Decentralized finance (DeFi) services that aren't compliant with anti-money laundering and terrorist financing rules pose "the most significant current illicit finance risk" in that corner of the crypto sector, according to the U.S. Department of the Treasury's first analysis of hazards from the technology. From a report: In an expected risk assessment, published Thursday, the Treasury Department said thieves, scammers, ransomware cyber criminals and actors for the Democratic People's Republic of Korea (DPRK) are using DeFi to launder proceeds from crime. On the basis of its findings, the department recommends an assessment of "possible enhancements" to U.S. anti-money laundering (AML) requirements and the rules for countering the financing of terrorism (CFT) as they should be applied to DeFi services. It also calls for input from the private sector to inform the next steps. "Clearly, we can't do this alone," said Brian Nelson, Treasury's undersecretary for terrorism and financial intelligence, in a Thursday webcast hosted by ACAMS, a global organization focused on preventing financial crime. "We call on the private sector to use the findings of the risk assessment to inform your own risk-mitigation strategies." The 40-page report warns that "DeFi services at present often do not implement AML/CFT controls or other processes to identify customers, allowing layering of proceeds to take place instantaneously and pseudonymously."

Several domain names tied to Genesis Market, a bustling cybercrime store that sold access to passwords and other data stolen from millions of computers infected with malicious software, were seized by the Federal Bureau of Investigation (FBI) today. KrebsOnSecurity reports: Sources tell KrebsOnsecurity the domain seizures coincided with "dozens" of arrests in the United States and abroad targeting those who allegedly operated the service, as well as suppliers who continuously fed Genesis Market with freshly-stolen data. Active since 2018, Genesis Market's slogan has long been, "Our store sells bots with logs, cookies, and their real fingerprints." Customers could search for infected systems with a variety of options, including by Internet address or by specific domain names associated with stolen credentials.

But earlier today, multiple domains associated with Genesis had their homepages replaced with a seizure notice from the FBI, which said the domains were seized pursuant to a warrant issued by the U.S. District Court for the Eastern District of Wisconsin. But sources close to the investigation tell KrebsOnSecurity that law enforcement agencies in the United States, Canada and across Europe are currently serving arrest warrants on dozens of individuals thought to support Genesis, either by maintaining the site or selling the service bot logs from infected systems. The seizure notice includes the seals of law enforcement entities from several countries, including Australia, Canada, Denmark, Germany, the Netherlands, Spain, Sweden and the United Kingdom. [...]

One feature of Genesis that sets it apart from other bot shops is that customers can retain access to infected systems in real-time, so that if the rightful owner of an infected system creates a new account online, those new credentials will get stolen and displayed in the web-based panel of the Genesis customer who purchased that bot. "While some infostealers are designed to remove themselves after execution, others create persistent access," reads a March 2023 report from cybersecurity firm SpyCloud. "That means bad actors have access to the current data for as long as the device remains infected, even if the user changes passwords. SpyCloud says Genesis even advertises its commitment to keep the stolen data and the compromised systems' fingerprints up to date. "According to our research, Genesis Market had more than 430,000 stolen identities for sale as of early last year -- and there are many other marketplaces like this one," the SpyCloud report concludes.

An anonymous reader quotes a report from The Guardian: The federal government is considering a "roadmap" on how to restrict access to online pornography to those who can prove they are 18 or older, but there are warnings that any system could come at the cost of Australians' privacy online. On Friday, the eSafety commissioner provided a long-awaited roadmap to the government for how to verify users' ages online, which was commissioned by the former Morrison government nearly two years ago. The commissioner's office said the roadmap "explores if and how age verification and other measures could be used to prevent and mitigate harm to children from online pornography" but that any action taken will be a decision of government.

There were a variety of options to verify people's ages considered during the consultation for the roadmap, such as the use of third-party companies, individual sites verifying ages using ID documents or credit card checks, and internet service providers or mobile phone operators being used to check users' ages. Digital rights groups have raised concerns about the potential for any verification system to create a honeypot of people's personal information. But the office said any technology-based solution would need to strike the right balance between safety, privacy and security, and must be coupled with education campaigns for children, parents and educators. [...]

