Author: admin

UK train stations, including London Euston and Manchester Piccadilly, faced a cyber-attack displaying Islamophobic messages

Researchers discover mobile crypto drainer malware hidden in WalletConnect app garnering 10,000 downloads

The institute no longer requires regular password changes unless the authenticator has been compromised

Bitdefender is warning League of Legends fans not to fall for a phishing campaign designed to spread Lumma Stealer malware

The IDC MarketScape evaluates the capabilities and business strategies of managed detection and response service providers serving the European market.

A good—long, complex—analysis of the EU’s new Cyber Resilience Act.

What if I told you that the most important thing you need to keep your kids safe online doesn’t come in a box or via a download? And that it doesn’t require you to be monitoring or supervising their every move. And even better – it doesn’t cost any money!! Yep – you’d be interested, I’m sure. After almost 13 years as Cybermum, I’ve experienced plenty of ‘aha’ cybersafety moments. But, without doubt, one of the biggest learnings for me is that creating a family culture where there is calm, honest, and truly open communication is the best way to protect your kids online. In fact, it’s likely far more powerful than the latest apps or software, and here’s why…

Like It Or Not, Screens Are Here To Stay

I’m a big fan of trying to minimise the amount of time kids spend in front of a screen for so many reasons. There is a plethora of research to support how ‘too much’ screen time can adversely affect kids’ behaviour. A 2022 US study of K-12 educators in the US showed that 80% of educators believed that increased screen time worsened children’s behaviour. There are studies that show excessive (and early) screen time can potentially affect a child’s cognitive, linguistic, and social-emotional growth. And even some research shows that the effects of excessive screen time can be similar to the symptoms of autism.

But the reality is that screens aren’t going anywhere soon. We live in a digital world where you actually can’t go about your business without a device and a screen. When was the last time you tried going into a bank branch??? Instead, I believe we need to think of screens a little like we think of sugar. We know it’s not great for us, so we try and minimise our intake.

But how good would it be if our kids understood this perspective, so they also realised that too much screen time wasn’t ideal? Well, they can – weave it into family conversations!

24/7 Monitoring Is Impossible – You Have To Sleep and Work and Live!

When ‘digital parenting’ became a thing about 15 – 20 years ago, we were all told that we needed to constantly monitor our kids to ensure they weren’t visiting inappropriate websites or speaking to strangers online. I remember trying so hard to stay across the online movements of four kids – I’ve got to admit it was quite time-consuming and exhausting!! Full credit to those parents who put in the hours to keep their kids safe.

Fast forward to 2024 and there is now a comprehensive range of ‘parental control’ apps and software that can act as another set of ‘eyes and ears’ for parents. And while they can be great tools to have in your digital parenting toolbox, they are not the silver bullet. What happens when your child is visiting at another family’s house that doesn’t have parental controls set up? What happens if your child uses a friend’s device while travelling home on the bus to ‘get around’ the parental controls at home? And what about, if they work out how to turn them off?? Remember, are digital natives are quite savvy!!

But if you regularly talk online safety with your kids at home then you have a big head start here. In fact, your stress levels should be relatively low. When you make it a priority to talk to your kids about what they do online – in a non-judgemental way – and share your stories, the latest trends and risks then you are in a good place. If your kids know you understand their digital life, know that you can handle the tough stuff, and know with 100% confidence that you are NOT going to go berserk if they come to you with a problem then you do not need to worry about monitoring their every move. You’ve empowered them with knowledge and offered them a safety net – perfect!

How To Create a Culture of Calm and Honest Communication

Before I share my top tips with you I want to make it very clear that this is not an exercise in being a perfect parent. There is no such thing as a perfect parent – we are all on a journey and learning as we go. So, please don’t feel psyched out or worry that it’s too late. We’re all doing the best we can to raise our kids – so just keep on keeping on!

There are a few key things that I believe contribute to creating a top-notch communication culture in a family. Here are my top recommendations.

