Today we joined forces in a global crackdown on LabHost, a major Canadian Phishing-as-a-Service provider.

As part of this operation, we also delved deep into LabHost’s history and infrastructure, dissecting their admin platform and the services they offer to criminals.

Exciting news!

We've partnered with National Security Services Group in Oman to strengthen cybersecurity across government, finance, oil and gas, and telecom sectors.

NSSG will now offer our cutting-edge solutions like Threat Intelligence and Fraud Protection, alongside services such as Digital Forensics and Incident Response.

Together, we're not only protecting clients but also raising awareness about cyber threats.

Stay tuned for more updates!

The online gambling industry being prone to fraud isn’t exactly new information, but the tactics have changed and are a lot more intense.

Instead of simple tactics like creating fake accounts, malicious actors now use sophisticated techniques such as synthetic players, advanced bot attacks, deepfake customer support, and other GenAI-powered manipulations.

Learn more about these elaborate schemes from our experts in our latest blog. Read more here.

What does GDPR mean for consumers? Does it strengthen or weaken fraud protection? Both.

Our senior anti-fraud expert, Julien Laurent, shares his interesting alternative perspective.

Look at the current stance on GDPR, which is an effective way to reinstate consumer protection but has some blind spots that can favor adversaries. Julien provides a strong case in point by analyzing his own Data Processing Agreement (DPA) with a global bank.

Read the blog and tell us your thoughts!

When combating adversaries, businesses often lack insight into who, when, and what they're up against. Therefore, the need for real-time and tailored threat intelligence is crucial

Sorint.SEC recognized this capability gap in their cybersecurity offering and reached out to Group-IB.

Discover how the global cybersecurity service provider leveraged Group-IB’s proprietary Threat Intelligence (TI) to enable proactive threat detection with unmatched speed and quality for them and their clients.

Read more in the case study.

The hype around AI, particularly GenAI, is warranted. There's no denying it - we're all curious. So much so that we’ve made AI our future, without fully understanding the downsides it can present.

Know the complete picture of GenAI—its pros and cons, whether it favors adversaries, and whether and how GenAI can help businesses truly enable next-gen cybersecurity.

Find out all the details here.

Even small organizations can become an appealing target for ransomware operators. This happens when sensitive data is at stake, such as health information or personal details.

A special needs school that experienced a ransomware campaign stored both types of data, which endangered the school’s pupils, reputation, and finances.

To make matters worse, the school could not afford the necessary stack of defense solutions or a full-time team of cybersecurity professionals with expertise in addressing sophisticated attacks.

When ransomware strikes, the decision time makes a difference. Group-IB’s Incident Response team stepped in just in time and helped the school to stop the ongoing ransomware campaign and shore up its defenses.

Interested in finding out the details? Read the full case study here.

Group-IB has signed an MoU with the University of Prince Mugrin (UPM) to enhance cybersecurity education and empower the next generation of cybersecurity professionals in Saudi Arabia, endorsed by Mohammad Flaifel, Group-IB's Business Development Manager, His Excellency Dr. Bandar bin Mohammed Hajjar, and Ahmed Shuwail, Dean of the College of Computer and Cyber Science.

This partnership, aligning with Saudi Vision 2030, provides UPM students access to Group-IB's advanced solutions and internships, equipping them to tackle real-world cybersecurity challenges. Read more or contact pr@group-ib.com.

Rock-solid incident readiness is key to ransomware resilience. But it’s not easy to decide what needs to be done immediately, what can be postponed, and what should be done day after day.

Group-IB’s Incident Response team has crafted a white paper that will guide you through the essential steps of incident readiness. You can use it to pinpoint potential security gaps in your practices, prioritize critical activities, and put them into action right away.

Read the white paper here

Share the guide within your network and make sure that this helpful resource reaches cybersecurity pros everywhere.

#ransomware #framework #cybersecurity #FightAgaisntCybercrime

#ThrowbackThursday Dmitry “Paunch” Fedotov was once the most infamous cybercriminal mastermind behind BlackHole and CoolKit exploit tools, responsible for $2.3 million in damages and 40% of worldwide infections in 2012.

Group-IB played a key role in assisting the police crack the case with end-to-end investigations. On October 4, 2013, our collective efforts led to his arrest.

Our very own CEO, Dmitry Volkov, came face-to-face with Paunch for over 10 hours during the trial, fighting for the cybercriminal's rightful arrest. Intrigued by how it all went down?

Get the inside scoop here. A hat-tip to the Redditors over at r/pics for this throwback!

#CyberCrime #InfoSec #GroupIB #CyberLaw #Hacker #FightAgainstCrime #CyberSecurity #BlackHole

🚨 Apple devices are being used more and more in both business and personal settings, which makes them prime targets for cybercriminals. Threat actors have started adapting effective Android threats to Apple devices. As a symptom of this trend, Group-IB recently uncovered GoldPickaxe, the first face-stealing iOS Trojan that has evolved from the infamous Android malware GoldDigger.

Against this background, it is crucial to investigate Apple threats and raise awareness among users. While some iOS vulnerabilities (e.g., Checkm8) cannot be fixed with software updates and pose risks to users, cybersecurity experts can leverage them to analyze and counteract the malware.

🎓 Sergey Nikitin, Group-IB’s Chief Regional Officer and digital forensics expert, shares advice to help businesses and users detect and investigate malicious apps and other iOS threats.

