Interesting.

Blog moderation policy.

Read More

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname “The Manipulaters,” have been the subject of three stories published here since 2015. The FBI said the main clientele are organized crime groups that try to trick victim companies into making payments to a third party.

On January 29, the FBI and the Dutch national police seized the technical infrastructure for a cybercrime service marketed under the brands Heartsender, Fudpage and Fudtools (and many other “fud” variations). The “fud” bit stands for “Fully Un-Detectable,” and it refers to cybercrime resources that will evade detection by security tools like antivirus software or anti-spam appliances.

The Dutch authorities said 39 servers and domains abroad were seized, and that the servers contained millions of records from victims worldwide — including at least 100,000 records pertaining to Dutch citizens.

A statement from the U.S. Department of Justice refers to the cybercrime group as Saim Raza, after a pseudonym The Manipulaters communally used to promote their spam, malware and phishing services on social media.

“The Saim Raza-run websites operated as marketplaces that advertised and facilitated the sale of tools such as phishing kits, scam pages and email extractors often used to build and maintain fraud operations,” the DOJ explained.

The core Manipulaters product is Heartsender, a spam delivery service whose homepage openly advertised phishing kits targeting users of various Internet companies, including Microsoft 365, Yahoo, AOL, Intuit, iCloud and ID.me, to name a few.

The government says transnational organized crime groups that purchased these services primarily used them to run business email compromise (BEC) schemes, wherein the cybercrime actors tricked victim companies into making payments to a third party.

“Those payments would instead be redirected to a financial account the perpetrators controlled, resulting in significant losses to victims,” the DOJ wrote. “These tools were also used to acquire victim user credentials and utilize those credentials to further these fraudulent schemes. The seizure of these domains is intended to disrupt the ongoing activity of these groups and stop the proliferation of these tools within the cybercriminal community.”

KrebsOnSecurity first wrote about The Manipulaters in May 2015, mainly because their ads at the time were blanketing a number of popular cybercrime forums, and because they were fairly open and brazen about what they were doing — even who they were in real life.

We caught up with The Manipulaters again in 2021, with a story that found the core employees had started a web coding company in Lahore called WeCodeSolutions — presumably as a way to account for their considerable Heartsender income. That piece examined how WeCodeSolutions employees had all doxed themselves on Facebook by posting employee pictures from company parties each year featuring a large cake with the words FudCo written in icing.

A follow-up story last year about The Manipulaters prompted messages from various WeCodeSolutions employees who pleaded with this publication to remove stories about them. The Saim Raza identity told KrebsOnSecurity they were recently released from jail after being arrested and charged by local police, although they declined to elaborate on the charges.

The Manipulaters never seemed to care much about protecting their own identities, so it’s not surprising that they were unable or unwilling to protect their own customers. In an analysis released last year, DomainTools.com found the web-hosted version of Heartsender leaked an extraordinary amount of user information to unauthenticated users, including customer credentials and email records from Heartsender employees.

DomainTools also uncovered evidence that the computers used by The Manipulaters were all infected with the same password-stealing malware, and that vast numbers of credentials were stolen from the group and sold online.

“Ironically, the Manipulaters may create more short-term risk to their own customers than law enforcement,” DomainTools wrote. “The data table ‘User Feedbacks’ (sic) exposes what appear to be customer authentication tokens, user identifiers, and even a customer support request that exposes root-level SMTP credentials–all visible by an unauthenticated user on a Manipulaters-controlled domain.”

Police in The Netherlands said the investigation into the owners and customers of the service is ongoing.

“The Cybercrime Team is on the trail of a number of buyers of the tools,” the Dutch national police said. “Presumably, these buyers also include Dutch nationals. The investigation into the makers and buyers of this phishing software has not yet been completed with the seizure of the servers and domains.”

U.S. authorities this week also joined law enforcement in Australia, France, Greece, Italy, Romania, Spain in seizing a number of domains for several long-running cybercrime forums and services, including Cracked and Nulled. According to a statement from the European police agency Europol, the two communities attracted more than 10 million users in total.

Other domains seized as part of “Operation Talent” included Sellix, an e-commerce platform that was frequently used by cybercrime forum members to buy and sell illicit goods and services.

Read More

In Q4 2024, the Top 10 Malware observed by the MS-ISAC® changed slightly from the previous quarter. Here are the malware that topped our list.

Read More

Cisco Talos found that exploitation of public-facing applications made up 40% of incidents it observed in Q4 2024, marking a notable shift in initial access techniques

Read More

The Indian tech giant temporarily suspended some of its IT services, which have now been restored

Read More

Cyber reports exposed major security flaws in DeepSeek’s R1 LLM

Read More

A global law enforcement operation has taken down infrastructure used by Cracked.io and Nulled.io, which provide cybercriminal tools and services

Read More

Living with AI: The Future We Once Imagined

Smartphones, smart homes, and virtual assistants like Alexa and Siri have seamlessly integrated into our daily lives. Yet, many of us rarely stop to think about the technology behind them. We enjoy the convenience these devices offer, but behind the scenes, artificial intelligence (AI) is reshaping the way we live, work, and interact with the world.

At first glance, AI-related terms like machine learning, neural networks, and natural language processing might seem complex and almost like learning a new language. However, as AI becomes more common, understanding these concepts is becoming essential. But what exactly is AI, and how is it making an impact?

Breaking Down AI

Artificial Intelligence (AI) refers to computer systems that can perform tasks that typically require human intelligence—such as problem-solving, pattern recognition, learning from experience, and making decisions. AI works by processing information similarly to the human brain.

Machine Learning (ML): A branch of AI where computers learn from data and improve over time without being explicitly programmed for every task.
Deep Learning: A more advanced form of machine learning that mimics the human brain’s structure to recognize patterns and make predictions.
Natural Language Processing (NLP): The technology that enables computers to understand and respond to human language—powering tools like chatbots and virtual assistants.

Think about WALL-E from Disney or R2-D2 from Star Wars. WALL-E demonstrates how AI-powered robots can assist humans while developing unique personalities. R2-D2, on the other hand, serves as a problem-solver, working alongside people to navigate challenges. These fictional characters reflect AI’s potential—enhancing our lives in both practical and creative ways.

AI in Action: How It’s Changing Society

AI is no longer just a futuristic concept, it’s actively improving various aspects of life today:

Revolutionizing Healthcare

AI assists doctors by improving surgical precision and analyzing medical tests faster.
Robots enable remote healthcare, allowing patients to receive treatment from home.
AI-powered medical imaging helps detect diseases earlier, leading to better outcomes.

Supporting Senior Citizens

AI-powered assistants help older adults by reminding them to take medication, assisting with household tasks, and even providing companionship.

Enhancing Education

AI is personalizing learning, allowing students to study at their own pace.
Teachers use AI-powered tools to grade assignments and provide instant feedback.

Looking Ahead

AI is becoming as essential to daily life as email or the internet. Just as WALL-E and R2-D2 helped the characters around them, AI is designed to assist humans—not replace them. By understanding these technologies, we can better prepare for a future where AI plays an even greater role in shaping our world.

Key AI Concepts to Know

Artificial Intelligence (AI): Computers performing human-like tasks.
Machine Learning (ML): AI systems that improve through experience.
Deep Learning: A type of ML using brain-inspired models.
Natural Language Processing (NLP): AI’s ability to understand and process human language.
Robotics: Machines equipped with AI to perform various tasks.

AI isn’t just for scientists or tech experts, it’s for everyone. From healthcare and education to entertainment and everyday convenience, AI is woven into modern life. By learning the basics, we can better understand its growing influence and how it continues to shape our future.

Read More