It comes as new industry codes aimed at tackling restricted-access content online, developed by groups representing digital platforms, and software, gaming and telecommunications companies were submitted to the eSafety commissioner for approval. The content covered includes child sexual abuse material, terrorism, extreme crime and violence, and drug-related content. The commissioner, Julie Inman Grant, will now decide whether the voluntary codes meet her expectations or whether she needs to enforce mandatory codes. [...] The second phase of the codes will set out how the platforms restrict access to pornography on their sites -- separate from the use of age verification systems.

"Connecticut police have charged two people with cutting more than 2,000 fiber optic cables" on March 24, reports the Associated Press — leaving more than 15,000 people without internet access. Norwalk police said they arrested Asheville, North Carolina, residents Jillian Persons and Austin Geddings on Saturday during a surveillance operation. Both were charged with larceny and criminal mischief crimes, as well as interfering with police. Persons also was accused of giving a false statement to police. Both were detained on $200,000 bail....The outages caused by the cable cutting have since been restored, according to Optimum's website.
The Stamford Advocate investigated how many people were affected: Norwalk Deputy Police Chief Terry Blake said Sunday more than 40,000 customers in the area were left without internet service as a result of the vandalism. However, an Optimum spokesperson claimed at the time the outages only affected roughly 16,000 customers and the inflated numbers were inaccurate because of an issue with the company's online outage map.

"A Texas truck theft ended in gun fire after the suspected thief was tracked down by thevehicle's owner's AirTag," reports AppleInsider: San Antonio police received a stolen vehicle report at around 1 pm from a Braesview home. However, before police could recover the stolen truck, the owners of the vehicle decided to perform their own investigation, using an AirTag left in the truck to do so. The unnamed owners tracked the truck to a shopping center in Southeast Military Drive, reports KSAT. However, rather than wait for police to arrive, the truck owners decided to approach the vehicle and confront the suspect.

While it is unknown exactly what happened, Police say it seems the suspected thief may have pulled out their own firearm. The vehicle owner responded by shooting and killing the suspect while they were inside the truck. It is unclear whether the vehicle owner will face charges over the matter, and an investigation is ongoing into whether the suspect actually had a weapon in the first place.
The San Antonio police department's public information officer offered these remarks (in a video from KSAT):

"Most importantly is, to the public, SAPD is urging you if you are to get your vehicle stolen: I know that it's frustrating, but please do not take matters into your own hands like this. Our police department has plenty of resources that could go into finding your vehicle, i.e. our drone system, trackers ourselves, very good patrolmen that look for these kind of things. It's never safe to take matters into your own hands, as you can see today by this incident.... That's why I urge the public, wait for police in this matter. Let us go with you. We have the training. We know exactly how to determine what's going to happen, these kind of factors and situations, and we know how to handle them."

ProPublica looks at "a booming underground community of Instagram scammers and hackers who shut down profiles on the social network and then demand payment to reactivate them." While they also target TikTok and other platforms, takedown-for-hire scammers like OBN are proliferating on Instagram, exploiting the app's slow and often ineffective customer support services and its easily manipulated account reporting systems. These Instascammers often target people whose accounts are vulnerable because their content verges on nudity and pornography, which Instagram and its parent company, Meta, prohibit.... In an article he wrote for factz.com last year, OBN dubbed himself the "log-out king" because "I have deleted multiple celebrities + influencers on Meta & Instagram... I made about $300k just off banning and unbanning pages," he wrote.

OBN exploits weaknesses in Meta's customer service. By allowing anyone to report an account for violating the company's standards, Meta gives enormous leverage to people who are able to trick it into banning someone who relies on Instagram for income. Meta uses a mix of automated systems and human review to evaluate reports. Banners like OBN test and trade tips on how to trigger the system to falsely suspend accounts. In some cases OBN hacks into accounts to post offensive content. In others, he creates duplicate accounts in his targets' names, then reports the original accounts as imposters so they'll be barred for violating Meta's ban on account impersonation. In addition, OBN has posed as a Meta employee to persuade at least one target to pay him to restore her account.

Models, businesspeople, marketers and adult performers across the United States told ProPublica that OBN had ruined their businesses and lives with spurious complaints, even causing one woman to consider suicide. More than half a dozen people with over 45 million total followers on Instagram told ProPublica they lost their accounts temporarily or permanently shortly after OBN threatened to report them. They say Meta failed to help them and to take OBN and other account manipulators seriously. One person who said she was victimized by OBN has an ongoing civil suit against Meta for lost income, while others sent the company legal letters demanding payment....

