Tag: Cybercrime 2026
-
The AI Multiplier: How North Korea’s “HexagonalRodent” Turned ChatGPT into a $12M Crypto Heist
Inexperienced North Korean cyber operatives have successfully exfiltrated millions of dollars in cryptocurrency over a span of several months. This feat was achieved not through the deployment of novel malware or the exploitation of sophisticated vulnerabilities, but rather by leveraging commonplace artificial intelligence tools. Specialists from Expel have detailed the activities of HexagonalRodent, a collective…
-
Shadow Nodes: Deciphering the Rise of Ashab al-Yamin in the European Cyber Landscape
The emergence of the nascent hacking collective Harakat Ashab al-Yamin al-Islamia has piqued the curiosity of security analysts following a spate of declarations regarding its operations within Europe. However, extant empirical evidence remains insufficient to categorize the group as a cohesive or autonomous entity. The inception of Ashab al-Yamin was initially brought to light by…
-
The Assembly Line of Extortion: How Vect and TeamPCP Weaponized the Global Software Supply Chain
The cybercrime landscape has taken a definitive step toward “assembly-line” extortion. The Vect collective has established a dual partnership that radically simplifies the execution of assaults while exponentially expanding their reach. By aligning with BreachForums and the TeamPCP syndicate, these adversaries are effectively transmuting ransomware dissemination into a high-volume service, complete with a turnkey infrastructure…
-
The Cheat Code Trap: How Vidar 2.0 is Hijacking GitHub and Reddit to Pillage the Gaming World
The vanguard at Acronis has chronicled a sprawling campaign of malicious software proliferation, coursing through the veins of prominent developer sanctuaries and gaming commonwealths. Digital marauders are cloaking venomous artifacts as “gratuitous exploits” for video games, thereby ensnaring a demographic entirely willing to solicit unsanctioned software in the pursuit of an artificial, competitive supremacy. Intelligence…
-
Poisoned Play: FBI Seeks Victims of Massive Malware Campaign Hiding in Steam Indie Games
The Federal Bureau of Investigation is profoundly broadening its inquiry into the proliferation of malicious software across the Steam digital storefront. Operatives stationed at the Seattle field office are diligently endeavoring to ascertain the identities of patrons who may have fallen victim to the installation of these corrupted digital entertainments. According to the bureau’s chronicles,…
-
Badge for Sale: How Hackers are Using Hijacked Police Portals to Steal Your Private Data
A particularly insidious commodity has surfaced upon clandestine subterranean forums: unfettered access to the verified electronic mail repositories of American police departments, alongside entry into the Kodex Global portal—the digital conduit through which law enforcement apparatuses dispatch subpoenas, warrants, and Emergency Data Requests (EDRs). According to intelligence gathered by Dataminr, a singular purveyor initially listed…
-
Digital Vendetta: The Unmasking of “Dort,” the Kimwolf Botmaster Behind a Global Swatting Campaign
In early January, a veritable tempest engulfed the sprawling Kimwolf botnet. Following the publication of an exposé detailing how a vulnerability within residential proxy services facilitated the construction of a colossal network of compromised devices, an individual operating under the pseudonym “Dort” launched a relentless offensive. The author of the report and the security specialist…
-
Digital Phantoms for Sale: The Rise and Fall of OnlyFake’s $1.2M Counterfeit Empire
A clandestine digital service capable of fabricating a passport from virtually any nation in mere minutes has ultimately led its architect to a New York courtroom. The defendant has formally pleaded guilty to orchestrating the illicit sale of over 10,000 forged digital identification credentials via the “OnlyFake” platform. Prosecutors articulated that the perpetrator presided over…
-
The Great Dispersal: How the Fall of the RAMP Forum Birthed a New Breed of Ransomware Enclaves
In late January 2026, American law enforcement agencies dismantled a prominent platform that had served for years as a nexus for coordinating ransomware attacks. This was the RAMP (Ransomware and Advanced Malware Protection) forum, which since 2021 had functioned as a rendezvous point for ransomware operators and their affiliates—accomplices who infiltrate victim networks, deploy encryption…
-
The Bosphorus Breach: Turkish Hackers Coalesce on the New “LegionNull” Darknet Forum
The surveillance of clandestine marketplaces has encountered a burgeoning subject of interest. Analysts have documented the inauguration of LegionNull, a Turkish-language forum that has already coalesced an audience dedicated to the trafficking of purloined data and illicit services. The emergence of this resource was reported by the VECERT Analyzer project, which monitors darknet activity. According…
-
The Ghost in the Machine: UN Exposes North Korea’s $2B Deepfake IT Scam
North Korea continues to amass billions of dollars through a sophisticated synthesis of cybercrime and fraudulent remote employment, prompting the United States to elevate this discourse to the highest international echelons. On January 12, Washington exhorted the United Nations member states to adopt a more rigorous stance against Pyongyang’s machinations, which facilitate the circumvention of…
-
Armenia Under Siege: Hacker Claims Sale of 8 Million Government Records
Disclosures regarding the illicit sale of a database purportedly linked to Armenia’s state postal and notification services have surfaced on a cybercriminal forum, according to reports from Daily Dark Web. The perpetrators assert that the repository comprises approximately 8 million records associated with official government mandates, encompassing communications from the Compulsory Enforcement Service, the Patrol…
-
Doomsday for Hackers: 324,000 BreachForums Accounts Exposed in Massive Leak
A comprehensive database associated with BreachForums—one of the most notorious clearinghouses for exfiltrated data and illicit network access—has been leaked online, compromising the credentials of nearly 324,000 accounts. The platform has survived numerous incarnations, tracing its lineage back to the defunct RaidForums, which collapsed following the apprehension of its proprietor. Since that time, BreachForums has…
-
Operation Black Axe: 34 Arrested in Spain as Global Fraud Syndicate Topples
A coordinated international endeavor, spearheaded by the Spanish National Police and bolstered by the expertise of Europol and the Bavarian Criminal Police, has culminated in the apprehension of 34 suspected affiliates of the notorious Black Axe criminal syndicate. These arrests, executed across Seville, Madrid, Malaga, and Barcelona, target an organization allegedly responsible for sophisticated financial…
-
The Ghost in the Terminal: How “Ghost Tap” Malware Hijacks Your NFC Card
Group-IB researchers have identified a burgeoning proliferation of Android malware within subterranean marketplaces designed to exploit Near Field Communication (NFC) technology for fraudulent contactless payments. This criminal ecosystem is primarily attributed to Mandarin-speaking syndicates operating via Telegram. Within these clandestine circles, the tools are frequently marketed under monikers such as “CardWallet” or “Remote Pay,” while…