The post North Korean “Laptop Farms” Infiltrated 70 U.S. Companies appeared first on Daily CyberSecurity.

The Federal Bureau of Investigation (FBI) has issued a public warning over a sharp rise in cyber-enabled cargo theft, as threat actors increasingly use digital tactics to impersonate legitimate businesses, hijack freight, and steal high-value shipments. According to the FBI, cybercriminals are targeting transportation and logistics companies involved in shipping, receiving, and insuring cargo. The agency said these attacks have been ongoing since at least 2024 and are now becoming more sophisticated and widespread. Losses linked to cyber-enabled cargo theft have surged significantly. In 2025, estimated cargo theft losses in the United States and Canada reached nearly $725 million, marking a 60 percent increase from the previous year. Confirmed incidents rose by 18 percent, while the average value per theft increased by 36 percent to $273,990, reflecting a shift toward more targeted, high-value shipments.

How Cyber-Enabled Cargo Theft Works

The FBI outlined a structured, multi-step process used in cyber-enabled cargo theft schemes. Attackers begin by compromising accounts of brokers and carriers through phishing techniques such as spoofed emails, fake websites, and malicious links. Victims are often sent emails posing as legitimate business communications, such as carrier agreements or service complaints. These emails include links that lead to phishing websites designed to mimic trusted platforms. Once accessed, these sites deploy malware or remote monitoring tools, allowing attackers to gain full control over systems without detection. After gaining access, cybercriminals exploit online freight marketplaces known as load boards. They impersonate legitimate brokers or carriers and post fake shipment listings, sometimes in large volumes. Unsuspecting carriers bid on these listings and are further compromised through fraudulent agreements or malicious downloads. In the next stage, attackers use the compromised accounts to accept real shipment contracts. They then engage in illegal double-brokering, rerouting freight to unintended locations. Shipment documents are manipulated, including bills of lading, and delivery destinations are altered without the knowledge of the original parties. The final stage of cyber-enabled cargo theft involves physically diverting the cargo. Goods are transferred through cross-docking or transloading to other drivers, often complicit, and then stolen for resale. In some cases, attackers demand ransom payments in exchange for information about the shipment’s location. [caption id="attachment_111803" align="aligncenter" width="972"] Image Source: https://www.ic3.gov/[/caption]

Indicators of Cyber-Enabled Cargo Theft

The FBI has identified several warning signs that may indicate a cyber-enabled cargo theft attempt. These include unexpected communications regarding shipments made in a company’s name, spoofed email domains, and requests to download documents from suspicious links. Other indicators include emails referencing negative service reviews with embedded links, unauthorized changes to email account settings, and slight variations in domain names designed to mimic legitimate organisations. Attackers may also use temporary or internet-based phone numbers to communicate with victims. These tactics are designed to create a sense of urgency or legitimacy, increasing the likelihood that employees will engage with malicious content.

Steps to Prevent Theft

To reduce the risk of cyber-enabled cargo theft, the FBI is urging organisations to adopt stronger verification and security practices. Companies are advised to independently confirm shipment requests using multiple communication channels before releasing goods. The agency recommends implementing multi-layer verification processes and not relying solely on familiar names or email addresses. Businesses should also maintain detailed records of all transactions, including driver identification, vehicle details, and communication logs, to support investigations if needed. Recognising phishing attempts and avoiding interaction with suspicious links remain critical preventive measures.

Reporting Theft Incidents

The FBI has encouraged victims of cyber-enabled cargo theft to report incidents promptly. In addition to contacting local law enforcement, affected organisations should file complaints with the Internet Crime Complaint Center (IC3) or reach out to their nearest FBI field office. The agency said timely reporting can help identify patterns, disrupt criminal networks, and prevent further losses across the logistics sector.

