🚨 New Threat Research Alert: RansomHub, a rising force in ransomware, has launched an aggressive affiliate program and is targeting key industries worldwide.
Our latest blog dives deep into their tactics, from recruiting former Scattered Spider members to executing double-extortion attacks.
Discover how they’re exploiting unprotected RDP services and exfiltrating massive amounts of data. Stay ahead of the curve—read our detailed analysis and protect your organization from this escalating threat.
🔗 Read Here
Our latest blog dives deep into their tactics, from recruiting former Scattered Spider members to executing double-extortion attacks.
Discover how they’re exploiting unprotected RDP services and exfiltrating massive amounts of data. Stay ahead of the curve—read our detailed analysis and protect your organization from this escalating threat.
🔗 Read Here
👍11
🚨 Lazarus Group's Latest Scheme: Beaver Fever 2024 🚨
Lazarus Group has intensified its operations with a new campaign using fraudulent job interviews and malicious video conferencing apps to deploy their latest malware—BeaverTail and InvisibleFerret. Our recent analysis at Group-IB reveals:
🔹 Malware Details: BeaverTail, a sophisticated Python-based backdoor, and InvisibleFerret, targeting both cryptocurrency wallets and browser extensions.
🔹 New Tactics: Utilization of hijacked gaming projects and advanced evasion techniques.
Stay informed and protect your digital assets by reading our comprehensive report on these emerging threats.
🔗 Explore the full analysis
#Cybersecurity #Malware #ThreatAnalysis #LazarusGroup #GroupIB #BeaverTail #CyberThreats #MalwareAnalysis
Lazarus Group has intensified its operations with a new campaign using fraudulent job interviews and malicious video conferencing apps to deploy their latest malware—BeaverTail and InvisibleFerret. Our recent analysis at Group-IB reveals:
🔹 Malware Details: BeaverTail, a sophisticated Python-based backdoor, and InvisibleFerret, targeting both cryptocurrency wallets and browser extensions.
🔹 New Tactics: Utilization of hijacked gaming projects and advanced evasion techniques.
Stay informed and protect your digital assets by reading our comprehensive report on these emerging threats.
🔗 Explore the full analysis
#Cybersecurity #Malware #ThreatAnalysis #LazarusGroup #GroupIB #BeaverTail #CyberThreats #MalwareAnalysis
🔥9❤1👍1
The Group-IB DFIR Team has identified a new technique that exploits the pam_exec module to gain privileged shell access and establish persistent control on compromised hosts.
The flexibility of the Pluggable Authentication Module (PAM) poses risks, particularly with pam_exec, which can be used to run malicious scripts. These scripts can be injected into PAM configurations, allowing attackers to maintain access and manipulate authentication processes undetected. PAM’s plaintext transmission of values and lack of secure password storage further exacerbate the risk.
Find out more on our blog, and review your PAM configurations to protect against this vulnerability.
#CyberSecurity #DFIR #ThreatHunting #PAM #MITREATTACK #FightAgainstCybercrime
The flexibility of the Pluggable Authentication Module (PAM) poses risks, particularly with pam_exec, which can be used to run malicious scripts. These scripts can be injected into PAM configurations, allowing attackers to maintain access and manipulate authentication processes undetected. PAM’s plaintext transmission of values and lack of secure password storage further exacerbate the risk.
Find out more on our blog, and review your PAM configurations to protect against this vulnerability.
#CyberSecurity #DFIR #ThreatHunting #PAM #MITREATTACK #FightAgainstCybercrime
🔥10❤3👍2👏1
🔒 With breaches increasing by 72% last year⬆, the expertise needed to manage them effectively is at an all-time low⬇️.
The result? A growing gap that heightens risks for businesses and customers.
Closing the gap requires enabling investment-friendly, continuous, and expert-guided cybersecurity—with Digital Forensics and Incident Response (DFIR) retainer services.
The Gartner® report, Market Guide for Digital Forensics and Incident Response Retainer Services, offers valuable insights and mentions Group-IB as a Representative Vendor for our "Group-IB Incident Response Retainer" service.
Excited to announce Group-IB's recognition as a Representative Vendor for the fourth consecutive time.
Get complete information here.
P.S. Don’t forget to share it within your network!
#Cybersecurity #DFIR #Gartner #MarketGuide #RiskManagement #FightAgainstCybercrime
The result? A growing gap that heightens risks for businesses and customers.
Closing the gap requires enabling investment-friendly, continuous, and expert-guided cybersecurity—with Digital Forensics and Incident Response (DFIR) retainer services.
