CyberCrime List - 2024 2023 2021 2020 2019 2018 2017
DATE | NAME | Info | CATEG. | WEB |
| 21.6.25 | Police seizes Archetyp Market drug marketplace, arrests admin | Law enforcement authorities from six countries took down the Archetyp Market, an infamous darknet drug marketplace that has been operating since May 2020. | CyberCrime | BleepingComputer |
| 14.6.25 | Operation Secure disrupts global infostealer malware operations | An international law enforcement action codenamed "Operation Secure" targeted infostealer malware infrastructure in a massive crackdown across 26 countries, resulting in 32 arrests, data seizures, and server takedowns. | CyberCrime | |
| 11.6.25 | INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure | INTERPOL on Wednesday announced the dismantling of more than 20,000 malicious IP addresses or domains that have been linked to 69 information-stealing | CyberCrime | The Hacker News |
| 7.6.25 | BidenCash carding market domains seized in international operation | Earlier today, law enforcement seized multiple domains of BidenCash, the infamous dark web market for stolen credit cards, personal information, and SSH access. | CyberCrime | BleepingComputer |
| 6.6.25 | Google Chrome to distrust Chunghwa Telecom, Netlock certificates in August | Google says it will no longer trust root CA certificates signed by Chunghwa Telecom and Netlock in the Chrome Root Store due to a pattern of compliance failures and failure to make improvements. | CyberCrime | BleepingComputer |
| 6.6.25 | ‘Russian Market’ emerges as a go-to shop for stolen credentials | The "Russian Market" cybercrime marketplace has emerged as one of the most popular platforms for buying and selling credentials stolen by information stealer malware. | CyberCrime | BleepingComputer |
| 5.6.25 | DoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global Takedown | The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of cryptocurrency funds and about 145 clearnet and dark web domains associated | CyberCrime | The Hacker News |
| 1.6.25 | Police takes down AVCheck site used by cybercriminals to scan malware | An international law enforcement operation has taken down AVCheck, a service used by cybercriminals to test whether their malware is detected by commercial antivirus software before deploying it in the wild. | CyberCrime | BleepingComputer |
| 1.6.25 | Germany doxxes Conti ransomware and TrickBot ring leader | The Federal Criminal Police Office of Germany (Bundeskriminalamt or BKA) claims that Stern, the leader of the Trickbot and Conti cybercrime gangs, is a 36-year-old Russian named Vitaly Nikolaevich Kovalev. | CyberCrime | BleepingComputer |
| 1.6.25 | U.S. DoJ Seizes 4 Domains Supporting Cybercrime Crypting Services in Global Operation | A multinational law enforcement operation has resulted in the takedown of an online cybercrime syndicate that offered services to threat actors to ensure that | CyberCrime | The Hacker News |
| 28.5.24 | How 'Browser-in-the-Middle' Attacks Steal Sessions in Seconds | Would you expect an end user to log on to a cybercriminal's computer, open their browser, and type in their usernames and passwords? Hopefully not! But that's | CyberCrime | The Hacker News |
| 28.5.24 | Apple Blocks $9 Billion in Fraud Over 5 Years Amid Rising App Store Threats | Apple on Tuesday revealed that it prevented over $9 billion in fraudulent transactions in the last five years, including more than $2 billion in 2024 alone. The | CyberCrime | The Hacker News |
| 27.5.24 | Hackers Are Calling Your Office: FBI Alerts Law Firms to Luna Moth's Stealth Phishing Campaign | The U.S. Federal Bureau of Investigation (FBI) has warned of social engineering attacks mounted by a criminal extortion actor known as Luna Moth targeting law | CyberCrime | The Hacker News |
| 25.5.24 | Police takes down 300 servers in ransomware supply-chain crackdown | In the latest phase of Operation Endgame, an international law enforcement operation, national authorities from seven countries seized 300 servers and 650 domains used to launch ransomware attacks. | CyberCrime | BleepingComputer |
| 25.5.24 | Police arrests 270 dark web vendors, buyers in global crackdown | Police arrested 270 suspects following an international law enforcement action codenamed 'Operation RapTor' that targeted dark web vendors and customers from ten countries. | CyberCrime | |
| 23.5.24 | U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation | The U.S. Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and unsealed | CyberCrime | The Hacker News |