1. Active Listening Is Essential

I learnt pretty early on in my parenting career that if you’re not being an active listener, you’re not really getting the full story. Active listening happens when you’re fully engaged with your child and is one of the best ways to communicate that you care and that you’re interested which in turn encourages them to open up more. Perfect! Here’s what I suggest:

• Use body language to show you’re paying attention – make eye contact, face them, and be at their level (if they are shorter than you)
• Pay attention to their facial expression and body language too. Sometimes words only tell part of the story.
• Ask questions to encourage them to share more ‘tell me more’ or ‘what happened next?’
• Don’t finish their sentences or interrupt – even if they are stalling or struggling to find the right words. Bite your tongue, if you need to!
• Resist the urge to problem-solve straight away. Sometimes they just need someone to listen and share with.

2. Commit To Being Calm

Let’s be honest, very few of us are calm or relaxed 365 days of the year! But if you’re keen to maximise the chances that your kids will come to you if they do find themselves in a tricky situation then you need to ‘fake it till you make it’ my friends!

Conflict and heated discussions with teens are inevitable – I’ve definitely had my fair share! But it’s how you work through it that’s important. If you want a truly open and honest relationship with your child where they feel safe to talk about awkward things like sex, alcohol, cyberbullying, and even pornography, then you need to be ready to manage your own feelings and reactions when you hear things that you don’t expect or simply don’t like.

If you’re struggling to remain calm and deal with emotions from conversations with your teen then why not take some time to invest in yourself? Hit the road and walk it off, find some breathing exercises or a meditation on YouTube, or pick up the phone and call a friend.  By role-modelling honest conversation and a calm approach, you’re teaching your children how to be respectful and calm and have open and tough conversations. What a life skill!

And if you can’t manage to remain calm and you lose your cool – simply apologise, give them a hug, and commit to doing better next time.

3. Don’t Shy Away From The Tricky Stuff eg Sex, Pornography and Cyberbullying

When I was growing up, I had a few friends who had very open relationships with their parents. Everything was discussed – nothing was off-limits! These friends all had a certain confidence, a knowing that they had someone in their corner who had their back, wouldn’t judge, and would be their ‘come what may’ for any situation. I was a little jealous!

Talking to your kids about sex, pornography, and cyberbullying can be really stressful. But there is so much research that shows that proactive conversations about tricky topics such as sex can be really beneficial. A review of research on British parents’ involvement in sex education found that they often felt embarrassed about broaching the subject with their kids. The same review compared this to countries such as Sweden where parents talked openly to their children about sex from an early age. It attributed the difference in approaches to the higher rates of teenage pregnancy and sexually transmitted diseases in England and Wales. Fascinating!

How To Talk About The Tricky Stuff

• Start As Early As You Can

Start by teaching them the correct names for body parts. When they start preschool or school, you can teach them about respecting others and also about how to express their feelings. This will set them up for open and honest conversations and relationships.

• Acknowledge The Awkwardness

Own the fact that it may feel really embarrassing or awkward when chatting to your kids about these topics. Perhaps make a joke of it. But assure them you’re going to do your best to help them navigate these issues and that you can absolutely handle it.

• It’s Not ‘One and Done’

Why not break it up into small regular chats and take the pressure off? One big talk is overwhelming and could feel really awkward and pressured. A little bit of chatter often will feel more natural. Why not use films, books, or movies as a trigger for a conversation? The more natural and less contrived it feels, the more relaxed and receptive everyone will be.

• Don’t Be Judgemental

Expressing disapproval or shock when your kids are sharing something tricky with you is the fastest way to shut down communication. So stop yourself! And if they do share something that surprises you, make sure you thank them and suggest you both talk about it more so you can better understand.

Now, if you have tweens or teens and you regret not prioritising your family’s communication culture earlier, do not stress. It’s never too late to make a difference! Yes, there might be a whole lot of awkwardness, but it will absolutely pass. Share stories of your online life, and news stories that you will start a conversation, ask them questions about their online life, and most importantly, be calm and don’t be critical or negative when they start sharing. Otherwise, it will be over ASAP.

You can absolutely handle this!

The post Top Strategies For Keeping Your Kids Safe Online appeared first on McAfee Blog.

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash, a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The government also indicted and sanctioned a top Russian cybercriminal known as Taleon, whose cryptocurrency exchange Cryptex has evolved into one of Russia’s most active money laundering networks.