🔗 Read and apply his insights today

#GoldPickaxe #Malware #iOS #Cybersecurity #Apps #iPhone #FightAgainstCybercrime #CyberThreats

As a cybersecurity professional, the challenges we face are as dynamic as the threats we combat. From securing the hybrid workforce to navigating ever-evolving cyber ecosystems, the pressure is on. Ransomware lurks around every corner, threatening our business operations daily. But here's the thing: we're not alone in this battle.

Dmitry Volkov, CEO of Group-IB, underscores the importance of collaboration and workload distribution in supporting our cybersecurity experts. Automation tools are our allies, enhancing efficiency and empowering us to stay one step ahead of adversaries. But it's not just about the tools—it's about celebrating our victories, no matter how small, and recognizing the impact of our research.

In times of crisis, dependable support is non-negotiable. We need partners who stand by us before, during, and after challenging situations. Together, we foster a culture of resilience and success.

Read it now

📢 Breaking News 📢

Group-IB proudly becomes the first Security Operations Center-Capability & Maturity Model (SOC-CMM) Silver Support Partner in the Asia-Pacific region! 🌏

As a Silver Support Partner, Group-IB will leverage its extensive expertise and Digital Crime Resistance Centers (DCRCs) located in the Middle East, Europe, Central Asia, and the Asia-Pacific to deliver SOC-CMM advisory services globally. This partnership aims to enhance global cybersecurity by providing comprehensive assessments, consulting services, and targeted training to Security Operations Centers (SOCs) worldwide.

Read more about our strategic collaboration and its impact on the cybersecurity landscape


#Cybersecurity #GroupIB #SOCCMM #CyberDefense #DigitalCrime #CyberSecurityExcellence

Our latest Hi-Tech Crime Trends 23/24 Report sparked immense interest across the cybersecurity industry, prompting thousands of downloads and numerous web mentions.

To ensure no one misses these critical cybersecurity insights, we're here with a slightly digestible version—the Hi-Tech Crime Trends 23/24 infographic!

45 hard-hitting facts and figures that will challenge businesses' preparedness against the rising tide of cyber threats and help them build unbeatable defenses.

Ready to do your part? Share it far and wide to help your network confront cyber risks head-on.

We are proud to have played a pivotal role in "Operation DISTANTHILL" alongside the Singapore Police Force, Hong Kong Police Force, and Royal Malaysia Police. Together, we successfully nabbed cyber fraud syndicates behind a notorious Android Remote Access Trojan (RAT) campaign that wreaked havoc in Singapore and Hong Kong in 2023.

After months of intensive data collection and analysis, Group-IB uncovered the vast network used by these cybercriminals, leading to their arrest. More than 4,000 victims were defrauded across Southeast Asia. Among them, the Singapore police recorded 1,899 related cases in 2023 with a total loss of more than US$25 million.

Learn more about how our collaboration with international law enforcement brought down this cybercrime syndicate

#CyberSecurity #CyberCrime #RATCampaign #DataSecurity #CyberFraud #FightAgainstCrime #Android

🚨 New Blog Alert🚨

In our latest blog post, we dive deep into the nefarious activities of the threat actor known as Boolka. From opportunistic SQL injection attacks to the creation of sophisticated malware like the BMANAGER modular trojan, discover how Boolka has been infecting websites and stealing data with malicious scripts. Read on to learn about Boolka's tactics, techniques, and the tools used to combat this cyber threat.

Read More

#CyberSecurity #Malware #ThreatIntelligence #Boolka #CyberAttack #DataSecurity #InfoSec

App interfaces are built for convenient experiences 📱✨.

But as much as your customers prefer them, adversaries do too, using fake apps to perpetrate fraud, access sensitive information, and take control of devices.

Group-IB’s High-Tech Crime Investigations team analyzed a similar scam scheme involving illegitimate brand apps that were actually Remote Access Trojans (RATs) built using Craxs Rat🕵️‍♂️.

Developed by EVLF, Craxs Rat continues to be sold as malware-as-a-service and is evolving.

Dive into the complete details and latest developments on Craxs Rat, uncovered by Group-IB to defend yourself from becoming the next victim

#FakeAppScam #Malware #RAT #DarkWeb #CyberInvestigations #FightAgainstCybercrime

As a trusted partner for businesses in managing cybersecurity, MSSPs and MDR providers must continually enhance their service portfolios to address the evolving threat landscape.

Specifically, with Cyber Threat Intelligence (CTI), where:

🔍Expectations - Continuous stream of critical, real-time, and actionable threat insights to counter emerging threats.

⁉️Reality - Focus on basic indicators and lack the resources or structured programs to interpret and act on advanced and tailored threat intelligence.

How can you bridge the gap as an MSSP provider? Enable these three CTI capabilities for your business clients to enhance threat detection and response.

Read all about it and more

#MSSP #MDR #CyberSecurity #ThreatIntelligence #InfoSec #BusinessSecurity #DataProtection

Discover how Eldorado Ransomware, with its advanced encryption techniques and global impact, marks the evolving landscape of cybercrime🕵️‍♂️.

Our latest blog post delves into the rise of Ransomware-as-a-Service (RaaS) on dark web forums, focusing on ElDorado—a new player recruiting affiliates and providing powerful tools for devastating attacks.

Explore the dramatic increase in ransomware incidents, the secretive forums like RAMP where cybercriminals convene, and the technical workings of ElDorado. Learn crucial strategies to safeguard your organization. Unravel the hidden empire of ElDorado Ransomware in our full analysis.

Read now

#Cybercrime #Ransomware #GroupIB #Cybersecurity #RansomwareAsAService #DarkWeb #InfoSec