APT Dark Pink is back with 5 new victims. The group has continued to attack government, military, and non-profit organizations in the Asia-Pacific expanding its operations to Thailand and Brunei. Another victim, an educational sector organization, has also been identified in Belgium. In line with Group-IB’s zero tolerance policy to cybercrime, we sent proactive warnings to all confirmed and potential victims.
It is important to emphasize that Dark Pink has carried out at least two attacks since the beginning of 2023. The most recent attack known to Group-IB started in April, with the latest files being detected in May. Dark Pink keeps updating their tools. For example, the group’s custom KamiKakaBot module, designed to read and execute commands from the threat actors via Telegram, is now divided into two distinct parts — one that controls the device and the other that steals sensitive data.
In a fresh blog post the Group-IB team analyzes the latest updates in Dark Pink’s toolset, evolution of the group’s exfiltration methods, and modifications of their kill chain. The blog dives deep into the latest TTPs of Dark Pink, observed during the group’s latest attacks. Read now👈
#APT #DarkPink
It is important to emphasize that Dark Pink has carried out at least two attacks since the beginning of 2023. The most recent attack known to Group-IB started in April, with the latest files being detected in May. Dark Pink keeps updating their tools. For example, the group’s custom KamiKakaBot module, designed to read and execute commands from the threat actors via Telegram, is now divided into two distinct parts — one that controls the device and the other that steals sensitive data.
In a fresh blog post the Group-IB team analyzes the latest updates in Dark Pink’s toolset, evolution of the group’s exfiltration methods, and modifications of their kill chain. The blog dives deep into the latest TTPs of Dark Pink, observed during the group’s latest attacks. Read now👈
#APT #DarkPink
❤7👍4🔥4
✉️ PostalFurious has extended its operations to the Middle East.
Group-IB has attributed a recent wave of scams impersonating public bodies in the Middle East region to a Chinese-speaking phishing gang, codenamed PostalFurious. The threat actor, documented for the first time by Group-IB in April 2023, has been targeting users in the Asia-Pacific by impersonating postal brands and toll operators. Now, Group-IB can confirm that the group has extended its operations to the Middle East.
The scammers’ goal is to compromise users’ payment data, and do this by impersonating a Middle Eastern postal service and toll operator. For example, in the fake toll payment scheme, victims receive fake messages asking them to urgently pay a vehicle trip fee to avoid additional fines. The text messages contain a shortened URL to obscure the true phishing address. Once a user clicks on the link, they are redirected to a fake branded payment page.
Want to learn more about the PostalFurious schemes and get recommendations on how to avoid falling victim? Head over to our website👈
#phishing #PostalFurious
Group-IB has attributed a recent wave of scams impersonating public bodies in the Middle East region to a Chinese-speaking phishing gang, codenamed PostalFurious. The threat actor, documented for the first time by Group-IB in April 2023, has been targeting users in the Asia-Pacific by impersonating postal brands and toll operators. Now, Group-IB can confirm that the group has extended its operations to the Middle East.
The scammers’ goal is to compromise users’ payment data, and do this by impersonating a Middle Eastern postal service and toll operator. For example, in the fake toll payment scheme, victims receive fake messages asking them to urgently pay a vehicle trip fee to avoid additional fines. The text messages contain a shortened URL to obscure the true phishing address. Once a user clicks on the link, they are redirected to a fake branded payment page.
Want to learn more about the PostalFurious schemes and get recommendations on how to avoid falling victim? Head over to our website👈
#phishing #PostalFurious
🔥7👏1😱1
🤝 Group-IB is pleased to announce that it has concluded a partnership agreement with the Italian division of Ingram Micro, the world’s leading wholesale distributor of technology products and services.
This agreement further strengthens the long-standing relationship between Group-IB and Ingram Micro’s cybersecurity business unit. Prior to this new partnership covering Italy, Ingram Micro already served as an official Group-IB distributor in Poland, France, India, Indonesia, and several other major markets.
As partners, Ingram Micro will be able to offer its wide network of resellers in Italy access to the full Group-IB stack, including Threat Intelligence, Managed XDR, and Attack Surface Management, while also enhancing the local capabilities of these cybersecurity solutions for the Italian market. More details👈
#cybersecurity #partnership
This agreement further strengthens the long-standing relationship between Group-IB and Ingram Micro’s cybersecurity business unit. Prior to this new partnership covering Italy, Ingram Micro already served as an official Group-IB distributor in Poland, France, India, Indonesia, and several other major markets.
