In a milestone event, KrebsOnSecurity.com is celebrating its 15th anniversary today, marking a significant achievement for a cybercrime blog that primarily covers negative news stories. Despite publishing fewer articles this year, the blog has seen a surge in readership, reaching near record levels of engagement.
One of the most notable stories from 2024 involved a Canadian man who fell victim to a complex e-commerce scam known as triangulation fraud. This scheme, which involves purchasing items using stolen payment card data and delivering them to unsuspecting buyers, led to the man being falsely charged with larceny and losing his job. The incident shed light on the dangers of online shopping and the need for improved security measures.
Another investigation in March exposed the questionable practices of data broker services, including OneRep and Radaris. The CEO of OneRep was found to have founded multiple people-search services, leading to Mozilla cutting ties with the company. Similarly, Radaris faced scrutiny after it was revealed that the CEO was a fabricated identity and the company’s founders were involved in various questionable online activities.
A major story from 2024 delved into Stark Industries Solutions, a mysterious Internet hosting firm linked to cyberattacks and disinformation campaigns during the conflict between Russia and Ukraine. The investigation uncovered how Stark was used as a global proxy network to conceal the origins of cyber threats, highlighting the complex nature of modern warfare in the digital age.
During the summer, a report exposed how advertising and marketing firms exploit mobile location data to track the movements of millions of devices, raising concerns about privacy and surveillance. In September, research revealed the connections between harm groups and cybercrime communities, showcasing the sinister activities of young cybercriminals involved in online bullying and extortion.
The arrest of a Canadian man named Connor Riley Moucka in October, linked to the Snowflake data extortions, was a significant development following a detailed investigation into cybercriminal activities. The report also identified an accomplice known as Kiberphant0m, who was suspected of being a U.S. Army soldier stationed in South Korea.
In December, KrebsOnSecurity focused on a dodgy cryptocurrency exchange called Cryptomus, which allegedly facilitates sanctions evasion and illicit transactions for Russian exchanges and cybercrime services. Additionally, a piece titled “How to Lose a Fortune with Just One Bad Click” highlighted the sophisticated social engineering tactics used by phishers to scam victims out of cryptocurrency.
As the year comes to a close, the blog expressed gratitude to its readers for their support and engagement, emphasizing the importance of user feedback in improving content quality. Looking ahead to 2025, KrebsOnSecurity aims to continue providing groundbreaking cybersecurity reporting and raising awareness about emerging threats in the digital landscape. Cheers to a happy, healthy, and vigilant New Year!