What happened The FBI issued a public service announcement on April 30, 2026, warning the US transportation and logistics industry of a sharp rise in cyber-enabled cargo theft, with estimated losses in the United States and Canada reaching nearly $725 million in 2025. That represents a 60% increase over the prior year. Confirmed cargo theft […]

The post FBI Links Cybercriminals to Sharp Surge in Cargo Theft Attacks appeared first on CISO Whisperer.

The post FBI Links Cybercriminals to Sharp Surge in Cargo Theft Attacks appeared first on Security Boulevard.

The post Cybersecurity Pros Sentenced for Running ALPHV BlackCat Ransomware appeared first on Daily CyberSecurity.

The post The Fall of Versus: Dark Web Mastermind Extradited to the US to Face Life Behind Bars appeared first on Daily CyberSecurity.

The FBI warns of rising cyber cargo theft, with hackers targeting brokers and carriers. Experts say digital attacks are replacing traditional cargo theft.

The FBI has issued a Public Service Announcement (PSA) about a surge in cyber-enabled cargo theft, with hackers increasingly targeting brokers and carriers. This trend confirms earlier findings from Proofpoint and alerts from the NMFTA, which noted that traditional cargo theft is being replaced by more sophisticated, digital attacks across the logistics sector.

“The Federal Bureau of Investigation is publishing this Public Service Announcement (PSA) to warn the public of cyber threat actors increasingly using sophisticated, cyber-enabled tactics to impersonate legitimate businesses to hijack freight, steal high-value shipments, and reroute deliveries, resulting in a surge of strategic cargo theft.” reads the FBI’s PSA.

Crooks are increasingly targeting the U.S. transportation and logistics sector, including brokers and carriers. Since 2024, attackers have used phishing emails, fake websites, and compromised accounts to gain access to systems. They impersonate legitimate companies and post fake load listings to trick victims into handing over goods, which are then diverted and resold.

“Since at least 2024, cyber threat actors have gained unauthorized access to the computer systems of brokers and carriers — typically via spoofed emails, fake URLs, and compromised carrier accounts.” continues the announcement. “The cyber actors pose as victim companies and post fraudulent listings on load boards to deceive shippers, brokers, and carriers into handing over goods, which are redirected from their intended destination and stolen for resale. “

In 2025, cargo theft losses in the U.S. and Canada reached nearly $725 million, up 60% from 2024. Incidents rose 18%, while the average loss per theft increased 36% to $273,990, reflecting a shift toward fewer but higher-value targets.

Cyber-enabled cargo theft follows a structured, multi-step scheme. Attackers first compromise broker or carrier accounts using phishing emails and fake links that install remote access tools. With control of these systems, they impersonate companies and post fake loads on trucking platforms, tricking legitimate carriers into engaging and sometimes infecting them too.

Next, criminals pose as trusted carriers to accept real shipments, then “double-broker” them to unsuspecting drivers while altering documents and delivery details. They may even update official records to appear legitimate.

Finally, the cargo gets redirected, transferred to complicit drivers, and stolen for resale. In some cases, attackers demand ransom to reveal shipment details or location.

The PSA includes indicators to spot cyber-enabled cargo theft attacks. These include unexpected contacts about shipments made in their name without authorization, and emails that mimic real domains but use free providers or slight variations. Messages may push users to click shortened or spoofed links, often tied to fake complaints or documents that deliver malware.

Other red flags include new or suspicious mailbox rules, such as auto-forwarding or deletion. Attackers also use altered email addresses with small changes or added titles. Communication often comes via email or short-lived VoIP phone numbers, sometimes linked to overseas activity.

To prevent cargo theft, businesses should verify shipments using independent and multiple channels before releasing goods. Do not trust names or emails alone—confirm requests with additional authentication. Keep detailed records of drivers, vehicles, and transactions to support investigations and reduce fraud risks.

Companies can spot cyber-enabled cargo theft through several warning signs. These include unexpected contacts about shipments made in their name without authorization, and emails that mimic real domains but use free providers or slight variations. Messages may push users to click shortened or spoofed links, often tied to fake complaints or documents that deliver malware.