The U.S. Department of Justice (DOJ) today unsealed an indictment against a 38-year-old man from Novosibirsk, Russia for allegedly operating Joker’s Stash, an extremely successful carding shop that came online in late 2014. Joker’s sold cards stolen in a steady drip of breaches at U.S. retailers, including Saks Fifth Avenue, Lord and Taylor, Bebe Stores, Hilton Hotels, Jason’s Deli, Whole Foods, Chipotle, Wawa, Sonic Drive-In, the Hy-Vee supermarket chain, Buca Di Beppo, and Dickey’s BBQ.

The government believes the brains behind Joker’s Stash is Timur Kamilevich Shakhmametov, an individual who is listed in Russian incorporation documents as the owner of Arpa Plus, a Novosibirsk company that makes mobile games.

Early in his career (circa 2000) Shakhmametov was known as “v1pee” and was the founder of the Russian hacker group nerf[.]ru, which periodically published hacking tools and exploits for software vulnerabilities.

By 2004, v1pee had adopted the moniker “Vega” on the exclusive Russian language hacking forum Mazafaka, where this user became one of the more reliable vendors of stolen payment cards.

In the years that followed, Vega would cement his reputation as a top carder on other forums, including Verified, DirectConnection, and Carder[.]pro.

Vega also became known as someone who had the inside track on “unlimited cashouts,” a globally coordinated cybercrime scheme in which crooks hack a bank or payment card processor and use cloned cards at cash machines to rapidly withdraw millions of dollars in just a few hours.

“Hi, there is work on d+p, unlimited,” Vega wrote in a private message to another user on Verified in Dec. 2012, referring to “dumps and PINs,” the slang term for stolen debit cards with the corresponding PINs that would allow ATM withdrawals.

Joker’s Stash came online in the wake of several enormous card breaches at retailers like Target and Home Depot, and the resulting glut of inventory had depressed prices for stolen cards. But Joker’s would distinguish itself by catering to high-roller customers — essentially street gangs in the United States that would purchase thousands of stolen payment cards in one go.

Faced with a buyer’s market, Joker’s Stash set themselves apart by focusing on loyalty programs, frequent buyer discounts, money-back guarantees, and just plain good customer service. Big spenders were given access to the most freshly hacked payment cards, and were offered the ability to get free replacement cards if any turned out to be duds.

Joker’s Stash also was unique because it claimed to sell only payment cards that its own hackers had stolen directly from merchants. At the time, card shops typically resold payment cards that were stolen and supplied by many third-party hackers of unknown reliability or reputation.

In January 2021, Joker’s Stash announced it was closing up shop, after European authorities seized a number of servers for the fraud store, and its proprietor came down with the Coronavirus.

A DOJ statement credits the U.S. Secret Service for leading the years-long investigations (the Service’s original mandate was not protecting the president; it was pursuing counterfeiters, and modern-day carders definitely qualify as that). Prosecutors allege Joker’s Stash earned revenues of at least $280 million, but possibly more than $1 billion (the broad range is a consequence of several variables, including the rapid fluctuation in the price of bitcoin and the stolen goods they were peddling).

TALEON

The proprietors of Joker’s Stash may have sold tens of millions of stolen payment cards, but Taleon is by far the bigger fish in this law enforcement action because his various cryptocurrency and cash exchanges have allegedly helped to move billions of dollars into and out of Russia over the past 20 years.

An indictment unsealed today names Taleon as Sergey Sergeevich Ivanov, 44, of Saint Petersburg, Russia. The government says Ivanov, who likely changed his surname from Omelnitskii at some point, laundered money for Joker’s Stash, among many other cybercrime stores.

In a statement today, the Treasury Department said Ivanov has laundered hundreds of millions of dollars’ worth of virtual currency for ransomware actors, initial access brokers, darknet marketplace vendors, and other criminal actors for approximately the last 20 years.

First appearing on Mazafaka in the early 2000s, Taleon was known on the forums as someone who could reliably move large amounts of physical cash. Sources familiar with the investigation said Taleon’s service emerged as one of the few remaining domestic cash delivery services still operating after Russia invaded Ukraine in Feb. 2022.