A Meta spokesperson acknowledged that OBN has had short-term success in getting accounts removed by abusing systems intended to help enforce community standards. But the company has addressed those situations and taken down dozens of accounts linked to OBN, the spokesperson said. Most often, the spokesperson said, OBN scammed people by falsely claiming to be able to ban and restore accounts.... After banning an account, OBN frequently offers to reactivate it for a fee as high as $5,000, kicking off a cycle of bans and reactivations that continues until the victim runs out of money or stops paying.
A Meta spokesperson told the site they're currently "updating our support systems," including a tool to help affected users and letting more speak to a live support agent rather than an automated one. But the Meta spokesperson added that "This remains a highly adversarial space, with scammers constantly trying to evade detection by social media platforms."

ProPublica ultimately traced the money to a 20-year-old who lives with his mother (who claimed he was only "funnelling" the money for someone else). After that conversation OBN "announced he would no longer offer account banning as a service" — but would still sell his services in getting your account verified.

An anonymous reader quotes a report from KrebsOnSecurity: Authorities in Germany this week seized Internet servers that powered FlyHosting, a dark web offering that catered to cybercriminals operating DDoS-for-hire services, KrebsOnSecurity has learned. FlyHosting first advertised on cybercrime forums in November 2022, saying it was a Germany-based hosting firm that was open for business to anyone looking for a reliable place to host malware, botnet controllers, or DDoS-for-hire infrastructure. A statement released today by the German Federal Criminal Police Office says they served eight search warrants on March 30, and identified five individuals aged 16-24 suspected of operating "an internet service" since mid-2021. The German authorities did not name the suspects or the Internet service in question.

"Previously unknown perpetrators used the Internet service provided by the suspects in particular for so-called 'DDoS attacks', i.e. the simultaneous sending of a large number of data packets via the Internet for the purpose of disrupting other data processing systems," the statement reads. The German authorities said that as a result of the DDoS attacks facilitated by the defendants, the websites of various companies as well as those of the Hesse police have been overloaded in several cases since mid-2021, "so that they could only be operated to a limited extent or no longer at times." The statement says police seized mobile phones, laptops, tablets, storage media and handwritten notes from the unnamed defendants, and confiscated servers operated by the suspects in Germany, Finland and the Netherlands.

Anti-piracy group CODA is reporting the shutdown of B9Good, a pirate manga site that targeted Japan but was operated from China. In response to a criminal complaint filed by CODA on behalf of six Japanese companies, which were backed by 21 others during the investigation, Chinese authorities arrested four people and seized one house worth $580,000. TorrentFreak reports: Manga piracy site B9Good initially appeared in 2008 and established itself under B9DM branding. SimilarWeb stats show that the site was enjoying around 15 million visits each month, with CODA noting that in the two-year period leading to February 2023, the site was accessed more than 300 million times Around 95% of the site's visitors came from Japan. B9Good had been featured in an MPA submission to the USTR's notorious markets report in 2019. Traffic was reported as almost 16 million visits per month back then, meaning that site visitor numbers remained stable for the next three years. The MPA said the site was possibly hosted in Canada, but domain records since then show a wider spread, including Hong Kong, China, United States, Bulgaria, and Japan.

Wherever the site ended up, the location of its operator was more important. In 2021, CODA launched its International Enforcement Project (CBEP), which aimed to personally identify the operators of pirate sites, including those behind B9Good who were eventually traced to China. Pursuing copyright cases from outside China is reportedly difficult, but CODA had a plan. In January 2022, CODA's Beijing office was recognized as an NGO with legitimate standing to protect the rights of its member companies. Working on behalf of Aniplex, TV Tokyo, Toei Animation, Toho, Japan Broadcasting Corporation (NHK), and Bandai Namco Film Works, CODA filed a criminal complaint in China, and starting February 14, 2023, local authorities began rounding up the B9Good team.

An anonymous reader quotes a report from KrebsOnSecurity: The United Kingdom's National Crime Agency (NCA) has been busy setting up phony DDoS-for-hire websites that seek to collect information on users, remind them that launching DDoS attacks is illegal, and generally increase the level of paranoia for people looking to hire such services. The NCA says all of its fake so-called "booter" or "stresser" sites -- which have so far been accessed by several thousand people -- have been created to look like they offer the tools and services that enable cyber criminals to execute these attacks.