| 18.5.24 | Hackers behind UK retail attacks now targeting US companies | Google warned today that hackers using Scattered Spider tactics against retail chains in the United Kingdom have also started targeting retailers in the United States. | CyberCrime | |
| 17.5.24 | Kosovo extradites BlackDB admin to face US cybercrime charges | A Kosovo national has been extradited to the United States to face charges of running an online cybercrime marketplace active since 2018. | CyberCrime | BleepingComputer |
| 16.5.24 | Moldova arrests suspect linked to DoppelPaymer ransomware attacks | Moldovan authorities have detained a 45-year-old suspect linked to DoppelPaymer ransomware attacks targeting Dutch organizations in 2021. | CyberCrime | BleepingComputer |
| 16.5.24 | Police dismantles botnet selling hacked routers as residential proxies | Law enforcement authorities have dismantled a botnet that infected thousands of routers over the last 20 years to build two networks of residential proxies known as Anyproxy and 5socks. | CyberCrime | |
| 16.5.24 | FBI: End-of-life routers hacked for cybercrime proxy networks | The FBI warns that threat actors are deploying malware on end-of-life (EoL) routers to convert them into proxies sold on the 5Socks and Anyproxy networks. | CyberCrime | BleepingComputer |
| 13.5.24 | Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency | Moldovan law enforcement authorities have arrested a 45-year-old foreign man suspected of involvement in a series of ransomware attacks targeting Dutch | CyberCrime | The Hacker News |
| 11.5.24 | Police takes down six DDoS-for-hire services, arrests admins | Polish authorities have detained four suspects linked to six DDoS-for-hire platforms, believed to have facilitated thousands of attacks targeting schools, government services, businesses, and gaming platforms worldwide since 2022. | CyberCrime | BleepingComputer |
| 8.5.24 | UK shares security tips after major retail cyberattacks | Following three high-profile cyberattacks impacting major UK retailers, the country's National Cyber Security Centre (NCSC) has published guidance that all companies are advised to follow to strengthen their cybersecurity defenses. | CyberCrime | BleepingComputer |
| 7.5.24 | Europol Shuts Down Six DDoS-for-Hire Services Used in Global Attacks | Europol has announced the takedown of distributed denial of service (DDoS)-for-hire services that were used to launch thousands of cyber-attacks across the world. | CyberCrime | The Hacker News |
| 4.5.24 | Magento supply chain attack compromises hundreds of e-stores | A supply chain attack involving 21 backdoored Magento extensions has compromised between 500 and 1,000 e-commerce stores, including one belonging to a $40 billion multinational. | CyberCrime | |
| 2.5.24 | Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers | Cybersecurity researchers have shed light on a new campaign targeting WordPress sites that disguises the malware as a security plugin. The plugin, which goes by the | CyberCrime | The Hacker News |
| 26.4.25 | FBI: US lost record $16.6 billion to cybercrime in 2024 | FBI: US lost record $16.6 billion to cybercrime in 2024 | CyberCrime | |
| 10.4.25 | EncryptHub's dual life: Cybercriminal vs Windows bug-bounty researcher | EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling the line between cybercrime and security research. | CyberCrime | |
| 5.4.25 | Police shuts down KidFlix child sexual exploitation platform | Kidflix, one of the largest platforms used to host, share, and stream child sexual abuse material (CSAM) on the dark web, was shut down on March 11 following a joint action coordinated by German law enforcement. | CyberCrime | BleepingComputer |
| 3.4.25 | Europol Dismantles Kidflix With 72,000 CSAM Videos Seized in Major Operation | In one of the largest coordinated law enforcement operations, authorities have dismantled Kidflix, a streaming platform that offered child sexual abuse material | CyberCrime | The Hacker News |
|
29.3.25 |
New Atlantis AIO platform automates credential stuffing on 140 services | A new cybercrime platform named 'Atlantis AIO' provides an automated credential stuffing service against 140 online platforms, including email services, e-commerce sites, banks, and VPNs. | CyberCrime | |
|
26.3.25 |
Police arrests 300 suspects linked to African cybercrime rings | African law enforcement authorities have arrested 306 suspects as part of 'Operation Red Card,' an INTERPOL-led international crackdown targeting cross-border cybercriminal networks. | CyberCrime | |
|
26.3.25 |
