Department of Justice (DOJ) Archives

Cybercrime crackdown disrupts malware, infostealers, marketplaces across the globe

A burst of global law enforcement actions during the past few weeks marked by a flurry of successful takedowns gives cybercrime experts a jolt of hope.

4 days ago By Matt Kapko

Flag of the Democratic People’s Republic of Korea (Manuel Augusto Moreno)

DOJ seizes $7.7M from crypto funds linked to North Korea’s IT worker scheme

Authorities said they froze and seized the allegedly illegally obtained funds when North Korean nationals attempted to launder money linked to the long-running conspiracy.

Jun 5, 2025 By Matt Kapko

The Department of Justice building is seen in Washington, DC, on August 9, 2022. (Photo by Stefani Reynolds / AFP) (Photo by STEFANI REYNOLDS/AFP via Getty Images)

Feds seize 145 domains associated with BidenCash cybercrime platform

The cybercrime marketplace was used by more than 117,000 customers and trafficked more than 15 million credit card numbers since March 2022, the Justice Department said.

Jun 4, 2025 By Matt Kapko

AVCheck site for counter antivirus service displays a seizure notice on May 29, 2025.

Top counter antivirus service disrupted in global takedown

AVCheck and related crypting services helped cybercriminals make malware difficult to detect and confirm that malware could slip through various antivirus tools undetected, officials said.

May 30, 2025 By Matt Kapko

A smart phone with the icons for the Google Calendar app is seen on the screen in Hong Kong, Hong Kong, on July 31, 2018. (Photo by S3studio/Getty Images)

Chinese hackers used Google Calendar to aid attacks on government entities

Google Threat Intelligence Group said it developed means to counter the activity, which it linked to APT41.

May 28, 2025 By Tim Starks

Traffic streaks past the Department of Justice (DOJ) headquarters building late in the evening on May 18, 2024 in Washington, DC. (Photo by J. David Ake/Getty Images)

DanaBot malware operation seized in global takedown

The successful break-up of DanaBot marks the second high-profile law enforcement disruption of a widespread malware operation in as many days.

May 22, 2025 By Matt Kapko

A seal reading "Department of Justice Federal Bureau of Investigation" is displayed on the J. Edgar Hoover FBI building in Washington, DC, on August 9, 2022. — (Photo by STEFANI REYNOLDS/AFP via Getty Images)

Lumma infostealer infected about 10 million systems before global disruption

Cybercriminals used the prolific malware to target individuals and businesses, including Fortune 500 companies, according to the FBI.

May 21, 2025 By Matt Kapko

infected file, information stealer, malware — (Getty Images)

Lumma Stealer toppled by globally coordinated takedown

Global law enforcement authorities and Microsoft seized or disrupted the prolific infostealer’s central command infrastructure, malicious domains and marketplaces where the malware was sold.

May 21, 2025 By Matt Kapko

Students participate in a commemorative march near the Arch of Triumph in Pyongyang on April 25, 2025, to mark the 93rd anniversary of the Korean People’s Revolutionary Army. (Photo by KIM Won Jin / AFP)

North Korea’s ‘state-run syndicate’ looks at cyber operations as a survival mechanism

A new report from DTEX Systems is the deepest look at how North Korea’s remote IT workforce schemes are the tip of the iceberg when it comes…

May 15, 2025 By Greg Otto

Federal prosecutors extradite alleged leader of BlackBD.cc cybercrime marketplace

Authorities arrested Kosovo citizen Liridon Masurica in late 2024. He faces six charges that could keep him behind bars for 55 years.

May 13, 2025 By Matt Kapko