Security Affairs
Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|Telegram-Hosted RedWing Malware Lets Anyone Rent Android Spyware Tools|U.S. CISA adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalog|CISA Deploys Anthropic’s Mythos AI to Hunt Vulnerabilities in U.S. Government Code|Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|Telegram-Hosted RedWing Malware Lets Anyone Rent Android Spyware Tools|U.S. CISA adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalog|CISA Deploys Anthropic’s Mythos AI to Hunt Vulnerabilities in U.S. Government Code|Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case

US DoJ sentenced a Moldovan national (31) to 42 months in federal prison for operating the E-Root cybercrime marketplace. U.S. District Court sentenced the Moldovan national (31) Sandu Boris Diaconu to 42 months in federal prison for conspiracy to commit access device and computer fraud and possession of 15 or more unauthorized access devices. Diaconu […]

E-Root

Source Hackread.com

US DoJ sentenced a Moldovan national (31) to 42 months in federal prison for operating the E-Root cybercrime marketplace.

U.S. District Court sentenced the Moldovan national (31) Sandu Boris Diaconu to 42 months in federal prison for conspiracy to commit access device and computer fraud and possession of 15 or more unauthorized access devices.

Diaconu was operating the E-Root cybercrime marketplace. The man operated a series of websites used to sell access to compromised computers worldwide, including servers belonging to companies and individuals in the United States. 

E-Root
Source Hackread.com

Diaconu was arrested in May 2021 while attempting to leave the United Kingdom 2021 and was extradited to the United States on October 13, 2023. Diaconu pleaded guilty on December 1, 2023.

E-Root customers could search for credentials of compromised computers that granted access to remote computers, enabling buyers to either steal sensitive data or manipulate the contents stored on the remote computer.

“The E-Root Marketplace operated across a widely distributed network and took steps to hide the identities of its administrators, buyers, and sellers.” reads the press release published by DoJ. “Buyers could search for compromised computer credentials on E-Root, such as usernames and passwords that would allow buyers to access remote computers for purposes of stealing private information or manipulating the contents of the remote computer. Buyers could search for credentials by desired criteria, such as price, geographic location, internet service provider, and operating system.”    

The marketplace allowed buyers to pay using cryptocurrency exchange and online payment system Perfect Money. The platform provided an illicit cryptocurrency exchange service for converting Bitcoin to Perfect Money and vice versa. The authorities also seized the exchange platform.

Authorities reported that over 350,000 credentials were advertised for sale on the marketplace.

The victims belong to multiple industries, according to court documents the platform also offered for sale access to at least one local government agency in Tampa. Many ransomware operations targeted victims of the marketplace, while some of the stolen credentials offered through the E-Root were linked to stolen identity tax fraud schemes.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, cybercrime)