Hackers Using E-Crime Tool Atlantis AIO for Credential Stuffing on 140+ Platforms | Threat actors are leveraging an e-crime tool called Atlantis AIO Multi-Checker to automate credential stuffing attacks, according to findings from Abnormal | CyberCrime | The Hacker News |
|
25.3.25 |
Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps | Cybersecurity researchers are calling attention to an Android malware campaign that leverages Microsoft's .NET Multi-platform App UI (.NET MAUI) framework to | CyberCrime | The Hacker News |
|
25.3.25 |
INTERPOL Arrests 306 Suspects, Seizes 1,842 Devices in Cross-Border Cybercrime Bust | Law enforcement authorities in seven African countries have arrested 306 suspects and confiscated 1,842 devices as part of an international operation | CyberCrime | The Hacker News |
|
20.3.25 |
Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts | A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers full control over their accounts and code. | CyberCrime | |
| 9.3.25 | Cybercrime 'crew' stole $635,000 in Taylor Swift concert tickets | New York prosecutors say that two people working at a third-party contractor for the StubHub online ticket marketplace made $635,000 after almost 1,000 concert tickets and reselling them online. | CyberCrime | BleepingComputer |
| 8.3.25 | Microsoft Warns of Malvertising Campaign Infecting Over 1 Million Devices Worldwide | Microsoft has disclosed details of a large-scale malvertising campaign that's estimated to have impacted over one million devices globally as part of what it | CyberCrime | The Hacker News |
| 1.3.25 | Suspected Desorden hacker arrested for breaching 90 organizations | A suspected cyber criminal believed to have extorted companies under the name "DESORDEN Group" or "ALTDOS" has been arrested in Thailand for leaking the stolen data of over 90 organizations worldwide. | CyberCrime | BleepingComputer |
|
14.1.25 | WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables | Cybersecurity researchers are warning of a new stealthy credit card skimmer campaign that targets WordPress e-commerce checkout pages by inserting | CyberCrime | The Hacker News |
|
28.10.24 | Cybercriminals Use Webflow to Deceive Users into Sharing Sensitive Login Credentials | Cybersecurity researchers have warned of a spike in phishing pages created using a website builder tool called Webflow, as threat actors | CyberCrime | |
15.9.24 | TfL requires in-person password resets for 30,000 employees after hack | Transport for London (TfL) says that all staff (roughly 30,000 employees) must attend in-person appointments to verify their identities and reset passwords following a cybersecurity incident disclosed almost two weeks ago. | CyberCrime | |
15.9.24 | UK arrests teen linked to Transport for London cyber attack | U.K.'s National Crime Agency says it arrested a 17-year-old teenager who is suspected of being connected to the cyberattack on Transport for London, the city's public transportation agency. | CyberCrime | |
14.9.24 | Chinese hackers linked to cybercrime syndicate arrested in Singapore | Six Chinese nationals and a Singaporean have been arrested on Monday in Singapore for their alleged role in malicious cyber activities committed in connection with a "global syndicate." | CyberCrime | |
13.9.24 | 17-Year-Old Arrested in Connection with Cyber Attack Affecting Transport for London | British authorities on Thursday announced the arrest of a 17-year-old male in connection with a cyber attack affecting Transport for | CyberCrime | The Hacker News |
11.9.24 | Singapore Police Arrest Six Hackers Linked to Global Cybercrime Syndicate | The Singapore Police Force (SPF) has announced the arrest of five Chinese nationals and one Singaporean man for their alleged | CyberCrime | The Hacker News |
8.9.24 | Hacker trap: Fake OnlyFans tool backstabs cybercriminals, steals passwords | Hackers are targeting other hackers with a fake OnlyFans tool that claims to help steal accounts but instead infects threat actors with the Lumma stealer information-stealing malware. | CyberCrime | |
8.9.24 | Hackers inject malicious JS in Cisco store to steal credit cards, credentials | Cisco's site for selling company-themed merchandise is currently offline and under maintenance due to hackers compromising it with JavaScript code that steals sensitive customer details provided at checkout. | CyberCrime | |
4.9.24 | Ex-Engineer Charged in Missouri for Failed $750,000 Bitcoin Extortion Attempt | A 57-year-old man from the U.S. state of Missouri has been arrested in connection with a failed data extortion campaign that targeted his | CyberCrime | The Hacker News |
