'%3e%3cg id='Final-Copy-2_2_' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st0' d='M7.4,12.8h6.8l3.1-11.6H7.4C4.2,1.2,1.6,3.8,1.6,7S4.2,12.8,7.4,12.8z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3cg id='final---dec.11-2020'%3e%3cg id='_x30_208-our-toggle' transform='translate(-1275.000000, -200.000000)'%3e%3cg id='Final-Copy-2' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st1' d='M22.6,0H7.4c-3.9,0-7,3.1-7,7s3.1,7,7,7h15.2c3.9,0,7-3.1,7-7S26.4,0,22.6,0z M1.6,7c0-3.2,2.6-5.8,5.8-5.8 h9.9l-3.1,11.6H7.4C4.2,12.8,1.6,10.2,1.6,7z'/%3e%3cpath id='x' class='st2' d='M24.6,4c0.2,0.2,0.2,0.6,0,0.8l0,0L22.5,7l2.2,2.2c0.2,0.2,0.2,0.6,0,0.8c-0.2,0.2-0.6,0.2-0.8,0 l0,0l-2.2-2.2L19.5,10c-0.2,0.2-0.6,0.2-0.8,0c-0.2-0.2-0.2-0.6,0-0.8l0,0L20.8,7l-2.2-2.2c-0.2-0.2-0.2-0.6,0-0.8 c0.2-0.2,0.6-0.2,0.8,0l0,0l2.2,2.2L23.8,4C24,3.8,24.4,3.8,24.6,4z'/%3e%3cpath id='y' class='st3' d='M12.7,4.1c0.2,0.2,0.3,0.6,0.1,0.8l0,0L8.6,9.8C8.5,9.9,8.4,10,8.3,10c-0.2,0.1-0.5,0.1-0.7-0.1l0,0 L5.4,7.7c-0.2-0.2-0.2-0.6,0-0.8c0.2-0.2,0.6-0.2,0.8,0l0,0L8,8.6l3.8-4.5C12,3.9,12.4,3.9,12.7,4.1z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
The FBI has been playing whack-a-mole with cybercrime websites, seizing four notable forums and marketplaces last week. Cracked.io and Nulled.to, which range from “wannabe ethical hackers” to “full-on cybercriminal central,” have been taken offline. StarkRDP.io, an RDP hosting service with a suspiciously sketchy clientele, was also snatched up. And finally, MySellix.io, the Amazon for stolen goods, was supposedly seized… except it’s still up and running like nothing happened.
Why? Honeypot theory. The best way to catch cybercriminals is to let them log in as if nothing’s wrong and quietly collect their credentials. Picture a hacker entering their stolen login details only to realise they’ve just handed the FBI their entire criminal resume. Oops.
In a mind-blowing display of tech illiteracy, Facebook’s internal policy makers have decided that Linux is malware. That’s right, the operating system that powers 96.6% of the top web servers, 70% of all global infrastructure, and Facebook’s own data centres has been flagged as a security risk.
Linux discussion groups? Banned.
Posts about Linux? Removed.
Facebook engineers trying to fix this nonsense… probably banned too.
This isn’t just dumb, it’s so dumb that it loops back around to being impressive. The best part? As of writing, some Linux links and posts are still flagged, so either Facebook’s AI has gone rogue, or Zuckerberg’s been tricked into thinking Windows XP is the future.
We can only hope they fix this soon, or that Facebook admits it’s actually the real malware.
If you're the kind of person who sees "Free Telegram Premium" and thinks "Oh sweet, free stuff!", congratulations, you’re exactly the target for Fire Scam, a nasty new Android malware.
Here’s the scam:
1. You visit a phishing site or even the RU Store, a Russian Android app store.
2. You download what you think is Telegram Premium, but surprise, it’s malware!
3. Fire Scam installs an infostealer, scanning for passwords, private keys, and session tokens.
4. Your sensitive data is exfiltrated faster than a crypto rug pull.
What makes Fire Scam particularly evil is its use of DexGuard, a tool normally used by game developers to prevent cheating. But in this case, it's being used to bypass antivirus detection, making it harder to detect than a government spy at a hacker convention.
So, lesson of the day: if something premium is offered for free, assume the only thing you’ll be getting is a virus and a very bad day.
Stay safe out there, and remember:
- Don’t log into seized cybercrime sites.
- Linux is NOT malware (but Facebook’s brain might be).
- If it’s “too good to be true,” it’s probably stealing your data.
Scan Any Domain for Free https://breachaware.com/scan
https://breachaware.com/research/ransomware-incidents-increased-by-10-percent-in-2024
A total of 13 breaches were found and analysed resulting in 9,885,988 leaked accounts containing a total of 23 different data types. The breaches found publicly and freely available included Job and Talent [2], XP Game Plus, Prixet Technology, Stealer Log 0502 and Maxxecom.
Fire scam malware masquerading as a Telegram premium app.
https://breachaware.com/research/fire-scam-malware-masquerading-as-a-telegram-premium-app
A total of 21 breaches were found and analysed resulting in 3,896,922 leaked accounts containing a total of 29 different data types. The breaches found publicly and freely available included Amai, Gift Flora, Religare Broking, Stealer Log 0503 and PnP.