Taleon set up his service to facilitate transfers between Moscow, St. Petersburg and financial institutions in the West. Taleon’s private messages on some hacker forums have been leaked over the years and indexed by the cyber intelligence platform Intel 471. Those messages indicate Taleon worked on many of the same ATM cashouts as Vegas, so it’s clear the two had an established business relationship well before Joker’s Stash came into being.

Sometime around 2013, Taleon launched a partnership with a money transfer business called pm2btc[.]me. PM2BTC allowed customers to convert funds from the virtual currency Perfect Money (PM) into bitcoin, and then have the balance (minus a processing fee) available on a physical debit card that could be used at ATMs, for shopping online, or at retail stores.

The U.S. government itself set things in motion for Taleon’s nascent cryptocurrency exchange business in 2013 after the DOJ levied money laundering charges against the proprietors of Liberty Reserve, one of the largest virtual currencies in operation at the time.  Liberty Reserve was heavily used by cybercriminals of all stripes. The government said the service had more than a million users worldwide, and laundered in excess of $6 billion in suspected criminal proceeds.

In the days following the takedown of Liberty Reserve, KrebsOnSecurity ran a story that examined discussions across multiple top Russian cybercrime forums about where crooks could feel safe parking their stolen funds. The answer involved Bitcoin, but also Taleon’s new service.

UAPS

Part of the appeal of Taleon’s exchange was that it gave its vetted customers an “application programming interface” or API that made it simple for dodgy online shops selling stolen goods and cybercrime services to accept cryptocurrency deposits from their customers, and to manage payouts to any suppliers and affiliates.

This API is synonymous with a service Taleon and friends operate in the background called UAPS, short for “Universal Anonymous Payment System.” UAPS has gone by several other names including “Pinpays,” and in October 2014 it landed Joker’s Stash as its first big client.

A source with knowledge of the investigation told KrebsOnSecurity that Taleon is a pilot who owns and flies around in his own helicopter.

Ivanov appears to have little to no social media presence, but the 40-year-old woman he lives with in St. Petersburg does, and she has a photo on her Vktontake page that shows the two of them in 2019 flying over Lake Ladoga, a large body of water directly north of St. Petersburg.

BRIANS CLUB

In late 2015, a major competitor to Joker’s Stash emerged using UAPS for its back-end payments: BriansClub. BriansClub sullies this author’s name, photos and reputation to peddle millions of credit and debit cards stolen from merchants in the United States and around the world.

In 2019, someone hacked BriansClub and relieved the fraud shop of more than 26 million stolen payment cards — an estimated one-third of the 87 million payment card accounts that were on sale across all underground shops at that time. An anonymous source shared that card data with KrebsOnSecurity, which ultimately shared it with a consortium of financial institutions that issued most of the cards.

After that incident, the administrator of BriansClub changed the site’s login page so that it featured a copy of my phone bill, Social Security card, and a link to my full credit report [to this day, random cybercriminals confuse Yours Truly with the proprietor of BriansClub].

Alex Holden is founder of the Milwaukee-based cybersecurity firm Hold Security. Holden has long maintained visibility into cryptocurrency transactions made by BriansClub.

Holden said those records show BriansClub sells tens of thousands of dollars worth of stolen credit cards every day, and that in the last two years alone the BriansClub administrator has removed more than $242 million worth of cryptocurrency revenue from the UAPS platform.

Passive domain name system (DNS) records show that in its early days BriansClub shared a server in Lithuania along with just a handful of other domains, including secure.pinpays[.]com, the crime forum Verified, and a slew of carding shops operating under the banner Rescator.

As KrebsOnSecurity detailed in December 2023, the Rescator shops were directly involved in some of the largest payment card breaches of the past decade. Those include the 2013 breach at Target and the 2014 breach at Home Depot, intrusions that exposed more than 100 million payment card records.

CRYPTEX

In early 2018, Taleon and the proprietors of UAPS launched a cryptocurrency exchange called Cryptex[.]net that has emerged as a major mover of ill-gotten crypto coins.

Cryptex has been associated with quite a few ransomware transactions, including the largest known ransomware payment to date. In February 2024, a Fortune 50 ransomware victim paid a record $75 million ransom to a Russian cybercrime group that calls themselves the Dark Angels. A source with knowledge of the investigation said an analysis of that payment shows roughly half of it was processed through Cryptex.