As partners, Ingram Micro will be able to offer its wide network of resellers in Italy access to the full Group-IB stack, including Threat Intelligence, Managed XDR, and Attack Surface Management, while also enhancing the local capabilities of these cybersecurity solutions for the Italian market. More details👈
#cybersecurity #partnership
🔥7❤3👍1👏1
🤝 Group-IB has joined forces with the Defence Technology Institute (DTI) to enhance cyber defence in Thailand. In a MOU Signing Ceremony held on 26 May 2023 at the Office of the Permanent Secretary for Defence in Bangkok, both parties affirmed their commitment to strengthen defense cooperation through research and educational initiatives in the field of cyber investigations and incident response.
Together with the DTI Cyber Academy Program, Group-IB’s cyber education unit will develop a variety of training programs, where DTI personnel will be able to uplift their skills using Group-IB’s battle-tested technologies for fighting against cybercrime in line with Group-IB’s mission.
More details👈
#partnership #cybersecurity
Together with the DTI Cyber Academy Program, Group-IB’s cyber education unit will develop a variety of training programs, where DTI personnel will be able to uplift their skills using Group-IB’s battle-tested technologies for fighting against cybercrime in line with Group-IB’s mission.
More details👈
#partnership #cybersecurity
🔥11👍3
Since 2003, Group-IB has responded to more than 1,300 incidents of all complexities, racking up more than 70,000 hours of hands-on IR experience. Group-IB’s DFIR team of highly-qualified specialists conducts more than 200 engagements annually, and the company’s experts have assisted organizations in multiple key verticals, including banking, manufacturing, energy, and government, to respond to ransomware attacks, APT breaches, and many other threats.
This is the third time in a row that Group-IB has been recognized by Gartner in their Market Guide for Digital Forensics and Incident Response Services. Way to go!
More details👈
#Gartner #FightAgainstCybercrime
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥12👍5❤4
Back in December 2022, Group-IB investigators documented the scope and scale of the well-organized illicit business of CryptosLabs. The scam syndicate targeted French-speaking individuals in France, Belgium, and Luxembourg by mimicking well-known banks, fin-techs, asset management firms, and crypto platforms for years.
In a new blog post, Group-IB’s investigators reveal previously unknown details about CryptosLabs scam ring such as the early stages of the syndicate, the scammer’s side of the scheme, a detailed analysis of their major weapon, and demonstrate how to mitigate the impact caused by the scheme. Read👈
#CryptosLabs #investment #scam
In a new blog post, Group-IB’s investigators reveal previously unknown details about CryptosLabs scam ring such as the early stages of the syndicate, the scammer’s side of the scheme, a detailed analysis of their major weapon, and demonstrate how to mitigate the impact caused by the scheme. Read👈
#CryptosLabs #investment #scam
👍6
More and more employees are using ChatGPT to optimize their work. By default, ChatGPT stores the history of user queries and AI responses. Consequently, unauthorized access to ChatGPT accounts may expose confidential or sensitive information, which can be exploited for targeted attacks against companies and their employees.
According to Group-IB’s latest findings, ChatGPT accounts have already gained significant popularity within underground communities. We have identified 101,134 stealer-infected devices with saved ChatGPT credentials between June 2022 and May 2023. The Asia-Pacific region has experienced the highest concentration of ChatGPT credentials being offered for sale over the past year.
Curious to learn more? Head over to our website👈
#ChatGPT #cyberthreats
According to Group-IB’s latest findings, ChatGPT accounts have already gained significant popularity within underground communities. We have identified 101,134 stealer-infected devices with saved ChatGPT credentials between June 2022 and May 2023. The Asia-Pacific region has experienced the highest concentration of ChatGPT credentials being offered for sale over the past year.
Curious to learn more? Head over to our website👈
#ChatGPT #cyberthreats
👍10🔥5❤2
🤝 Group-IB is pleased to announce the signing of a distribution agreement with Tech First Gulf, a leading value-added distributor in the Middle East and Africa region. The partnership, signed in May 2023, will see Tech First Gulf promote Group-IB’s full stack of sector-leading cybersecurity solutions to its wide network of valued vendors and resellers in the Middle East and western, eastern, and central Africa, creating pathways for the localized delivery of Group-IB products and services.
More details👈
#partnership #cybersecurity
More details👈
#partnership #cybersecurity
🔥9👍5
Learn how to stop cyberattacks, prioritize incidents, and mitigate the damage: join the "Incident Responder" training course by Group-IB. Our experts will provide incident responders with the knowledge and tools they need to rapidly and effectively respond to various security incidents. Don’t miss your chance to register👈
#education #IncidentResponder
#education #IncidentResponder
👍7🔥2
🤝 Group-IB has assisted in the INTERPOL-led Operation Nervone, aimed at successfully disrupting the operations of the cybercriminal syndicate OPERA1ER in French-speaking Africa.
