Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Ukrainian national sentenced to 4 years in prison for selling access to hacked servers

A 28-year-old Ukrainian national has been sentenced to four years in prison for selling access to hacked servers. Glib Oleksandr Ivanov-Tolpintsev, a 28-year-old Ukrainian national, has been sentenced to four years in prison for selling access to comprised servers on the dark web. The man was arrested in Poland in October 2020 and pleaded guilty […]

Scattered Spider DOJ

A 28-year-old Ukrainian national has been sentenced to four years in prison for selling access to hacked servers.

Glib Oleksandr Ivanov-Tolpintsev, a 28-year-old Ukrainian national, has been sentenced to four years in prison for selling access to comprised servers on the dark web. The man was arrested in Poland in October 2020 and pleaded guilty to his charges in February. In September, he was extradited to the U.S. in September 2021. Ivanov-Tolpintsev was charged with conspiracy, trafficking in unauthorized access devices, and trafficking in computer passwords.

The man controlled a botnet to conduct brute-force attacks and guess computer login credentials. He was able to gather login credentials of at least 2,000 computers every week, then they were offered for sale on the dark web to facilitate a wide range of illegal activity.

The man was offering over 700,000 compromised servers for sale on an unnamed marketplace.

“According to court documents, the “Marketplace” was a dark web website that illegally sold login credentials (usernames and passwords) to servers located across the world and personally identifiable information (dates of birth and Social Security numbers) of U.S. residents. Once purchased, criminals used these servers to facilitate a wide range of illegal activity that included ransomware attacks and tax fraud. In total, the Marketplace offered more than 700,000 compromised servers for sale including at least 150,000 in the United States and at least 8,000 in Florida.” reads the press release published by the DoJ. “Marketplace victims spanned the globe and industries, including local, state, and federal government infrastructure, hospitals, 911 and emergency services, call centers, major metropolitan transit authorities, accounting and law firms, pension funds, and universities.”

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.
To nominate, please visit: 
https://docs.google.com/forms/d/e/1FAIpQLSfxxrxICiMZ9QM9iiPuMQIC-IoM-NpQMOsFZnJXrBQRYJGCOw/viewform  

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Ukrainian national)

[adrotate banner=”5″]

[adrotate banner=”13″]