Other red flags include new or suspicious mailbox rules, such as auto-forwarding or deletion. Attackers also use altered email addresses with small changes or added titles. Communication often comes via email or short-lived VoIP phone numbers, sometimes linked to overseas activity.

FBI recommends businesses should verify shipments using independent and multiple channels before releasing goods. Do not trust names or emails alone, confirm requests with additional authentication. Keep detailed records of drivers, vehicles, and transactions to support investigations and reduce fraud risks.

Recently Proofpoint researchers observed crooks targeting trucking and logistics companies, running coordinated remote access campaigns to steal cargo and divert payments. These attacks appear to be linked to organized crime.

The findings highlight a growing trend of cyber-enabled cargo theft, where digital intrusions directly support real-world crime. This threat is expanding rapidly, with losses in North America reaching $6.6 billion in 2025, showing how cyberattacks are increasingly used to disrupt supply chains and generate profit.

In November 2025, Proofpoint first reported cybercriminals were targeting trucking and logistics firms with RMM tools (remote monitoring and management software) to steal freight. Active since June 2025, the group works with organized crime to loot goods, mainly food and beverages.

Crooks infiltrate logistics firms, hijack cargo bids, and steal goods, fueling the rise of cyber-enabled freight theft.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, cargo theft)

Two US cybersecurity experts jailed for aiding BlackCat ransomware group, extorting victims worldwide and exploiting insider access for profit.

The post The Global Takedown: FBI and International Allies Dismantle Billion-Dollar Pig-Butchering Empires appeared first on Daily CyberSecurity.

In a major international enforcement action, Operation Tri-Force Sentinel, led by Dubai Police, in coordination with the FBI and Chinese Police, has dismantled a large transnational fraud network involved in global financial scams. The Operation Tri-Force Sentinel crackdown resulted in the arrest of 276 individuals linked to organised cyber-enabled fraud activities spanning multiple countries, primarily involving suspects from Southeast Asia. The Operation Tri-Force Sentinel was carried out under the UAE Ministry of Interior and focused on disrupting criminal syndicates running high-yield investment scams, commonly known as HYIS, “pig butchering” schemes, and virtual currency fraud. Authorities confirmed that nine major fraud centres were dismantled during the coordinated action.

276 Arrests and Nine Fraud Centres Dismantled in Operation Tri-Force Sentinel

As part of the operation, law enforcement agencies executed synchronized raids that dismantled three major criminal syndicates operating fraud centres. These centres were responsible for large-scale financial deception campaigns targeting victims across several regions. The operation led to the arrest of 276 suspects, with authorities confirming that the network used advanced social engineering techniques. Victims were reportedly engaged through digital platforms, where trust was gradually built before financial exploitation took place. Dubai Police also confirmed the arrest of a key leader of one of the syndicates in Thailand, carried out in coordination with the Royal Thai Police. The enforcement action marked one of the most significant coordinated strikes against cyber-financial crime groups in recent times under Operation Tri-Force Sentinel. [caption id="attachment_111753" align="aligncenter" width="553"] Image Source: Dubai Police[/caption]

Dubai Police, FBI, and Chinese Police Coordination 

Dubai Police played a central role in directing and executing Operation Tri-Force Sentinel, enabling real-time intelligence sharing between international partners. The collaboration with the FBI and Chinese Police was described as critical to the success of the operation. Dubai Police stated that the operation reflects a proactive strategy to combat evolving transnational financial crime threats. The agency emphasized that coordinated international efforts were essential to dismantling complex criminal networks operating across borders. The FBI highlighted the significance of joint enforcement efforts, stating that the operation demonstrates the effectiveness of coordinated global action in disrupting large-scale fraud schemes. It further noted that the partnership with the UAE authorities, particularly the Dubai Police, played a key role in achieving operational success. Chinese Police also reaffirmed their commitment to combating telecom and financial fraud crimes. They emphasized continued cooperation with global law enforcement agencies to address emerging cross-border criminal activities targeted in Operation Tri-Force Sentinel.

