US cybersecurity officials warn that the recent CrowdStrike outage serves as a stark reminder of potential widespread disruptions from cyber-attacks
Daily Archives: August 7, 2024
Cybercrime Rapper Sues Bank over Fraud Investigation
In January, KrebsOnSecurity wrote about rapper Punchmade Dev, whose music videos sing the praises of a cybercrime lifestyle. That story showed how Punchmade’s social media profiles promoted Punchmade-themed online stores selling bank account and payment card data. The subject of that piece, a 22-year-old Kentucky man, is now brazenly suing his financial institution after it blocked a $75,000 wire transfer and froze his account, citing an active law enforcement investigation.
With memorable hits such as “Internet Swiping” and “Million Dollar Criminal” earning millions of views, Punchmade Dev has leveraged his considerable following to peddle tutorials on how to commit financial crimes online. But until recently, there wasn’t much to support a conclusion that Punchmade was actually doing the cybercrime things he promotes in his songs.
That changed earlier this year when KrebsOnSecurity showed how Punchmade’s social media handles were promoting Punchmade e-commerce shops online that sold access to Cashapp and PayPal accounts with balances, software for printing checks, as well as personal and financial data on Americans.
The January story traced Punchmade’s various online properties to a 22-year-old Devon Turner from Lexington, Ky. Reached via his profile on X/Twitter, Punchmade Dev said they were not affiliated with the lawsuit filed by Turner [Punchmade’s X account provided this denial even though it has still not responded to requests for comment from the first story about him in January]. Meanwhile, Mr. Turner has declined multiple requests to comment for this story.
On June 26, Turner filed a pro se lawsuit against PNC Bank, alleging “unlawful discriminatory and tortuous action” after he was denied a wire transfer in the amount of $75,000. PNC Bank did not respond to a request for comment.
Turner’s complaint states that a follow-up call to his bank revealed the account had been closed due to “suspicious activity,” and that he was no longer welcome to patronize PNC Bank.
“The Plaintiff is a very successful African-American business owner, who has generated millions of dollars with his businesses, has hired 30 plus people to work for his businesses,” Turner wrote.
As reported in January, among Turner’s businesses is a Lexington entity called OBN Group LLC (assumed name Punchmade LLC). Business incorporation documents from the Kentucky Secretary of State show he also ran a record label called DevTakeFlightBeats Inc.
Turner’s lawsuit alleges that bank staff made disparaging remarks about him, suggesting the account was canceled because it would be unusual for a person like him to have that kind of money.
Incredibly, Turner acknowledges that PNC told him his account was flagged for attention from law enforcement officials.
“The PNC Bank customer service representative also explained that there was a note on the account that law enforcement would be contacted at some point in time,” the lawsuit reads.
“The Plaintiff, who was not worried at all about law enforcement being involved because nothing illegal occurred, informed the PNC Bank representative that this was one big mistake and asked him what his options were,” the complaint states.
Turner’s lawsuit said PNC told him they would put a note on his account allowing him to withdraw the funds from any branch, but that when he visited a PNC branch and asked to withdraw the entire amount in his account — $500,000 — PNC refused, saying the money had been seized.
“Ultimately, PNC bank not only refused his request to release his funds but informed him that his funds would be seized indefinitely as [sic] PNC Bank,” Turner lawsuit recounts.
The Punchmade shops selling financial data that were profiled in the January story are long gone, but Punchmade’s Instagram account now promotes punchmade[.]cc, which behaves and looks the same as his older shop.
The breach tracking service Constella Intelligence finds the email address associated with Turner’s enterprise OBN Group LLC — obndevpayments@gmail.com — was used by a Devon Turner from Lexington to purchase software online. That record includes the Lexington, Ky. mobile phone number 859-963-6243, which Constella also finds was used to register accounts for Devon Turner at the retailer Neiman Marcus, and at the home decor and fashion site poshmark.com.
A search on this phone number at DomainTools shows it is associated with two domain names since 2021. The first is the aforementioned punchmade[.]cc. The other is foreverpunchmade[.]com, which is registered to a Devon Turner in Lexington, Ky. A copy of this site at archive.org indicates it once sold Punchmade Dev-branded t-shirts and other merchandise.
Mr. Turner included his contact information at the bottom of his lawsuit. What phone number did he leave? Would you believe 859-963-6243?
Is Punchmade Dev a big-time cybercriminal enabler, as his public personna would have us believe? Or is he some two-bit nitwit who has spent so much on custom medallions that he can’t afford a lawyer? It’s hard to tell.
But he definitively has a broad reach: His Instagram account has ~860k followers, and his Telegram channel has more than 75,000 subscribers, all no doubt seeking that sweet “C@sh App sauce,” which apparently has something to do with moving cryptocurrencies through Cash App in a way that financially rewards people able and willing to open up new accounts.
It’s incredibly ironic that Punchmade sells tutorials on how to have great “opsec,” a reference to “operational security,” which in the cybercriminal context means the ability to successfully separate one’s cybercriminal identity from one’s real-life identity: This guy can’t even register a domain name anonymously.
A copy of Turner’s complaint is available here (PDF).
For more on Punchmade, check out the TikTok video How Punchmade Dev Got Started Scamming.
Ireland’s DPC Takes Twitter to Court Over AI User Data Concerns
The Irish data protection watchdog accuses X Corp’s European subsidiary of breaching GDPR with Grok AI training
python3.13-3.13.0~rc1-2.fc40
FEDORA-2024-bec5d0df1f
Packages in this update:
python3.13-3.13.0~rc1-2.fc40
Update description:
Security fix for CVE-2024-6923.
Fix SystemError in PyEval_GetLocals()
python3.13-3.13.0~rc1-2.fc39
FEDORA-2024-c452738920
Packages in this update:
python3.13-3.13.0~rc1-2.fc39
Update description:
Security fix for CVE-2024-6923.
Fix SystemError in PyEval_GetLocals()
#BHUSA: New Ransomware Groups Emerge Despite Crackdowns
A surge in new ransomware groups is fueling the cybercrime epidemic as financial incentives outweigh risks for attackers, despite law enforcement efforts
Microsoft 365 Phishing Alert Can Be Hidden with CSS
Microsoft 365’s anti-phishing tip can be hidden via CSS, as shown by Certitude’s Moody and Ettlinger
CISA Releases Guide to Enhance Software Security Evaluations
The CISA guidance prioritizes product security alongside the manufacturer’s enterprise security
#BHUSA: The Board Needs to Understand AI Deployment Risks
Boards need to understand where and why AI is being deployed within their organizations in order to mitigate risks
Multiple Vulnerabilities in Google Android OS Could Allow for Privilege Escalation
Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for privilege escalation. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for privilege escalation. Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights.