Brian Krebs

Brian Krebs

Arlington, Virginia, United States
179K followers 500+ connections

Join to follow

Articles by Brian

Activity

Join now to see all activity

Publications

  • Spam Nation: The Inside Story of Organized Cybercrime, from Global Epidemic to Your Front Door

    Sourcebooks

    In Spam Nation, investigative journalist and cybersecurity expert Brian Krebs unmasks the criminal masterminds driving some of the biggest spam and hacker operations targeting Americans and their bank accounts. Tracing the rise, fall, and alarming resurrection of the digital mafia behind the two largest spam pharmacies-and countless viruses, phishing, and spyware attacks-he delivers the first definitive narrative of the global spam problem and its threat to consumers everywhere.

    Blending…

    In Spam Nation, investigative journalist and cybersecurity expert Brian Krebs unmasks the criminal masterminds driving some of the biggest spam and hacker operations targeting Americans and their bank accounts. Tracing the rise, fall, and alarming resurrection of the digital mafia behind the two largest spam pharmacies-and countless viruses, phishing, and spyware attacks-he delivers the first definitive narrative of the global spam problem and its threat to consumers everywhere.

    Blending cutting-edge research, investigative reporting, and firsthand interviews, this terrifying true story reveals how we unwittingly invite these digital thieves into our lives every day. From unassuming computer programmers right next door to digital mobsters like "Cosma"-who unleashed a massive malware attack that has stolen thousands of Americans' logins and passwords-Krebs uncovers the shocking lengths to which these people will go to profit from our data and our wallets.

    Not only are hundreds of thousands of Americans exposing themselves to fraud and dangerously toxic products from rogue online pharmacies, but even those who never open junk messages are at risk. As Krebs notes, spammers can-and do-hack into accounts through these emails, harvest personal information like usernames and passwords, and sell them on the digital black market. The fallout from this global epidemic doesn't just cost consumers and companies billions, it costs lives too.

    Fast-paced and utterly gripping, Spam Nation ultimately proposes concrete solutions for protecting ourselves online and stemming this tidal wave of cybercrime-before it's too late.

    "Krebs's talent for exposing the weaknesses in online security has earned him respect in the IT business and loathing among cybercriminals... His track record of scoops...has helped him become the rare blogger who supports himself on the strength of his reputation for hard-nosed reporting." -Bloomberg Businessweek

    See publication

  • DDoS Services Advertise Openly, Take PayPal

    KrebsOnSecurity

    Early research into booters

    Other authors
    See publication

  • How to Tell Data Leaks from Publicity Stunts

    KrebsOnSecurity

    The release of the "Vetting Leaks" paper was first announced on KrebsOnSecurity. The paper is a compilation of investigative techniques for fact-checking suspected breach claims. These techniques were compiled in response to a number of false breach claims I have encountered over the past year in collaboration with fellow researchers.

    Other authors
    See publication

Projects

  • Inside of a Professional Carding Shop

    See project

  • Spam Nation: The Inside Story of Organized Cybercrime - From Global Epidemic to Your Front Door

    Author

    See project

  • SpyJacking the Booters - BlackHat Vegas 2013

    It's become commonplace for security reporters and providers of security technologies to find themselves targets of hackers' wrath, especially when they put criminal activity under the spotlight. Earlier this year, Brian Krebs had done some work to expose a "booter" service. Like other public security figures, he found himself the target of repeated DDoS attacks. In Brian's case, this culminated in a "SWATting" attack -- a surprise visit by dozens of heavily armed police at his front door…

    It's become commonplace for security reporters and providers of security technologies to find themselves targets of hackers' wrath, especially when they put criminal activity under the spotlight. Earlier this year, Brian Krebs had done some work to expose a "booter" service. Like other public security figures, he found himself the target of repeated DDoS attacks. In Brian's case, this culminated in a "SWATting" attack -- a surprise visit by dozens of heavily armed police at his front door. Research on "booter" services reveals a relatively unsophisticated, but high-profit criminal community of DDoS-for-hire web sites that are capable of considerable impact. They operate under legal auspices, leveraging legitimate DDoS protection services. Anyone with an axe to grind and a small amount of money can hire one of these services to have virtually any person or web site knocked off the Internet. As an indicator of how mainstream these services have become, most of them accept payment via Paypal. This talk will delve into the recent proliferation of these malicious commercial DDoS services, and reveal what's been learned about their surreptitious functioning, exposing the proprietors behind these illicit services, and what is known about their targets and their thousands of paying customers. Emphasis will be placed on detailing the vulnerabilities present in most booter sites, and the lessons we can draw about how targets of these attacks can defend themselves.