31.8.24 | Employee arrested for locking Windows admins out of 254 servers in extortion plot | A former core infrastructure engineer at an industrial company headquartered in Somerset County, New Jersey, was arrested after locking Windows admins out of 254 servers in a failed extortion plot targeting his employer. | CyberCrime | |
25.8.24 | Russian laundering millions for Lazarus hackers arrested in Argentina | The federal police in Argentina (PFA) have arrested a 29-year-old Russian national in Buenos Aires, who is facing money laundering charges related to cryptocurrency proceeds of the notorious North Korean hackers' Lazarus Group.' | CyberCrime | |
25.8.24 | Greasy Opal's CAPTCHA solver still serving cybercrime after 16 years | A developer that researchers now track as Greasy Opal, operating as a seemingly legitimate business, has been fueling the cybercrime-as-a-service industry with a tool that bypasses account security solutions and allows bot-led CAPTCHA solving at scale. | CyberCrime | |
24.8.24 | Man sentenced for hacking state registry to fake his own death | A 39-year old man from Somerset, Kentucky, was sentenced to 81 months in federal prison for identity theft and faking his own death in government registry systems. | CyberCrime | |
23.8.24 | Latvian Hacker Extradited to U.S. for Role in Karakurt Cybercrime Group | A 33-year-old Latvian national living in Moscow, Russia, has been charged in the U.S. for allegedly stealing data, extorting victims, and | CyberCrime | The Hacker News |
21.8.24 | New Mad Liberator gang uses fake Windows update screen to hide data theft | A new data extortion group tracked as Mad Liberator is targeting AnyDesk users and runs a fake Microsoft Windows update screen to distract while exfiltrating data from the target device. | CyberCrime | |
21.8.24 | Azure domains and Google abused to spread disinformation and malware | A clever disinformation campaign engages several Microsoft Azure and OVH cloud subdomains as well as Google search to promote malware and spam sites. | CyberCrime | |
21.8.24 | Russian who sold 300,000 stolen credentials gets 40 months in prison | Georgy Kavzharadze, a 27-year-old Russian national, has been sentenced to 40 months in prison for selling login credentials for over 300,000 accounts on Slilpp, the largest online marketplace of stolen logins, until its seizure in June 2021. | CyberCrime | |
17.8.24 | Russian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark Web | A 27-year-old Russian national has been sentenced to over three years in prison in the U.S. for peddling financial information, login | CyberCrime | The Hacker News |
16.8.24 | WWH-Club credit card market admins arrested after cash spending spree | U.S. law enforcement has arrested two suspected admins of the WWH-Club stolen credit card marketplace after they went on a cash spending spree in Florida. | CyberCrime | |
4.8.24 | Credit card users get mysterious shopify-charge.com charges | People worldwide report seeing mysterious $1 or $0 charges from Shopify-charge.com appearing on their credit card bills, even when they did not attempt to purchase anything. | CyberCrime | |
3.8.24 | Former Avaya employee gets 4 years for $88M license piracy scheme | Three individuals who orchestrated a massive-scale pirate operation involving the sale of Avaya business telephone system software licenses worth over $88,000,000 have received imprisonment sentences. | CyberCrime | |
1.8.24 | DigiCert to Revoke 83,000+ SSL Certificates Due to Domain Validation Oversight | Certificate authority (CA) DigiCert has warned that it will be revoking a subset of SSL/TLS certificates within 24 hours due to an oversight | CyberCrime | The Hacker News |
28.7.24 | Acronis warns of Cyber Infrastructure default password abused in attacks | Acronis warned customers to patch a critical Cyber Infrastructure security flaw that lets attackers bypass authentication on vulnerable servers using default credentials. | CyberCrime | |
24.7.24 | Magento Sites Targeted with Sneaky Credit Card Skimmer via Swap Files | Threat actors have been observed using swap files in compromised websites to conceal a persistent credit card skimmer and harvest | CyberCrime | The Hacker News |
22.7.24 | UK arrests suspected Scattered Spider hacker linked to MGM attack | UK police have arrested a 17-year-old boy suspected of being involved in the 2023 MGM Resorts ransomware attack and a member of the Scattered Spider hacking collective. | CyberCrime | |
21.7.24 | 17-Year-Old Linked to Scattered Spider Cybercrime Syndicate Arrested in U.K. | Law enforcement officials in the U.K. have arrested a 17-year-old boy from Walsall who is suspected to be a member of the notorious | CyberCrime | The Hacker News |