"However, after users register, rather than being given access to cyber crime tools, their data is collated by investigators," reads an NCA advisory on the program. "Users based in the UK will be contacted by the National Crime Agency or police and warned about engaging in cyber crime. Information relating to those based overseas is being passed to international law enforcement." The NCA declined to say how many phony booter sites it had set up, or for how long they have been running. The NCA says hiring or launching attacks designed to knock websites or users offline is punishable in the UK under the Computer Misuse Act 1990. "Going forward, people who wish to use these services can't be sure who is actually behind them, so why take the risk?" the NCA announcement continues.

FTX founder Sam Bankman-Fried was charged with directing $40 million in bribes to one or more Chinese officials to unfreeze assets relating to his cryptocurrency business in a rewritten indictment unsealed Tuesday. CBS News reports: The charge of conspiracy to violate the anti-bribery provisions of the Foreign Corrupt Practices Act means Bankman-Fried faces now faces a total of 13 charges after being arrested in the Bahamas last December and brought to the United States soon thereafter. [...] The indictment said Chinese law enforcement authorities in early 2021 froze certain Alameda crypto-trading accounts on two of China's largest cryptocurrency exchanges. The accounts, it said, contained about $1 billion worth of crypto.

Bankman-Fried understood that the accounts had been frozen by Chinese authoritIes as part of an ongoing probe of a particular Alameda trading counterparty, the indictment said. After Bankman-Fried failed several attempts to unfreeze the accounts through the use of lawyers and lobbying, the 31-year-old ultimately agreed to direct a multimillion dollar bribe to try to unfreeze the accounts, the indictment said.

"Bankman-Fried and others sought to regain access to the assets to fund additional Alameda trading activity, in order to assist Bankman-Fried and Alameda in obtaining and retaining business," court documents state. The bribe payment of cryptocurrency -- then worth about $40 million -- was moved from Alameda's main trading account to a private cryptocurrency wallet in November 2021 and the frozen accounts were unfrozen at about the same time, the indictment said.

An anonymous reader quotes a report from the BBC: Facial recognition firm Clearview has run nearly a million searches for US police, its founder has told the BBC CEO Hoan Ton-That also revealed Clearview now has 30 billion images scraped from platforms such as Facebook, taken without users' permissions. [...] The company is banned from selling its services to most US companies, after the American Civil Liberties Union (ACLU) took Clearview AI to court in Illinois for breaking privacy law. But there is an exemption for police, and Mr Ton-That says his software is used by hundreds of police forces across the US.

Police in the US do not routinely reveal whether they use the software, and it is banned in several US cities including Portland, San Francisco and Seattle. The use of facial recognition by the police is often sold to the public as only being used for serious or violent crimes. In a rare interview with law enforcement about the effectiveness of Clearview, Miami Police said they used the software for every type of crime, from murders to shoplifting. Assistant Chief of Police Armando Aguilar said his team used the system about 450 times a year, and that it had helped solve several murders. However, critics say there are almost no laws around the use of facial recognition by police.

EU police force Europol on Monday warned about the potential misuse of artificial intelligence-powered chatbot ChatGPT in phishing attempts, disinformation and cybercrime, adding to the chorus of concerns ranging from legal to ethical issues. From a report: "As the capabilities of LLMs (large language models) such as ChatGPT are actively being improved, the potential exploitation of these types of AI systems by criminals provide a grim outlook," Europol said as it presented its first tech report starting with the chatbot. It singled out the harmful use of ChatGPT in three areas of crime. "ChatGPT's ability to draft highly realistic text makes it a useful tool for phishing purposes," Europol said. With its ability to reproduce language patterns to impersonate the style of speech of specific individuals or groups, the chatbot could be used by criminals to target victims, the EU enforcement agency said.

Slashdot reader DevNull127 writes: Is there a dark side to online dating apps like Tinder? "According to the FTC, reports of fraud losses from romance scams topped $1.3 billion in 2022," reports the Verge. The head of the FBI's Portland field office tells them that "Technology gives you this false sense of trust." But the co-founder of the nonprofit Advocating Against Romance Scammers argues it's more than that — that technology "gives criminals a crucial tool to find new victims, and they are definitely getting more brazen overall."

