The distinctive rattle of APT SideWinder

In February 2023, Group-IB’s Threat Intelligence team released a technical report about previously unknown phishing attacks conducted by the APT group SideWinder: Old Snake, New Skin: Analysis of SideWinder APT activity between June and November 2021. As always, Group-IB customers Read More …

New phishing-as-a-service tool “Greatness” already seen in the wild

A previously unreported phishing-as-a-service (PaaS) offering named “Greatness” has been used in several phishing campaigns since at least mid-2022. Greatness incorporates features seen in some of the most advanced PaaS offerings, such as multi-factor authentication (MFA) bypass, IP filtering and Read More …

Spanish police dismantle phishing operation linked to crime ring

The National Police of Spain have arrested two hackers, 15 members of a criminal organization, and another 23 people involved in illegal financial operations in Madrid and Seville for alleged bank scams. The cybercrime operation is an email and SMS-based Read More …

Business Email Compromise Tactics Used to Facilitate the Acquisition of Commodities and Defrauding Vendors

The FBI warns the public of criminal actors using Business Email Compromise (BEC) schemes to facilitate the acquisition of a wide range of commodities. BEC is one of the most financially damaging online crimes. It exploits the fact that so Read More …

Managed XDR Exposes Spear-Phishing Campaign Targeting Hospitality Industry Using RedLine Stealer

Recently, Trend Micro researchers noticed a spike in the number of emails received by one of our customers. After further investigation, they found that three other customers in the hospitality industry were also affected. The researchers observed that most of Read More …

SNP MP Stewart McDonald’s emails hacked by Russian group

An MP has told the BBC his emails have been stolen and he fears they will be made public. The SNP’s Stewart McDonald said the hack took place in January and he wanted to pre-empt any publication sharing them. Read Read More …

What SOCs Need to Know About Water Dybbuk, A BEC Actor Using Open-Source Toolkits

In September 2022, Trend Micro researchers observed a new potential BEC campaign that was targeting large companies around the world which we believe has been running since April 2022. By carefully selecting their target victims and leveraging open-source tools, the Read More …

Gone Phishing: Hunting for Malicious Industrial-Themed Emails to Prevent Operational Technology Compromises

Phishing is one of the most common techniques used to deliver malware and gain access to target networks. This is not only because of its simplicity and scalability, but also because of its efficiency in exploiting vulnerabilities in human behavior. Read More …