Insurance company being sued for violating privacy of 45 million Americans.
https://breachaware.com/research/insurance-company-being-sued-for-violating-privacy-of-45-million-americans
A total of 36 breaches were found and analysed resulting in 9,251,596 leaked accounts containing a total of 37 different data types. The breaches found publicly and freely available included Guardian Industries, Ptt HGS, PPL Electric Utilities, Emias and Excellanto.
Your Router Might Be a Hacker’s Playground
https://breachaware.com/research/your-router-might-be-a-hackers-playground
A total of 26 breaches were found and analysed resulting in 10,232,404 leaked accounts containing a total of 34 different data types. The breaches found publicly and freely available included Chinese Software Developer Network (CSDN), Club Penguin Rewritten, Doxbin Paste, Stealer Log 0505 and bombuj.
Why? Honeypot theory. The best way to catch cybercriminals is to let them log in as if nothing’s wrong and quietly collect their credentials. Picture a hacker entering their stolen login details only to realise they’ve just handed the FBI their entire criminal resume. Oops.
Facebook Declares Linux is Malware
The Dumbest Thing This WeekIn a mind-blowing display of tech illiteracy, Facebook’s internal policy makers have decided that Linux is malware. That’s right, the operating system that powers 96.6% of the top web servers, 70% of all global infrastructure, and Facebook’s own data centres has been flagged as a security risk.
Linux discussion groups? Banned.
Posts about Linux? Removed.
Facebook engineers trying to fix this nonsense… probably banned too.
This isn’t just dumb, it’s so dumb that it loops back around to being impressive. The best part? As of writing, some Linux links and posts are still flagged, so either Facebook’s AI has gone rogue, or Zuckerberg’s been tricked into thinking Windows XP is the future.
We can only hope they fix this soon, or that Facebook admits it’s actually the real malware.
Fire Scam Malware
When Free Telegram Premium Costs You EverythingIf you're the kind of person who sees "Free Telegram Premium" and thinks "Oh sweet, free stuff!", congratulations, you’re exactly the target for Fire Scam, a nasty new Android malware.
Here’s the scam:
1. You visit a phishing site or even the RU Store, a Russian Android app store.
2. You download what you think is Telegram Premium, but surprise, it’s malware!
3. Fire Scam installs an infostealer, scanning for passwords, private keys, and session tokens.
4. Your sensitive data is exfiltrated faster than a crypto rug pull.
What makes Fire Scam particularly evil is its use of DexGuard, a tool normally used by game developers to prevent cheating. But in this case, it's being used to bypass antivirus detection, making it harder to detect than a government spy at a hacker convention.
So, lesson of the day: if something premium is offered for free, assume the only thing you’ll be getting is a virus and a very bad day.
Final Thoughts
This week’s cybersecurity news has it all the FBI setting honeypots, Facebook embarrassing itself on a global scale, and Android users getting owned for being cheap. If this trend keeps up, next week we might find out that Microsoft Word has been classified as a terrorist organisation or that Windows 11 is secretly mining Bitcoin for the NSA.Stay safe out there, and remember:
- Don’t log into seized cybercrime sites.
- Linux is NOT malware (but Facebook’s brain might be).
- If it’s “too good to be true,” it’s probably stealing your data.
Scan Any Domain for Free https://breachaware.com/scan
Data Breach, Vulnerability & Privacy Research this Month
Ransomware incidents increased by 10% in 2024.https://breachaware.com/research/ransomware-incidents-increased-by-10-percent-in-2024
A total of 13 breaches were found and analysed resulting in 9,885,988 leaked accounts containing a total of 23 different data types. The breaches found publicly and freely available included Job and Talent [2], XP Game Plus, Prixet Technology, Stealer Log 0502 and Maxxecom.
Fire scam malware masquerading as a Telegram premium app.
https://breachaware.com/research/fire-scam-malware-masquerading-as-a-telegram-premium-app
A total of 21 breaches were found and analysed resulting in 3,896,922 leaked accounts containing a total of 29 different data types. The breaches found publicly and freely available included Amai, Gift Flora, Religare Broking, Stealer Log 0503 and PnP.
Insurance company being sued for violating privacy of 45 million Americans.
https://breachaware.com/research/insurance-company-being-sued-for-violating-privacy-of-45-million-americans
A total of 36 breaches were found and analysed resulting in 9,251,596 leaked accounts containing a total of 37 different data types. The breaches found publicly and freely available included Guardian Industries, Ptt HGS, PPL Electric Utilities, Emias and Excellanto.
Your Router Might Be a Hacker’s Playground
https://breachaware.com/research/your-router-might-be-a-hackers-playground
A total of 26 breaches were found and analysed resulting in 10,232,404 leaked accounts containing a total of 34 different data types. The breaches found publicly and freely available included Chinese Software Developer Network (CSDN), Club Penguin Rewritten, Doxbin Paste, Stealer Log 0505 and bombuj.