The Gartner® report, Market Guide for Digital Forensics and Incident Response Retainer Services, offers valuable insights and mentions Group-IB as a Representative Vendor for our "Group-IB Incident Response Retainer" service.
Excited to announce Group-IB's recognition as a Representative Vendor for the fourth consecutive time.
Get complete information here.
P.S. Don’t forget to share it within your network!
#Cybersecurity #DFIR #Gartner #MarketGuide #RiskManagement #FightAgainstCybercrime
👍11❤4
Our latest investigation reveals a sophisticated Android malware campaign, codenamed Ajina, targeting Central Asia. Named after a mythical spirit from Uzbek folklore, this malware deceives users by posing as legitimate apps, compromising personal and financial data across the region. Our investigation revealed over 1,400 unique samples, highlighting the attackers' regional knowledge and growing reach.
Discover how these malicious actors are spreading malware through Telegram, the techniques they're using, and the broader implications for users and businesses alike.
🛡️ Stay informed and stay secure.
Read the full analysis by our experts now
#CyberSecurity #ThreatIntelligence #infosec #FightAgainstCybercrime #AndroidMalware #Telegram
Discover how these malicious actors are spreading malware through Telegram, the techniques they're using, and the broader implications for users and businesses alike.
🛡️ Stay informed and stay secure.
Read the full analysis by our experts now
#CyberSecurity #ThreatIntelligence #infosec #FightAgainstCybercrime #AndroidMalware #Telegram
👍7🔥5
We are proud to celebrate the recognition of Anastasia Tikhonova and Ha Hai Phan, who won the Top Women in Security ASEAN Region Award for Thailand and Vietnam.
Vesta Matveeva and Sharmine Low were also named among the top 30 finalists.
Their groundbreaking work in threat intelligence, cybercrime investigations, and malware analysis has significantly advanced global cybersecurity and supported law enforcement efforts. Every day, their expertise continues to enrich the cybersecurity community and strengthen defenses against emerging threats.
Learn more
Vesta Matveeva and Sharmine Low were also named among the top 30 finalists.
Their groundbreaking work in threat intelligence, cybercrime investigations, and malware analysis has significantly advanced global cybersecurity and supported law enforcement efforts. Every day, their expertise continues to enrich the cybersecurity community and strengthen defenses against emerging threats.
Learn more
🔥24❤11🏆3👏2
It's no secret that the dark web has been a breeding ground for cybercriminal activities.
However, with advanced technology, investigative expertise, and effective operations, many adversaries have been shackled, if not entirely stopped, from openly carrying out their malicious activities.
Yet, crime doesn’t stop—it shifts. Cybercriminals are now exploiting social media to spread malware, sell stolen data, and recruit accomplices.
At Group-IB, our investigators use manual analysis, specialized tools like Group-IB Threat Intelligence, and social engineering tactics to uncover cybercriminals' hidden motives and gain firsthand insights into emerging trends—helping businesses understand how to protect themselves.
👉 Find out more here.
Think more people should know about this? Like, repost, and share with your network!
#DarkWeb #ThreatIntelligence #SocialEngineering #DataSecurity #FightAgainstCybercrime
However, with advanced technology, investigative expertise, and effective operations, many adversaries have been shackled, if not entirely stopped, from openly carrying out their malicious activities.
Yet, crime doesn’t stop—it shifts. Cybercriminals are now exploiting social media to spread malware, sell stolen data, and recruit accomplices.
At Group-IB, our investigators use manual analysis, specialized tools like Group-IB Threat Intelligence, and social engineering tactics to uncover cybercriminals' hidden motives and gain firsthand insights into emerging trends—helping businesses understand how to protect themselves.
👉 Find out more here.
Think more people should know about this? Like, repost, and share with your network!
#DarkWeb #ThreatIntelligence #SocialEngineering #DataSecurity #FightAgainstCybercrime
❤8👍3
⚠️ Is TeamTNT Back? Cloud Infrastructures at Risk Again
After disappearing in 2022, TeamTNT—a notorious threat actor known for targeting cloud environments—may be back with new campaigns impacting VPS infrastructures. Group-IB's DFIR team has uncovered alarming signs of their return, utilizing SSH brute force attacks and custom scripts to compromise systems, disable security features, and hijack cryptocurrency miners.
Explore our latest research to dive deeper into TeamTNT's evolving tactics and their potential resurgence.
🔗 Read the full blog now and stay ahead.
