Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Law enforcement agencies dismantled Infinity Black hacker group

Europol arrested five members of the Infinity Black hacker group that were selling stolen user credentials and hacking tools. Europol announced another success in the fight against cybercrime, today it has arrested five Polish hackers who were members of the Infinity Black hacking group. The joint operation coordinated by the Europol, saw the participation of […]

Europol Archetyp Market

Europol arrested five members of the Infinity Black hacker group that were selling stolen user credentials and hacking tools.

Europol announced another success in the fight against cybercrime, today it has arrested five Polish hackers who were members of the Infinity Black hacking group.

The joint operation coordinated by the Europol, saw the participation of the Polish and Swiss law enforcement authorities, and Eurojust.

The crime gang was formed in 2018, it was involved in distributing stolen user credentials, developing and distributing malware and hacking tools, and fraud. 

The stolen credentials were available for sale on a website set up by the criminal organization.

“Polish and Swiss law enforcement authorities, supported by Europol and Eurojust, dismantled InfinityBlack, a hacking group involved in distributing stolen user credentials, creating and distributing malware and hacking tools, and fraud.” reads the press release published by Europol.

“On 29 April 2020, the Polish National Police (Policja) searched six locations in five Polish regions and arrested five individuals believed to be members of the hacking group InfinityBlack.”

Data amassed by the hackers were obtained from third-party data breaches, they were offered on several hacking forums.

On 29 April 2020, the Polish National Police (Policja) raided six locations in five Polish regions and arrested the five alleged members of the hacking group InfinityBlack. The agents seized electronic equipment, external hard drives and hardware cryptocurrency wallets, all worth around €100 000. The authorities shut down two platforms containing databases with over 170 million entries.

The online platforms created by the group to sell user stolen login credentials are known as ‘combos’. The authorities reported that the crime crew was efficiently organised into the following defined teams:

  • Developers, who were tacked of creating tools to test the quality of the stolen databases;
  • Testers, who analysed the suitability of authorisation data;
  • Project managers that were distributing subscriptions against cryptocurrency payments.

Infinity Black also used the hacking tools that was offering for sale. They used stolen credentials to gain access to other online accounts that shared the same username and passwords.

The group focused on online services running loyalty programs with the intent to compromise the accounts and exchange the loyalty points from each account for expensive electronic devices.

Swiss authorities investigated the group’s activity after it hacked a large number of accounts belonging to Swiss users, then the Infinity Black hackers sold access to other cybercriminals.

“The hackers created a sophisticated script to gain access to a large number of Swiss customer accounts. Although the losses are estimated at €50 000, hackers had access to accounts with potential losses of more than €610 000.” continues the press release. “The fraudsters and hackers, among them minors and young adults, were unmasked when using the stolen data in shops in Switzerland.”

Swiss police shared the results of its investigation with Europol and Eurojust, which were able to identify and arrest the five individuals at the end of April.

“Once the criminal gang cashing out the loyalty points was identified in Switzerland, police exchanged criminal intelligence and uncovered links to members of the separate hacking group in Poland. Transmitting the data on searched computers between the Swiss and Polish authorities led to the arrest of the hackers in Poland.” concludes the Europol.

Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS
https://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Infinity Black, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]