That source provided a screen shot of Cryptex’s sending and receiving exposure as viewed by Chainalysis, a company the U.S. government and many cryptocurrency exchanges rely on to flag transactions associated with suspected money laundering, ransomware payouts, or facilitating payments for darknet websites.

Chainalysis finds that Cryptex has received more than $1.6 billion since its inception, and that this amount is roughly equal to its sending exposure (although the total number of outflows is nearly half of the inflows).

The graphic indicates a great deal of money flowing into Cryptex — roughly a quarter of it — is coming from bitcoin ATMs around the world. Experts say most of those ATM inflows to Cryptex are bitcoin ATM cash deposits from customers of carding websites like BriansClub and Jokers Stash.

The indictments released today do not definitively connect Taleon to Cryptex. However, PM2BTC (which teamed up with Taleon to launch UAPS and Pinpays) and Cryptex have now been sanctioned by the U.S. Department of the Treasury.

Treasury’s Financial Crimes Enforcement Network (FinCEN) levied sanctions today against PM2BTC under a powerful new “Section 9714” authority included in the Combating Russian Money Laundering Act, changes enacted in 2022 to make it easier to target financial entities involved in laundering money for Russia.

Treasury first used this authority last year against Bitzlato, a cryptocurrency exchange operating in Russia that became a money laundering conduit for ransomware attackers and dark market dealers.

THE LAUNDROMAT

An investigation into the corporate entities behind UAPS and Cryptex reveals an organization incorporated in 2012 in Scotland called Orbest Investments LP. Records from the United Kingdom’s business registry show the owners of Orbest Investments are two entities: CS Proxy Solutions CY, and RM Everton Ltd.

Public business records further reveal that CS Proxy Solutions and RM Everton are co-owners of Progate Solutions, a holding company that featured prominently in a June 2017 report from Bellingcat and Transparency International (PDF) on money laundering networks tied to the Kremlin.

“Law enforcement agencies believe that the total amount laundered through this process could be as high as US$80 billion,” the joint report reads. “Although it is not clear where all of this money came from, investigators claim it includes significant amounts of money that were diverted from the Russian treasury and state contracts.”

Their story built on reporting published earlier that year by the Organized Crime and Corruption Project (OCCRP) and Novaya Gazeta, which found that at least US$20.8 billion was secretly moved out of Russia between 2010 and 2014 through a vast money laundering machine comprising over 5,000 legal entities known as “The Laundromat.”

“Using company records, reporters tracked the names of some clients after executives refused to give them out,” the OCCRP report explains. “They found the heavy users of the scheme were rich and powerful Russians who had made their fortunes from dealing with the Russian state.”

Rich Sanders is a blockchain analyst and investigator who advises the law enforcement and intelligence community. Sanders just returned from a three-week sojourn through Ukraine, traveling with Ukrainian soldiers while mapping out dodgy Russian crypto exchanges that are laundering money for narcotics networks operating in the region. Sanders said today’s sanctions by the Treasury Department will likely have an immediate impact on Cryptex and its customers.

“Whenever an entity is sanctioned, the implications on-chain are immense,” Sanders told KrebsOnSecurity. “Regardless of whether an exchange is actually compliant or just virtue signals it, it is the case across the board that exchanges will pay attention to these sanctions.”

“This action shows these payment processors for illicit platforms will get attention eventually,” Sanders continued. “Even if it took way too long in this case, Cryptex knew the majority of their volume was problematic, knew why it was problematic, and did it anyway. And this should be a wake up call for other exchanges that know full well that most of their volume is problematic.”

The U.S. Department of State is offering a reward of up to $10 million each for information leading to the arrests and/or convictions of Shakhmametov and Ivanov. The State announcement says separate rewards of up to $1 million each are being offered for information leading to the identification of other leaders of the Joker’s Stash criminal marketplace (other than Shakhmametov), as well as the identification of other key leaders of the UAPS, PM2BTC, and PinPays transnational criminal groups (other than Ivanov).

82% of all phishing sites target mobile devices, with 76% using HTTPS to appear secure

House GOP unveiled a bill to combat Chinese cyber threats to US infrastructure, led by CISA and FBI