical actors license malware, buy access, and outsource extortion, while payments and sales are managed via closed forums and cryptocurrencies. The result is an efficient, agile adversary that exploits human error, leverages AI for social engineering, and gains a persistent speed advantage over often bureaucratic defenders.
read more →

Spain Arrests 34 Suspects Linked to Black Axe Cybercrime

🛡️ Spanish law enforcement arrested 34 individuals in a coordinated operation targeting a criminal network tied to the Black Axe syndicate, with assistance from the Bavarian State Criminal Police Office and Europol. Searches in Seville, Madrid, Malaga, and Barcelona yielded €66,400 in cash, electronic devices, vehicles, and frozen bank accounts totaling €119,350. Authorities say the group specialized in Man-in-the-Middle (MITM) frauds, notably Business Email Compromise, and caused more than $6 million in losses over 15 years, $3.5 million of which relate to this case. Four principal suspects are in pretrial detention and face charges including aggravated continuous fraud, money laundering, and document forgery.
read more →

Europol: 34 Arrested in Spain in Major Black Axe Operation

🚨 Europol and the Spanish National Police announced the arrest of 34 suspected members of the Black Axe transnational crime group across Seville, Madrid, Málaga and Barcelona. Authorities froze €119,352 in bank accounts and seized €66,403 in cash during coordinated searches, while estimating fraud losses exceeding €5.93 million linked to the network. Investigators describe Black Axe as a hierarchical syndicate involved in cyber-enabled fraud, trafficking, kidnapping and other violent crimes with origins in Nigeria.
read more →

Europol Leads Global Crackdown on Black Axe Gang Members

🛡️ Europol-backed Spanish and German police have arrested 34 suspects linked to the international cybercriminal group Black Axe, executing coordinated raids across Seville, Madrid, Málaga and Barcelona. Authorities froze €119,352 in bank accounts and seized €66,403 in cash while attributing nearly €6m in local fraud losses to the cell. Europol provided intelligence, analysis and on-site support to disrupt a core group that recruits money mules in high-unemployment areas and runs BEC, romance scam, phishing and extortion operations.
read more →

Telegram Hosting World's Largest Chinese Darknet Market

🔎 Elliptic's analysis shows Chinese-language darknet marketplaces on Telegram have expanded to unprecedented scale, despite Telegram's early‑2025 takedowns of two major sites. The current leading platforms, Tudou Guarantee and Xinbi Guarantee, are estimated to facilitate nearly $2 billion per month in money‑laundering and illicit commerce. They traffic in stolen data, scam infrastructure, fake investment sites, AI deepfake tools, and a wide range of illegal services that directly enable large-scale "pig butchering" romance and investment scams.
read more →

Cybercrime Inc.: When Hackers Outpace Corporate IT and Defenses

🔍 Cybercrime has evolved into a structured, global underground economy that frequently outperforms corporate IT in speed, efficiency and scale. Organized groups now run with defined roles, measurable KPIs and productized offerings such as Ransomware-as-a-Service, enabling nontechnical affiliates to launch high-impact attacks. The decisive metric is no longer if an organization will be targeted but how quickly it can recover and limit reputational and operational damage.
read more →

KrebsOnSecurity Marks 16 Years of Cyber Investigations

🎉 KrebsOnSecurity.com marks its 16th anniversary with a year of investigative reporting that focused on entities enabling complex, globally dispersed cybercrime. Coverage in 2025 examined rebranded bulletproof hosting such as Stark Industries Solutions, the rise and sanctioning of payment processor Cryptomus, pervasive voice- and SMS-phishing operations, and massive disruptive botnets including Aisuru and the emergent Kimwolf. The site detailed law enforcement actions, record DDoS assaults on the publication, and upcoming deep-dive reporting into Kimwolf. Readers are invited to subscribe to the plain-text newsletter and to consider exempting the site from ad blockers to support independent reporting.
read more →

Cybercriminals Recruiting Insiders in Finance, Telecom, Tech

🔒 Cyber criminals are increasingly recruiting insiders at banks, telecoms, and tech firms to obtain network and cloud access. Darknet adverts offer payouts ranging from $3,000 to $15,000 for account credentials or direct access, and threat actors target crypto exchanges, banks, and major cloud providers. Effective prevention requires employee education, enforced access controls, and active darknet monitoring.
read more →