And then the Verge tells the story of a 32-year-old technology entrepreneur and self-proclaimed multimillionaire who didn't see the red flags when a mysterious date on Tinder asked him what kind of car he owned — and told him that when he paid for their hotel room, bring cash...

Yes, he ends up being carjacked at gunpoint in a Tinder car-theft scheme by a largely transient con artist. But then he posts to his 245,000 followers on Instagram — hiring a marketing company to manage a car-recovery campaign. He hears from fences who offer to sell back his car for $30,000 — along with an alleged police informant. There's good luck and bad luck in this wild tale of car chases, police scanners, a neighborhood they call "Methville," and an attempt to bring accountability to a 21-year-old catfisher and her two 18-year-old acomplices.

But the story ends with the 32-year-old self-proclaimed multimillionaire back on Tinder, looking for another date.

The founder of Terraform Labs, Do Kwon, appears to have been arrested in Montenegro, according to a tweet by the country's minister of interior, Filip Adzic. CoinDesk reports: "Montenegrin police have detained a person suspected of being one of the most wanted fugitives, South Korean citizen Do Kwon, co-founder and CEO of Singapore-based Terraform Labs," Adzic tweeted. Kwon has been the target of several investigations and was even on Interpol's red notice after stablecoin terraUSD (UST) and its $40 billion ecosystem imploded last year, sending shockwaves across the crypto markets. The suspect was detained at the Podgorica airport with falsified documents, Adzic added, saying he was still waiting for official confirmation of identity.

The Korean National Police Agency said that it had confirmed the suspect appeared to be Kwon based on checking age, name, and nationality of his ID card, according to a report by the Yonhap news agency. The unverified account of Adzic is followed by the official account of the prime minister of Montenegro, Dritan Abazovic. The tweet announcing Kwon's arrest was also retweeted by Abazovic's account. Adzic's account has previously been cited in official tweets.

Indian authorities severed mobile internet access and text messaging for a second day Sunday across Punjab, a state of about 27 million people, as officials sought to capture a Sikh separatist and braced for potential unrest. The Washington Post reports: The statewide ban -- which crippled most smartphone services except for voice calls and some SMS text messages -- marked one of the broadest shutdowns in recent years in India, a country that has increasingly deployed the law enforcement tactic, which digital rights activists call draconian and ineffective. The Punjab government, led by the opposition Aam Admi Party, initially announced a 24-hour ban starting midday Saturday as its security forces launched a sprawling operation to arrest the fugitive Amritpal Singh, then extended the ban Sunday for another 24 hours.

Singh, a 30-year-old preacher, has been a popular figure within a separatist movement that seeks to establish a sovereign state in Punjab called Khalistan for followers of the Sikh religion. He rocketed to nationwide notoriety in February after his supporters stormed a police station to free one of his jailed supporters. The Khalistan movement is outlawed in India and considered a top national security threat by officials, but the movement has sympathizers across Punjab state, which is majority Sikh, and among members of the large Sikh diaspora who have settled in countries such as Canada and Britain. In a bid to forestall unrest and curtail what it called "fake news," Punjab authorities blocked mobile internet service beginning at noon Saturday, shortly after they failed to apprehend Singh as he drove through central Punjab with a cavalcade of supporters. Officials were probably also motivated by a desire to deprive Singh's supporters of social media, which they briefly used Saturday to seek help and organize their ranks.

Singh was still on the run as of late Sunday, and the 4G blackout remained in effect. Three Punjab residents who spoke to The Washington Post said life had been disrupted since midday Saturday. Only essential text messages, such as confirmation codes for bank transfers, were trickling through. Wired internet services were not affected. "My entire business is dependent on internet," said Mohammad Ibrahim, who accepts QR code-based payments at his two clothing shops in a village outside of Ludhiana and also sells garments online. "Since yesterday, I've felt crippled."

Rest of World reports on viral teenage pranks at conveyor-belt sushi chain restaurants across Japan, which snowballed into a societal phenomenon that social media users and the Japanese press have named "sushi terrorism."