    Other creators
    See project

  • All About ATM Skimmers

    See project

  • Paris Hilton/LexisNexis hacking investigation by Brian Krebs

    I had the good fortune of editing the redoubtable Brian Krebs, computer security reporter, on this investigation for which he made contact with members of a hacking "crew" and ended up breaking a big story on how they "social engineered" their way into T-Mobile's customer database and downloaded photos from Paris Hilton's account. The crew also -- more importantly but less spectacularly -- gained access to LexisNexis databases. I helped Brian develop the story from the concept stage all the way…

    I had the good fortune of editing the redoubtable Brian Krebs, computer security reporter, on this investigation for which he made contact with members of a hacking "crew" and ended up breaking a big story on how they "social engineered" their way into T-Mobile's customer database and downloaded photos from Paris Hilton's account. The crew also -- more importantly but less spectacularly -- gained access to LexisNexis databases. I helped Brian develop the story from the concept stage all the way to publication, a delicate process as it involved gaining the trust of people actively engaged in criminal activity (at least one of whom was a minor).

    Other creators
    See project

Honors & Awards

  • Cybersecurity Person of the Year

    CISO MAG

    An award given by CISO MAG to "a person who has over the years been committed to bringing awareness into the realm of cybersecurity–to whom the information security industry is profoundly indebted." https://www.cisomag.com/brian-krebs-cybersecurity-person-of-the-year/

  • President's Award for Public Service

    The Information Systems Security Association (ISSA)

    This award recognizes an individual's contribution to the information security profession in the area of public service. From the award: "His analysis of the bad actors and the dark web shines a light on the criminals and their methods that attack information security. The information that he exposes to the light of day makes the jobs of white hats and blue teamers easier. "

  • Media and Cultural Studies Award

    Association of American Publishers

    For Spam Nation: The Inside Story of Organized Cybercrime

  • PROSE Award for "Spam Nation"

    Association of American Publishers

    “The awards annually recognize the very best in professional and scholarly publishing by bringing attention to distinguished books, journals, and electronic content in over 40 categories. Judged by peer publishers, librarians, and medical professionals since 1976, the PROSE Awards are extraordinary for their breadth and depth.”

  • Chairman's Citation

    National Press Foundation

    The Chairman's Citation is determined solely by the chairman of the non-profit journalism education foundation and honors individuals or organizations whose work falls outside traditional categories of excellence. Previous honorees have included the late Anthony Shadid of the New York Times; Al Hunt, editor at Bloomberg News; Colbert I. King, columnist with the Washington Post; Otis Chandler, former publisher of the Los Angeles Times; and the journalists of the Gulf Coast, who kept working…

    The Chairman's Citation is determined solely by the chairman of the non-profit journalism education foundation and honors individuals or organizations whose work falls outside traditional categories of excellence. Previous honorees have included the late Anthony Shadid of the New York Times; Al Hunt, editor at Bloomberg News; Colbert I. King, columnist with the Washington Post; Otis Chandler, former publisher of the Los Angeles Times; and the journalists of the Gulf Coast, who kept working through Hurricane Katrina despite great personal suffering.

  • Guardian Award

    Association of Certified Fraud Examiners

    The Guardian Award bears the inscription "For Vigilance in Fraud Reporting." This honor is given annually to a journalist "whose determination, perseverance, and commitment to the truth have contributed significantly to the fight against fraud."

  • Best Blog Post of the Year

    Security Bloggers Network, RSA Security Conference

  • Most Educational Security Blog

    Security Bloggers Network, RSA Security Conference

  • Mary Litynski Award

    M3AAWG

    An award given to acknowledge those individuals who have made a notable lifetime contribution to the anti-abuse community.

  • Blog That Best Represents the Security Industry

    Security Bloggers Network, RSA Security Conference

    http://www.securitybloggersnetwork.com/security-blogger-awards/

  • Most Educational Security Blog

    Security Bloggers Network, RSA Security Conference

    http://www.securitybloggersnetwork.com/security-blogger-awards/

  • Blog That Best Represents the Security Industry

    Security Bloggers Network, RSA Security Conference

    http://www.securitybloggersnetwork.com/security-blogger-awards/

  • Blog that Best Represents the Security Industry

    Security Bloggers Network, RSA Security Conference

    http://www.securitybloggersnetwork.com/security-blogger-awards/

  • Best Non-technical Security Blog

    Security Bloggers Network, RSA Security Conference

    http://www.securitybloggersnetwork.com/security-blogger-awards/

Recommendations received

4 people have recommended Brian

Join now to view

More activity by Brian

View Brian’s full profile

  • See who you know in common
  • Get introduced
  • Contact Brian directly
Join to view full profile

Other similar profiles

Explore more posts

Explore collaborative articles

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Explore More

Others named Brian Krebs in United States

55 others named Brian Krebs in United States are on LinkedIn

See others named Brian Krebs

Add new skills with these courses

See all courses