US Indicts 54 in ATM 'Jackpotting' Scheme Using Ploutus

💰 Federal prosecutors announced indictments against 54 individuals accused of using Ploutus malware to carry out ATM 'jackpotting' attacks across the United States. Two separate grand jury indictments in the District of Nebraska charge 22 and 32 defendants with installing malware, removing or replacing ATM hard drives, and forcing cash dispensals. Authorities allege total losses reached $40.73m and tie some activity to the Venezuelan syndicate Tren de Aragua.
read more →

FBI Disrupts Russian Crypto Exchange Supporting Cybercrime

🔒 The FBI led an international operation that seized websites and infrastructure tied to E-Note, a Russian-controlled cryptocurrency exchange alleged to have facilitated laundering for cybercriminals. Authorities unsealed an indictment on Dec. 17 against Mykhalio Petrovich Chudnovets, accused of offering money laundering services since 2010. Law enforcement recovered servers, mobile apps, customer databases and records linking more than $70m in illicit proceeds to ransomware and account-takeover campaigns.
read more →

European Operation Dismantles €10M Ukraine Call-Center Ring

🔍 Eurojust coordinated a cross-border operation that disrupted a Ukraine-based call-centre fraud ring alleged to have defrauded consumers of more than €10m ($11.7m). An action day on 9 December produced 72 searches in Dnipro, Ivano-Frankivsk and Kyiv, resulting in 12 arrests and 45 suspects identified. Authorities seized forged IDs, computers, phones, a polygraph machine, cash, 21 vehicles and weapons. Investigators say scammers used remote-access tools and bogus 'safe' accounts, recruiting staff from multiple countries and offering up to 7% of proceeds plus large bonuses to high earners.
read more →

Spain Arrests 19-Year-Old Suspect Over 64M Data Records

🔒 A 19-year-old suspect in Igualada, Barcelona, was arrested after authorities linked him to breaches at nine companies and the theft of 64 million private records. Police say the dataset included full names, home addresses, email addresses, phone numbers, DNI numbers and IBAN codes that the suspect attempted to sell on hacker forums using multiple accounts and pseudonyms. Officers seized computers and cryptocurrency wallets believed to hold proceeds from the sales; the investigation began in June. Separately, Ukrainian police arrested a 22-year-old who used custom malware and a 5,000-account bot farm to compromise and sell social media access.
read more →

California Man Pleads in $263M Cryptocurrency Theft

🔒 Evan Tangeman, 22, has pleaded guilty to laundering proceeds from a sophisticated criminal network that stole roughly US $263 million in cryptocurrency. Prosecutors say the Social Engineering Enterprise was organised via online gaming connections and used hackers, impersonating 'callers', burglars and money launderers to seize and convert victims' crypto. Tangeman admitted converting about US $3.5 million and faces sentencing on April 24, 2026.
read more →

Poland Detains Ukrainians Carrying Advanced Hacking Gear

🔒Three Ukrainian nationals were arrested in Poland after police discovered a cache of devices alleged to be capable of interfering with strategic IT and telecommunications systems. Officers seized a Flipper Zero, a K19 RF/GS detector, antennas, laptops, numerous SIM cards, routers, portable drives, and cameras. The suspects, aged 39–43, face charges including fraud, computer fraud, and possession of tools intended for criminal activity, and are detained pending trial.
read more →

Smashing Security Ep. 446: Doxxing and SE-as-a-Service

🔐 In episode 446 of the Smashing Security podcast, Graham Cluley and guest Rik Ferguson discuss a teenage cybercriminal who inadvertently doxxed himself by mocking a sextortion scammer. They examine how stolen data has become the jet fuel of cybercrime and consider worrying trends for 2026. Plus, Graham rants about intrusive recipe sites and shares musical notes about Lily Allen.
read more →

Pall Mall Process to Define Responsible Cyber Intrusion

🛡️ The Pall Mall Process, launched in 2024 by the UK and France with 27 governments and major tech firms onboard, seeks to set guidelines for commercial cyber intrusion capabilities. Its second phase invites input from the offensive cyber industry — vendors, brokers, researchers and service providers — on what constitutes responsible behaviour. The guidance will complement the existing Code of Practice for States and aims to curb irresponsible trade in spyware and zero‑day exploits. The public consultation closes on December 22.
read more →