#TeamTNT #CloudSecurity #DFIR #CyberSecurity #FightAgainstCybercrime
After disappearing in 2022, TeamTNT—a notorious threat actor known for targeting cloud environments—may be back with new campaigns impacting VPS infrastructures. Group-IB's DFIR team has uncovered alarming signs of their return, utilizing SSH brute force attacks and custom scripts to compromise systems, disable security features, and hijack cryptocurrency miners.
Explore our latest research to dive deeper into TeamTNT's evolving tactics and their potential resurgence.
🔗 Read the full blog now and stay ahead.
#TeamTNT #CloudSecurity #DFIR #CyberSecurity #FightAgainstCybercrime
👍7👀3
Group-IB is proud to have supported international “Operation Kaerb," a joint effort coordinated by Europol and Ameripol in partnership with European and Latin American law enforcement agencies and judiciary authorities, leading to the arrest of 17 individuals behind the iServer phishing-as-a-service platform. The cybercriminals claimed over 483,000 mobile phone victims globally. Group-IB's continued collaboration with international partners underscores our commitment to combating cybercrime and protecting users worldwide.
Read more about this successful operation and our role in it.
#Cybercrime #Phishing #Cybersecurity #GroupIB #DigitalSafety #LawEnforcement #CyberFraud
Read more about this successful operation and our role in it.
#Cybercrime #Phishing #Cybersecurity #GroupIB #DigitalSafety #LawEnforcement #CyberFraud
🔥18👍4❤1
We are pleased to welcome Craig Jones, former Director of Cybercrime at INTERPOL, as an Independent Strategic Advisor to Group-IB. With over three decades of experience in global law enforcement, including his leadership at INTERPOL’s Cybercrime Directorate, Craig brings a wealth of expertise to our mission of combating digital threats.
In his new role, Craig will collaborate with our CEO, Dmitry Volkov, and the Executive Team to shape Group-IB’s long-term strategy, guide market positioning, and strengthen our global efforts to stop cybercriminals.
We look forward to working with Craig as we continue to build a safer digital environment for businesses and communities worldwide.
Read More
#Cybersecurity #DigitalSafety #CyberThreats #FightAgainstCybercrime
In his new role, Craig will collaborate with our CEO, Dmitry Volkov, and the Executive Team to shape Group-IB’s long-term strategy, guide market positioning, and strengthen our global efforts to stop cybercriminals.
We look forward to working with Craig as we continue to build a safer digital environment for businesses and communities worldwide.
Read More
#Cybersecurity #DigitalSafety #CyberThreats #FightAgainstCybercrime
🔥33👍15🤯4❤1👎1🤡1🤣1
What if the next ransomware attack isn't just about encryption?
The DragonForce ransomware group is reshaping the threat landscape with customized attacks, dual extortion tactics, and tools for affiliates to wreak havoc.
Dive into our latest research as Group-IB’s experts reveal the inside story of DragonForce's evolution and its relentless pursuit of critical industries worldwide.
🔗 Read the full blog to stay ahead.
#cybersecurity #ransomware #InfoSec #DataProtection #CyberThreats #FightAgainstCybercrime
The DragonForce ransomware group is reshaping the threat landscape with customized attacks, dual extortion tactics, and tools for affiliates to wreak havoc.
Dive into our latest research as Group-IB’s experts reveal the inside story of DragonForce's evolution and its relentless pursuit of critical industries worldwide.
🔗 Read the full blog to stay ahead.
#cybersecurity #ransomware #InfoSec #DataProtection #CyberThreats #FightAgainstCybercrime
🔥9👍2
AVO bank, a new digital bank in Uzbekistan, faced rising cyber threats as its digital services grew rapidly. With over 1 million app downloads in just 3 months, the bank needed a strong cybersecurity strategy to protect customers’ data.
By partnering with Group-IB and leveraging solutions like Threat Intelligence and MXDR, AVO bank strengthened its security posture and now provides multi-layered protection for its customers.
Interested in finding out the details?
Read the full case study here.
#Cybersecurity #DigitalBanking
By partnering with Group-IB and leveraging solutions like Threat Intelligence and MXDR, AVO bank strengthened its security posture and now provides multi-layered protection for its customers.
Interested in finding out the details?
Read the full case study here.
#Cybersecurity #DigitalBanking
🔥19
🚨 Strengthening Brunei’s cybersecurity!
Group-IB and ITPSS are officially teaming up to protect the nation's digital future!
From cyber threat intelligence to rapid incident response, our partnership is set to enhance Brunei’s defenses and safeguard critical infrastructure, businesses, and citizens. Together, we’re paving the way for a smarter, safer digital landscape aligned with Brunei’s Vision 2035. 🌐
Read more.
