Connect with us
https://paxful.com/?utm_source=CGNT&utm_medium=Banner&utm_term=Crypto%20Global%20News%20Team

Scam News

German Police Seize Second Crypto-Fueled Cyberbunker

Published

on

German Police Seize Second Crypto-Fueled Cyberbunker

German police have raided and shut down Cyberbunker 2.0, a decommissioned NATO bunker that housed dark web market servers and child porn. The bunker, hidden in the Mosel River town of Traben-Trarbach, held multiple stories of servers as well as “$41 million worth of funds allegedly tied to these markets,” according to security researcher Brian Krebs.

“Incredibly, for at least two of the men accused in the scheme, this was their second bunker-based hosting business that was raided by cops and shut down for courting and supporting illegal activity online,” said Krebs.

Police also raided locations in Netherlands, Poland, and Luxembourg in connection with the bunker’s activities. The bunker held multiple dark web markets including the financial scam site “Wall Street Market,” drug portal “Cannabis Road” and “Orange Chemicals,” a market for synthesized drugs.

Bunker schematic. (Image via German Police)

Police believe the bunker belonged to Herman Johan Xennt and Sven Kamphuis, two hackers who originally ran a similar bunker in the Netherlands. After a fire caused by an explosion in an ecstasy lab, they had to shut down their original bunker and lost their ability to run their servers in the Netherlands. They moved into the new Cyberbunker in 2013.

“They’re known for hosting scammers, fraudsters, pedophiles, phishers, everyone,” said Guido Blaauw, director of Disaster-Proof Solutions, the company that sold the original bunker to the pair. “That’s something they’ve done for ages and they’re known for it.”

The whole operation was deeply secretive and connected to organized crime. Xennt himself was quite a character. The Irish Sunday World tracked him down in 2015 saying:

Xennt, who looks like a Bond villain, lives in the bunker. He is pasty, white-skinned and sports long blonde hair. He rarely shows his face in public, but when he does, it is to meet with his close friend [an organized crime figure] who has moved to an apartment in the town below.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Altcoin News

A Hacker Sells Personal Info From Databases Of Trezor, Ledger And Other Platforms

Published

on

A Hacker Sells Personal Info From Databases Of Trezor, Ledger And Other Platforms (2)
A Hacker Sells Personal Info From Databases Of Trezor, Ledger And Other Platforms

The hacker that breached the Ethereum.org forum is allegedly selling the databases for the three most-popular crypto hard wallets — Ledger, Trezor, and KeepKey. The three databases contain the name, address, phone number, and email for more than 80,000 users combined, however, they do not contain passwords for the accounts. The hacker has also recently listed the SQL database for the online investment platform, BnkToTheFuture.

On May 24, cybercrime monitoring website, Under the Breach, spotted the hacker’s new listings for the databases of the top hardware wallet providers. The hacker claims to be in possession of account information corresponding to nearly 41,500 Ledger users, over 27,100 Trezor users, and KeepKey’s 14,000 customers. Chat logs posted to Twitter indicate that the data was stolen through exploiting a vulnerability to the popular e-commerce website platform Shopify.

Cyber Criminals Have Turned Social Media Cyber Crime Into a $3 ...

The hacker is now advertising the databases of 18 virtual currency exchanges and forums, in addition to the email lists of two crypto tax platforms. The databases include the full SQL for Korean exchange Korbit spanning 4,500 users, three databases for Mexican trading platform Bitso, and the complete account information including passwords for blockchain platforms Blockcypher, Nimirum, and Plutus. The hacker specifies he is only interested in premium bids, stating: “Don’t offer me low dollar, only big money allowed.”

Last week, BlockFi reported a data breach resulting from a Sim-swap attack. Customers’ full names, email addresses, dates of birth, and physical addresses were leaked. Client funds were not impacted. At the end of April, Etana, a custody firm that provides services to Kraken, also suffered a data breach that did not see any customer funds lost.

Continue Reading

Regulation News

Plus Token Leaders Could Be Up For Criminal Prosecution in China

Published

on

Plus Token Leaders Could Be Up For Criminal Prosecution in China
Plus Token Leaders Could Be Up For Criminal Prosecution in China

One of the ringleaders of Plus Token is now facing criminal charges in China. Plus Token is one of the largest apparent scams in the cryptocurrency industry’s history. According to local media, Zhou will face public prosecutors in the Court of Jianhu County, Yancheng City, Jiangsu Province. 

As the local government only supplied Zhou’s family name, at press time we can’t confirm exactly which Zhou this refers to. Zhou reportedly publicized and promoted the PlusToken wallet App, a so-called cryptocurrency financial management application, through Wechat and other avenues over the internet. By registering four different accounts with SIM cards in the wallet, he allegedly lured more than 1.9 million people into the pyramid scam.

Multi-level marketing has been likened to a legal pyramid scheme ...

According to local authorities, the PlusToken wallet disguises itself as a cryptocurrency financial management app but allows criminals to recruit members by promising high returns based on the number of other investors they can pull in. Local police said that they received reports from the public regarding the scam as early as last year, explaining:

“In the name of providing a cryptocurrency appreciation service, the platform falsely claims that it has the function of mining cryptos, and requires members to pay certain value of cryptocurrencies such as Bitcoin, Ethereum, EOS, etc., so as to obtain high static income.”

Continue Reading

Scam News

New Ransomware Attack Method

Published

on

New Ransomware Attack Method
New Ransomware Attack Method

A new study warns of a new ransomware attack method that runs a virtual machine on target computers in order to infect them with the ransomware. This may play the attack beyond the reach of the computer’s local antivirus software. According to the UK-based cybersecurity firm Sophos, the Ragnar Locker attack is quite selective when choosing its victims. Ragnar’s targets tend to be companies rather than individual users.

Ragnar Locker asks victims for large amounts of money to decrypt their files. It also threatens to release sensitive data if users do not pay the ransom. Sophos gave the example of the network of Energias de Portugal, who stole ten terabytes of sensitive data, demanding payment of 1,850 Bitcoin (BTC) in order not to filter the data. 1,850 BTC is worth roughly $11 million as of press time. The modus operandi of ransomware is to take advantage of vulnerabilities in the Windows remote desktop app, where they obtain administrator-level access to the computer. With the necessary permissions granted, attackers configure the virtual machine to interact with the files. They then proceed to boot up the virtual machine, running a stripped-down version of Windows XP called “Micro XP v0.82.”

Recent ransomware attacks define the malware's new age | CSO Online

Brett Callow, threat analyst at malware lab Emsisoft, provided more details on Ragnar Locker:

“The operators have recently been observed to launch the ransomware from within a virtual machine to avoid detection by security products. Like other ransomware groups, Ragnar Locker steals data and uses the threat of its release as additional leverage to extort payment. Should the company not pay, the stolen data is published on the group’s Tor site.”

Callow claims that the tactics deployed by ransomware groups are becoming ever more “insidious and extreme”, considering that the ransomware gangs behind Ragnar Locker now threaten to sell the data to the victim’s competitors or use it to attack their customers and business partners. The threat specialist from Emsisoft adds the following:

“Companies in this situation have no good options available to them. Even if the ransom is paid, they simply have a pinky-promise made by a bad faith actor that the stolen data will be deleted and not misused.”

Continue Reading

TRENDING

Copyright © 2015 Crypto Global News Team.