Group-IB’s Threat Intelligence and High-Tech Crime Investigations units, which have tracked OPERA1ER for more than four years alongside Orange-CERT-CC, provided timely intelligence that uncovered the identity and potential location of a key member of the cybercriminal group, who was subsequently detained in Abidjan, Côte d'Ivoire.
The group managed to carry out more than 30 successful attacks against financial institutions, banks, mobile banking services, and telecommunications companies in Côte d'Ivoire, Mali, Burkina Faso, Benin, Cameroon, Bangladesh, Gabon, Niger, Nigeria, Paraguay, Senegal, Sierra Leone, Uganda, Togo, and Argentina between March 2018 and October 2022.
Want to learn more? Head over to our website👈
#INTERPOL #FightAgainstCybercrime
Group-IB’s Threat Intelligence and High-Tech Crime Investigations units, which have tracked OPERA1ER for more than four years alongside Orange-CERT-CC, provided timely intelligence that uncovered the identity and potential location of a key member of the cybercriminal group, who was subsequently detained in Abidjan, Côte d'Ivoire.
The group managed to carry out more than 30 successful attacks against financial institutions, banks, mobile banking services, and telecommunications companies in Côte d'Ivoire, Mali, Burkina Faso, Benin, Cameroon, Bangladesh, Gabon, Niger, Nigeria, Paraguay, Senegal, Sierra Leone, Uganda, Togo, and Argentina between March 2018 and October 2022.
Want to learn more? Head over to our website👈
#INTERPOL #FightAgainstCybercrime
🔥18👍4❤2👎2
Businesses tend to rely on various cloud-based services such as CRM systems, email services, corporate messengers, or wiki platforms. While these services offer operational efficiency, they can also introduce potential vectors through which threat actors can exploit vulnerabilities in a company's infrastructure. To prevent this from happening, organizations need to defend their network from unwarranted intrusion by attackers.
So how can companies protect their data while using SaaS solutions? In our new blog post, we shed light on the common mistakes users and management make when configuring their public cloud environments. Read now👈
#cloud #cybersecurity
So how can companies protect their data while using SaaS solutions? In our new blog post, we shed light on the common mistakes users and management make when configuring their public cloud environments. Read now👈
#cloud #cybersecurity
👍6
▪️Group-IB detected a 304% increase in the number of scam resources that utilized the name and likeness of legitimate brands in 2022 compared to the preceding year.
▪️ The number of scam pages created to impersonate a single brand across all verticals and regions rose, on average, by 162% year-on-year.
▪️ The number of phishing websites increased by 62% in 2022 compared to the previous year.
▪️ Globally, scammers’ interest in the financial sector skyrocketed dramatically, as the average number of scam resources created per financial brand increased year-on-year by 186% in 2022.
Download the Digital Risk Trends 2023 report to learn about the threat landscape, get full statistics on phishing and scam across different regions and industries and learn how to mitigate the risks for your brand.
#report #DigitalRiskTrends2023
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥13👍5
Group-IB has been named a Representative Vendor in the Gartner 2023 Market Guide for Security Threat Intelligence Products and Services.
Group-IB’s Threat Intelligence is at the core of all of the company’s products and services consolidated under the Unified Risk Platform – an ecosystem of solutions that understands each organization’s threat profile and tailors defenses against them in real-time from a single interface. To have the most comprehensive understanding of cyber risks, Group-IB collects the industry’s broadest range of intelligence, with 60 types of sources across 15 categories. In 2022 alone, Group-IB Threat Intelligence detected over 260,000,000 compromised accounts, 65M+ stolen payment cards on sale in the dark web, more than 1,700 leaked databases, and analyzed over 54,000,000 messages from underground forums.
Group-IB has now been recognized in the Gartner Market Guide for Security Threat Intelligence Products and Services for the seventh time. Way to go!⚫️
#Gartner #cybersecurity
Group-IB’s Threat Intelligence is at the core of all of the company’s products and services consolidated under the Unified Risk Platform – an ecosystem of solutions that understands each organization’s threat profile and tailors defenses against them in real-time from a single interface. To have the most comprehensive understanding of cyber risks, Group-IB collects the industry’s broadest range of intelligence, with 60 types of sources across 15 categories. In 2022 alone, Group-IB Threat Intelligence detected over 260,000,000 compromised accounts, 65M+ stolen payment cards on sale in the dark web, more than 1,700 leaked databases, and analyzed over 54,000,000 messages from underground forums.
Group-IB has now been recognized in the Gartner Market Guide for Security Threat Intelligence Products and Services for the seventh time. Way to go!
#Gartner #cybersecurity
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥12