Tag Archive for: SITE

He created a ‘RentaHitman’ website for class project as a joke. But then police got involved after the site got a slew of inquiries from people wanting to actually pay for a hitman

/in


Hands type on laptop

A stock image shows hands typing on a laptop.Getty Images

  • A California man, Bob Innes, said he accidentally created a hitman-for-hire website, per People Magazine.

  • Innes and his friends made the site to start a computer security business in 2005.

  • He later learned that people were reaching out inquiring about making a hit.

A California man said that at least 30 people have been arrested after inquiring about hiring a hitman on his parody website, according to PEOPLE. 

Bob Innes, along with his friends, created the website while participating in an IT program at a California business school in 2005, the outlet reported. They made the site with the intention of starting a computer security company — and chose the quippy domain “RentAHitman.com.”

“Rent as in hire us,” Innes told PEOPLE. “Hit as in network traffic, and men, because there were four of us. We thought it was funny.”

Although the website was live, the group did not officially start the company, according to the report. Three years later, Innes decided to log back in and discovered a slew of inquiries.

According to the report, some people were asking for the price, while others were seeking employment.

“There was even a female out of the UK who wanted to learn the business so that she could be a hitwoman,” the 54-year-old told the publication.

That’s when Innes realized that he had unintentionally set up a website for those seeking to hire a hitman, PEOPLE reported. Innes told the magazine that he decided up the humor by adding phony testimonials and awards.

When a potential customer reaches out for their “services,” he waits a day to reach back out to them. After they show interest in hiring a hitman, he connects them with an “operative,” which happens to be one of the thousands of police departments across the country, per the report.

The website has resulted in more than two dozen arrests and a number of convictions, including a woman who reached out in 2010 about murdering her family members, according to the outlet.

Read the original article on Insider

Source…

How to Allow a program through the firewall (AVG Internet Security 19.3)

/in



This hacker site sold 24 million people’s data — Until now

/in


An underground illegal online marketplace that contained and sold sensitive information pertaining to individuals based out of the U.S. has been shut down.

SSNDOB, which saw people’s names, social security numbers, and dates of birth being collected and sold has been successfully taken offline due to a joint operation from U.S. authorities and their counterparts in Cyprus.

A social security card in shrink-wrap paper.
Mike Kemp/Getty Images

As reported by Bleeping Computer, the marketplace itself wasn’t your run-of-the-mill operation — around 24 million individuals from the U.S. alone were affected by its illicit activity.

Due to the large scope of the operation, ​​three governmental departments collaborated in shutting down SSNDOB. The FBI, the Internal Revenue Service, and the Department of Justice were all involved.

Additional assistance from Cyprus police was also a factor in the marketplace ceasing its operations.

The Department of Justice’s press release stated that more than $19 million in “sales revenue” was accumulated by the website’s owners.

A total of four domains that provided hosting services for the entire SSNDOB marketplace were seized, including “ssndob.ws,” “ssndob.vip,” “ssndob.club,” and “blackjob.biz.”

As for how the activities of the SSNDOB marketplace managed to go unchecked since 2015, Bleeping Computer highlights how the websites effectively evaded DDoS attacks and actions from law enforcement by supplying various mirror sites.

This practice is common amongst illegal websites such as torrent services and the like. The method makes it nearly impossible to target the core operation behind the websites as there’s always a new domain that can be accessed.

$0.50 to buy and use someone’s identity

The SSNDOB website landing page.

As a result, SSNDOB saw threat actors being able to buy “social security numbers, dates of birth, and full info of people” predominantly through Bitcoin, which is largely an unregulated currency that has become commonplace amongst cybercriminals.

Personal information of U.S.-based residents was up for grabs for $0.50 in some cases. Dates of birth for individuals residing in the United Kingdom were also sold on the website.

According to cybersecurity firm Advanced Intel,…

Source…

Fake Pixelmon NFT site infects you with password-stealing malware

/in


Pixelmon

A fake Pixelmon NFT site entices fans with free tokens and collectibles while infecting them with malware that steals their cryptocurrency wallets.

Pixelmon is a popular NFT project whose roadmap includes creating an online metaverse game where you can collect, train, and battle other players using pixelmon pets.

With close to 200,000 Twitter followers and over 25,000 Discord members, the project has garnered a lot of interest.

Impersonating the Pixelmon project

To take advantage of this interest, threat actors have copied the legitimate pixelmon.club website and created a fake version at pixelmon[.]pw to distribute malware.

This site is almost a replica of the legitimate site, but instead of offering a demo of the project’s game, the malicious site offers executables that install password-stealing malware on a device.

Fake Pixelmon website
Fake Pixelmon website
Source: BleepingComputer

The site is offering a file called Installer.zip that contains an executable that appears to be corrupt and does not infect users with any malware.

However, MalwareHunterTeam, who first discovered this malicious site, found other malicious files distributed by the site that allowed us to see what malware it was spreading.

One of the files distributed by this malicious site is setup.zip, which contains the setup.lnk file. Setup.lnk is a Windows shortcut that will execute a PowerShell command to download a system32.hta file from pixelmon[.]pw.

Setup.lnk contents
Setup.lnk contents
Source: BleepingComputer

When BleepingComputer tested these malicious payloads, the System32.hta file downloaded Vidar, a password-stealing malware that is not as commonly used as it was in the past. This was confirmed by security researcher Fumik0_, who has previously analyzed this malware family.

When executed, the threat actor’s Vidar sample will connect to a Telegram channel and retrieve the IP address of a malware’s command and control server.

Telegram channel containing C2 IP address
Telegram channel containing C2 IP address
Source: BleepingComputer

The malware will then retrieve a configuration command from the C2 and download further modules to be used to steal data from the infected device.

The Vidar malware can steal passwords from browsers and applications and search a computer for…

Source…