#GroupIB #ITPSS #CyberSecurityBrunei #DigitalDefense #CySec2024 #Vision2035 #CyberResilience #StrongerTogether
Group-IB and ITPSS are officially teaming up to protect the nation's digital future!
From cyber threat intelligence to rapid incident response, our partnership is set to enhance Brunei’s defenses and safeguard critical infrastructure, businesses, and citizens. Together, we’re paving the way for a smarter, safer digital landscape aligned with Brunei’s Vision 2035. 🌐
Read more.
#GroupIB #ITPSS #CyberSecurityBrunei #DigitalDefense #CySec2024 #Vision2035 #CyberResilience #StrongerTogether
👍11
🚨 Pig Butchering Scam Alert 🚨
Fake trading apps are targeting iOS and Android users worldwide, posing a serious threat to your finances! 💰
Discover how cybercriminals are luring victims with promises of easy money, only to steal it all through fraudulent investment platforms. Group-IB experts have uncovered the latest tactics used in this large-scale scam. Protect yourself today!
🔗 Read the full report and stay safe.
#CyberSecurity #PigButchering #ScamAlert #FraudProtection #GroupIB #FinTechScam
Fake trading apps are targeting iOS and Android users worldwide, posing a serious threat to your finances! 💰
Discover how cybercriminals are luring victims with promises of easy money, only to steal it all through fraudulent investment platforms. Group-IB experts have uncovered the latest tactics used in this large-scale scam. Protect yourself today!
🔗 Read the full report and stay safe.
#CyberSecurity #PigButchering #ScamAlert #FraudProtection #GroupIB #FinTechScam
🔥9👍3
We are delighted to have contributed to INTERPOL's "Operation Contender 2.0." which led to the arrest of two individuals by the Nigerian Police Force for their role in a romance scam that resulted in significant financial losses for a victim in Finland.
As an INTERPOL Gateway Partner, Group-IB provided vital intelligence that helped law enforcement pinpoint and apprehend these cybercriminals. Our ongoing support for Operation Contender 2.0 reflects our commitment to combating digital crime and protecting victims worldwide.
Read More
#INTERPOL #OperationContender #Cybercrime #DigitalCrime #Cybersecurity #LawEnforcement #VictimsRights #FightAgainstCybercrime
As an INTERPOL Gateway Partner, Group-IB provided vital intelligence that helped law enforcement pinpoint and apprehend these cybercriminals. Our ongoing support for Operation Contender 2.0 reflects our commitment to combating digital crime and protecting victims worldwide.
Read More
#INTERPOL #OperationContender #Cybercrime #DigitalCrime #Cybersecurity #LawEnforcement #VictimsRights #FightAgainstCybercrime
🔥11👍2
Unveiling the Secrets of USB Forensics 🔍
Ever wondered how USB artifacts can reveal crucial insights into file tampering and user activities?
Our latest blog explores how different operating systems and file systems affect the creation of these vital data traces. Learn how Windows, macOS, and Linux handle file access differently, and discover key findings on temporary files, NTFS logs, and hidden macOS databases.
Explore the full analysis now
#USBForensics #Cybersecurity #DFIR #IncidentResponse #FileSystemAnalysis #FightAgainstCybercrime
Ever wondered how USB artifacts can reveal crucial insights into file tampering and user activities?
Our latest blog explores how different operating systems and file systems affect the creation of these vital data traces. Learn how Windows, macOS, and Linux handle file access differently, and discover key findings on temporary files, NTFS logs, and hidden macOS databases.
Explore the full analysis now
#USBForensics #Cybersecurity #DFIR #IncidentResponse #FileSystemAnalysis #FightAgainstCybercrime
🔥8👍4
New and potent cyber threats are jolting Asia’s digital banking scene, and conventional anti-fraud systems fail to keep up.
As the payment value chain faces constant threats, compliance and ethical expectations from brands continue to rise.
🤔 This also raises critical questions they can no longer avoid: How can fraud be stopped in real-time, and who is ultimately responsible when it happens?
Conventional anti-fraud and transaction monitoring aren’t enough — analyzing devices, telemetry signals, and risk behaviors is essential for detecting early signs of abuse and stopping fraud before it escalates.
Learn how Group-IB Fraud Protection and anti-fraud experts are helping banks gather crucial real-time insights, strengthen protection, prevent new fraud vectors, and bring significant savings.