Transnational Fraud Networks and Financial Crime Disruption

The dismantled network operated multiple fraud centres using structured and organised digital fraud models. These included investment scams and cryptocurrency-related fraud schemes that have increasingly affected victims across several countries. Authorities noted that the criminal groups involved in Operation relied heavily on psychological manipulation and digital engagement strategies to execute financial scams at scale. The coordinated enforcement action disrupted key operational infrastructure of these networks in a single phase.

International Cooperation Strengthened 

This operation highlights the growing importance of international cooperation in tackling financial crime networks that operate beyond national borders. The joint action between Dubai Police, the FBI, and the Chinese Police demonstrates strengthened coordination in intelligence sharing and enforcement execution. Officials involved in the operation emphasized that continued collaboration is essential to countering sophisticated fraud networks. The success of Operation reflects the ability of global law enforcement agencies to respond jointly to complex cyber-enabled financial threats. The operation marks a significant step in global efforts to combat organised fraud networks and reinforces the role of coordinated international enforcement in addressing cross-border financial crime.

The post From Shanghai to Houston: The HAFNIUM Hacker Who Stole Vaccine Secrets Faces Justice appeared first on Daily CyberSecurity.

Phishing still hooks users around the world and coaxes them to hand over credentials. But on occasion the good guys take them down, like the FBI in collaboration with Indonesian law enforcement did with W3LLStore marketplace. 

The post FBI, Indonesian Authorities Team to Take Down Site Ripping Off Users for Millions  appeared first on Security Boulevard.

The post The Notification Trap: How Apple’s New iOS Patch Blocks Forensic Recovery of “Deleted” Signal Messages appeared first on Daily CyberSecurity.

Apple patched an iPhone notification bug that let deleted messages linger in system storage, closing a privacy gap exposed by an FBI Signal case.

The post Apple Fixes iPhone Bug After FBI Retrieved Signal Messages appeared first on TechRepublic.

404 Media reports (alternate site):

The FBI was able to forensically extract copies of incoming Signal messages from a defendant’s iPhone, even after the app was deleted, because copies of the content were saved in the device’s push notification database….

The news shows how forensic extraction—­when someone has physical access to a device and is able to run specialized software on it—­can yield sensitive data derived from secure messaging apps in unexpected places. Signal already has a setting that blocks message content from displaying in push notifications; the case highlights why such a feature might be important for some users to turn on.

“We learned that specifically on iPhones, if one’s settings in the Signal app allow for message notifications and previews to show up on the lock screen, [then] the iPhone will internally store those notifications/message previews in the internal memory of the device,” a supporter of the defendants who was taking notes during the trial told 404 Media.

EDITED TO ADD (4/24): Apple has patched this vulnerability.

The post The Negotiator Turned Traitor: Insider Betrayal in the BlackCat Ransomware Ring appeared first on Daily CyberSecurity.

The post Scotland Man Pleads Guilty in Massive $8 Million Crypto-Heist and Phishing Campaign appeared first on Daily CyberSecurity.

The post The Encryption Ghost: How the FBI Recovers “Deleted” Signal Messages from iPhone Caches appeared first on Daily CyberSecurity.

Alert this report is a summary of deep web and dark web source-based material and contains some facts that cannot be fully verified due to the nature of the sources. Major Issues BreachForums’ internal collapse and attempts to rebuild were observed. trust was undermined by the betrayal of moderators and the movement of funds, and […]

FBI Atlanta and Indonesian National Police dismantle W3LLSTORE phishing market linked to $20M fraud, seizing domains and detaining developer.

Signal messages may persist in iPhone notification data, enabling FBI access even after deletion, a court case reveals.