14.7.24 | Huione Guarantee exposed as a $11 billion marketplace for cybercrime | The seemingly legitimate online marketplace Huione Guarantee is being used as a platform for laundering money from online scams, especially "pig butchering" investment fraud, researchers say. | CyberCrime | |
5.7.24 | Europol takes down 593 Cobalt Strike servers used by cybercriminals | Europol coordinated a joint law enforcement action known as Operation Morpheus, which led to the takedown of almost 600 Cobalt Strike servers used by cybercriminals to infiltrate victims' networks. | CyberCrime | |
5.7.24 | CDK Global says all dealers will be back online by Thursday | CDK Global says that its dealer management system (DMS), impacted by a massive IT outage following a June 18th ransomware attack, will be back online by Thursday for all car dealerships | CyberCrime | |
4.7.24 | Global Police Operation Shuts Down 600 Cybercrime Servers Linked to Cobalt Strike | A coordinated law enforcement operation codenamed MORPHEUS has felled close to 600 servers that were used by cybercriminal | CyberCrime | The Hacker News |
| 27.6.24 | Crown Equipment confirms a cyberattack disrupted manufacturing | Forklift manufacturer Crown Equipment confirmed today that it suffered a cyberattack earlier this month that disrupted manufacturing at its plants. | CyberCrime | |
| 27.6.24 | CDK Global cyberattack impacts thousands of US car dealerships | Car dealership software-as-a-service provider CDK Global was hit by a massive cyberattack, causing the company to shut down its systems and leaving clients unable to operate their business normally. | CyberCrime | |
| 27.6.24 | Scathing report on Medibank cyberattack highlights unenforced MFA | A scathing report by Australia's Information Commissioner details how misconfigurations and missed alerts allowed a hacker to breach Medibank and steal data from over 9 million people. | CyberCrime | |
| 27.6.24 | New Credit Card Skimmer Targets WordPress, Magento, and OpenCart Sites | Multiple content management system (CMS) platforms like WordPress, Magento, and OpenCart have been targeted by a new | CyberCrime | The Hacker News |
| 19.6.24 | Two men guilty of breaching law enforcement portal in blackmail scheme | Two men have pleaded guilty to hacking into a federal law enforcement database to steal personal information of those they were extorting. | CyberCrime | |
| 19.6.24 | Alleged Scattered Spider sim-swapper arrested in Spain | A 22-year-old British national allegedly linked to the Scattered Spider hacking group and responsible for attacks on 45 U.S. companies has been arrested in Palma de Mallorca, Spain. | CyberCrime | |
| 18.6.24 | Singapore Police Extradites Malaysians Linked to Android Malware Fraud | The Singapore Police Force (SPF) has announced the extradition of two men from Malaysia for their alleged involvement in a mobile | CyberCrime | The Hacker News |
| 16.6.24 | U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain | Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider. The | CyberCrime | The Hacker News |
| 16.6.24 | Former IT employee gets 2.5 years for wiping 180 virtual servers | A former quality assurance employee of National Computer Systems (NCS) was sentenced to two years and eight months in prison for reportedly deleting 180 virtual servers after being fired. | CyberCrime | |
| 9.6.24 | Los Angeles Unified School District investigates data theft claims | Los Angeles Unified School District (LAUSD) officials are investigating a threat actor's claims that they're selling stolen databases containing records belonging to millions of students and thousands of teachers. | CyberCrime | |
30.5.24 | Europol Shuts Down 100+ Servers Linked to IcedID, TrickBot, and Other Malware | Europol on Thursday said it shut down the infrastructure associated with several malware loader operations such as IcedID, | CyberCrime | The Hacker News |
30.5.24 | Cybercriminals Abuse Stack Overflow to Promote Malicious Python Package | Cybersecurity researchers have warned of a new malicious Python package that has been discovered in the Python Package Index | CyberCrime | The Hacker News |
29.5.24 | BreachForums Returns Just Weeks After FBI Seizure - Honeypot or Blunder? | The online criminal bazaar BreachForums has been resurrected merely two weeks after a U.S.-led coordinated law enforcement | CyberCrime | The Hacker News |
27.5.24 | Moroccan Cybercrime Group Steals Up to $100K Daily Through Gift Card Fraud | Microsoft is calling attention to a Morocco-based cybercrime group dubbed Storm-0539 that's behind gift card fraud and theft | CyberCrime | The Hacker News |