The blog is now out
#CyberSecurity #DigitalBanking #FraudPrevention #PaymentSecurity #FraudDetection #AsiaTech #FightAgainstCybercrime
As the payment value chain faces constant threats, compliance and ethical expectations from brands continue to rise.
🤔 This also raises critical questions they can no longer avoid: How can fraud be stopped in real-time, and who is ultimately responsible when it happens?
Conventional anti-fraud and transaction monitoring aren’t enough — analyzing devices, telemetry signals, and risk behaviors is essential for detecting early signs of abuse and stopping fraud before it escalates.
Learn how Group-IB Fraud Protection and anti-fraud experts are helping banks gather crucial real-time insights, strengthen protection, prevent new fraud vectors, and bring significant savings.
The blog is now out
#CyberSecurity #DigitalBanking #FraudPrevention #PaymentSecurity #FraudDetection #AsiaTech #FightAgainstCybercrime
🔥7👍1
We infiltrated the notorious Cicada3301 Ransomware-as-a-Service (RaaS) group, and in our latest blog, we take a closer look into their platform and operations. Since its discovery in June 2024, the Cicada3301 ransomware-as-a-service (RaaS) group has targeted various critical sectors, publishing stolen data from 30 companies on leak sites between June and October 2024.
Discover how their advanced multi-platform ransomware, written in Rust, exploits vulnerabilities in Windows, Linux, ESXi, and even PowerPC architectures. Learn about their affiliate model, aggressive tactics, and the complex encryption techniques that make them a formidable threat.
👉 Read more to uncover the inner workings of Cicada3301 and how to stay ahead in the fight against ransomware
#Cybersecurity #Ransomware #Cicada3301 #ThreatIntelligence #FightAgainstCybercrime
Discover how their advanced multi-platform ransomware, written in Rust, exploits vulnerabilities in Windows, Linux, ESXi, and even PowerPC architectures. Learn about their affiliate model, aggressive tactics, and the complex encryption techniques that make them a formidable threat.
👉 Read more to uncover the inner workings of Cicada3301 and how to stay ahead in the fight against ransomware
#Cybersecurity #Ransomware #Cicada3301 #ThreatIntelligence #FightAgainstCybercrime
🔥16❤3
🚨 Beware of firewood scams on social media!
Group-IB has exposed a long-running scheme operated by Les brouteurs, a notorious group of scammers from West Africa targeting consumers in France with fake firewood sales on social media.
These fraudsters use falsified business credentials and sophisticated tactics to deceive even the most cautious buyers. Discover how Les brouteurs execute their scams and how you can safeguard yourself and your business from falling victim to these digital threats.
🔗 Uncover the full story here.
Group-IB has exposed a long-running scheme operated by Les brouteurs, a notorious group of scammers from West Africa targeting consumers in France with fake firewood sales on social media.
These fraudsters use falsified business credentials and sophisticated tactics to deceive even the most cautious buyers. Discover how Les brouteurs execute their scams and how you can safeguard yourself and your business from falling victim to these digital threats.
🔗 Uncover the full story here.
🔥6👍2
Taking your iGaming business to new chartered territories? 🌍
Managing multiple brands and navigating regulations across jurisdictions is a massive undertaking that comes with it.
And while cybersecurity is critical, you must ensure you’re protected from all angles—technical architecture, legislative volatility, and fraud protection.
So, can one solution handle it all, or do you need multiple?
Scrap your one-size-fits-all approach and tailor security with Group-IB Fraud Protection, the most complete fraud solution on the market.
Its single, user-friendly interface helps you combat the challenges associated with expansion and ongoing fraud risks, such as bonus abuse, multi-accounting, affiliation fraud, payment fraud, and more.
Create a secure gambling environment for your global players now
#cybersecurity #OnlineGaming #DigitalSecurity #Compliance #iGaming #FraudProtection #FightAgaisntCybercrime
Managing multiple brands and navigating regulations across jurisdictions is a massive undertaking that comes with it.
And while cybersecurity is critical, you must ensure you’re protected from all angles—technical architecture, legislative volatility, and fraud protection.
So, can one solution handle it all, or do you need multiple?
Scrap your one-size-fits-all approach and tailor security with Group-IB Fraud Protection, the most complete fraud solution on the market.
Its single, user-friendly interface helps you combat the challenges associated with expansion and ongoing fraud risks, such as bonus abuse, multi-accounting, affiliation fraud, payment fraud, and more.
Create a secure gambling environment for your global players now
#cybersecurity #OnlineGaming #DigitalSecurity #Compliance #iGaming #FraudProtection #FightAgaisntCybercrime
👍4🔥3❤1