It began January 9th when a video showed a customer adding a pile of wasabi onto sushi on a conveyor belt. Another video shows a giggling teenager touching sushi on a conveyor belt at the sushi chain Sushiro after first licking that finger. The stock of the parent company that owns that sushi chain drops nearly 5%. It's not over. At a Nagoya branch of Kura Sushi, a 21-year-old customer grabs sushi from the conveyor belt, cramming it into his mouth and chasing it down with a swig from the communal soy sauce bottle. The incident is filmed by his two younger friends, one of whom posts the clip online. The same day, Sushiro's operating company announces it will limit conveyor belts and move to ordering by touch screen.
Concerns continued at other sushi chains. ("Kura Sushi says it's installing surveillance cameras equipped with AI to monitor customers' behavior and catch sushi terrorists. A day later, Choushimaru announces it will switch entirely to an iPad-based ordering system by April 26.") Sushiro also moves to ordering by touch screen and promises to limit conveyor belts.

The story's dramatic conclusion? Nagoya police arrest the 19-year-old man who allegedly posted the soy-sauce-swigging video from Kura Sushi, along with his two "co-conspirators." Nagoya police declare they are holding all three sushi terrorists on suspicion of "forcible obstruction of business." The crime would carry a maximum penalty of three years in prison, if they're convicted.

"The World Health Organization on Friday called on China to release new data linking the Covid pandemic's origins to animal samples at Wuhan Market after the country recently took down the research," reports CNBC.

The existence of the new data was revealed by the Atlantic earlier this week, in an article reporting that the newly-discovered samples showed the virus was present in creatures for sale there near the very beginning of the pandemic: A new analysis of genetic sequences collected from the market shows that raccoon dogs being illegally sold at the venue could have been carrying and possibly shedding the virus at the end of 2019. It's some of the strongest support yet, experts told me, that the pandemic began when SARS-CoV-2 hopped from animals into humans, rather than in an accident among scientists experimenting with viruses....

The genetic sequences were pulled out of swabs taken in and near market stalls around the pandemic's start. They represent the first bits of raw data that researchers outside of China's academic institutions and their direct collaborators have had access to. A few weeks ago, the data appeared on an open-access genomic database called GISAID, after being quietly posted by researchers affiliated with the country's Center for Disease Control and Prevention. By almost pure happenstance, scientists in Europe, North America, and Australia spotted the sequences, downloaded them, and began an analysis.

The samples were already known to be positive for the coronavirus, and had been scrutinized before by the same group of Chinese researchers who uploaded the data to GISAID. But that prior analysis, released as a preprint publication in February 2022, asserted that "no animal host of SARS-CoV-2 can be deduced...." The new analysis, led by Kristian Andersen, Edward Holmes, and Michael Worobey — three prominent researchers who have been looking into the virus's roots — shows that that may not be the case. Within about half a day of downloading the data from GISAID, the trio and their collaborators discovered that several market samples that tested positive for SARS-CoV-2 were also coming back chock-full of animal genetic material — much of which was a match for the common raccoon dog. Because of how the samples were gathered, and because viruses can't persist by themselves in the environment, the scientists think that their findings could indicate the presence of a coronavirus-infected raccoon dog in the spots where the swabs were taken....

The new analysis builds on extensive previous research that points to the market as the source of the earliest major outbreak of SARS-CoV-2: Many of the earliest known COVID-19 cases of the pandemic were clustered roughly in the market's vicinity. And the virus's genetic material was found in many samples swabbed from carts and animal-processing equipment at the venue, as well as parts of nearby infrastructure, such as storehouses, sewage wells, and water drains. Raccoon dogs, creatures commonly bred for sale in China, are also already known to be one of many mammal species that can easily catch and spread the coronavirus. All of this left one main hole in the puzzle to fill: clear-cut evidence that raccoon dogs and the virus were in the exact same spot at the market, close enough that the creatures might have been infected and, possibly, infectious.

That's what the new analysis provides. Think of it as finding the DNA of an investigation's main suspect at the scene of the crime.
The article also notes that the genetic sequences "also vanished from the database shortly after the international team of researchers notified the Chinese researchers of their preliminary findings, without explanation." And it adds that all along China has "vehemently" fought the theory that Covid-19 originated from live animals being sold at Wuhan market. Although "in June 2021, a team of researchers published a study documenting tens of thousands of mammals for sale in wet markets in Wuhan between 2017 and late 2019, including at Huanan."

"The animals were kept in largely illegal, cramped, and unhygienic settings — conditions conducive to viral transmission — and among them were more than 1,000 raccoon dogs." And there's even photos of raccoon dogs for sale at the market in December of 2019.


More coverage of the newly-discovered data is now appearing in numerous news outlets, including the New York Times, NBC News, ABC News, the Guardian, PBS, and Science.

An anonymous reader quotes a report from Bloomberg: Federal agents have arrested a Peekskill, New York, man they say ran the notorious dark web data-breach site "BreachForums" under the name "Pompompurin." Conor Brian Fitzpatrick was arrested by a team of investigators at his home around 4:30 p.m. Wednesday, an FBI agent said in a sworn statement filed in court the next day. Fitzpatrick is charged with a single count of conspiracy to commit access device fraud.

BreachForums hosted the stolen databases of almost 1,000 companies and websites. The databases often includes personal information, such as names, emails and passwords. The information is offered for sale by users of the site and can be used for fraud. Pompompurin's profile on BreachForums describes him as "Bossman" and pictures the Sanrio Co. cartoon dog whose name he used as an online alias. The profile shows Fitzpatrick's most recent visit to the site was Wednesday at 3:53 p.m., shortly before his arrest. The FBI agent, who led the other agents in the arrest, said Fitzpatrick admitted he had used the alias "Pompompurin" and was the owner and operator of BreachForums.

In November 2021, Pompompurin claimed responsibility for sending out fake emails that originated from an "fbi.gov" email address. Pompompurin claimed responsibility for the breach in an interview with Brian Krebs. Details of the charges, filed in federal court in Alexandria, Virginia, have not been made public. A spokeswoman for the US Attorney in Alexandria didn't return phone and email messages seeking comment. Fitzpatrick was presented in federal court in White Plains, New York, and released on a $300,000 unsecured bond, signed by his parents. Fitzpatrick is required to avoid any contact with co-defendant, co-conspirators and witnesses in the case. He's due to appear in court in Alexandria on March 24.

Americans lost more than $10 billion to online scammers last year, new government data show, the highest level since the Federal Bureau of Investigation began tracking losses in 2000. From a report: The FBI said its Internet Crime Complaint Center, or IC3, recorded more than 800,000 complaints in 2022, or more than 2,000 complaints a day. So-called phishing expeditions represented the largest number of scams with more than 300,000 complaints, the FBI said in a report. Phishing usually involves the use of unsolicited email, text messages and phone calls, purportedly from a legitimate company, requesting personal or financial information.

"Today's cyber landscape has provided ample opportunities for criminals and adversaries to target U.S. networks, attack our critical infrastructure, hold our money and data for ransom, facilitate large-scale fraud schemes, and threaten our national security," FBI Executive Assistant Director Timothy Langan said. The total losses to online scammers rose to $10.3 billion last year from $6.9 billion in 2021. However, the overall number of complaints recorded by IC3 fell slightly from 2021.

An anonymous reader quotes a report from KrebsOnSecurity: Two U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims. Prosecutors for the Eastern District of New York today unsealed criminal complaints against Sagar Steven Singh -- also known as "Weep" -- a 19-year-old from Pawtucket, Rhode Island; and Nicholas Ceraolo, 25, of Queens, NY, who allegedly also went by the handles "Convict" and "Ominus." The Justice Department says Singh and Ceraolo belong to a group of cybercriminals known to its members as "ViLE," who specialize in obtaining personal information about third-party victims, which they then use to harass, threaten or extort the victims, a practice known as "doxing." [...]

The government alleges that on May 7, 2022, Singh used stolen credentials to log into a U.S. federal government portal without authorization. The complaint doesn't specify which agency portal was hacked, but it does state that the portal included access to law enforcement databases that track narcotics seizures in the United States. [On May 12, 2022, KrebsOnSecurity broke the news.] Prosecutors say they tied Singh to the government portal hack because he connected to it from an Internet address that he'd previously used to access a social media account registered in his name. When they raided Singh's residence on Sept. 8, 2022 and seized his devices, investigators with Homeland Security found a cellular phone and laptop that allegedly "contained extensive evidence of access to the Portal." If convicted, Ceraolo faces up to 20 years' imprisonment for conspiracy to commit wire fraud; both Ceraolo and Singh face five years' imprisonment for conspiracy to commit computer intrusions.

A copy of the complaint against Ceraolo and Singh is here (PDF).