“BazarCall” Advisory: Essential Guide to Attack Vector that Revolutionized Data Breaches
“BazarCall” style attack, or call back phishing, is an attack vector that utilizes targeted phishing methodology and that first emerged...
BLOG
AdvIntel's Threat Reporting Blog
Blog offers insight into the botnet & breaches & its unique workings. Our investigators and reverse engineers share AdvIntel's most illuminating findings on subjects such as ransomware, political meddling, high-profile financial fraud & APT threats.
Search
- Feb 22, 2021
- 22 min
Economic Growth, Digital Inclusion, & Specialized Crime: Financial Cyber Fraud in LATAM
By Beatriz Pimenta Klein This Research is the first part of the AdvIntel LATAM Series. To see other blogs within this series please...
- Jan 7, 2021
- 5 min
Crime Laundering Primer: Inside Ryuk Crime (Crypto) Ledger & Risky Asian Crypto Traders
By Vitali Kremez and Brian Carter We are releasing the report today with the redacted version in research collaboration with the...
- Nov 6, 2020
- 4 min
Anatomy of Attack: Inside BazarBackdoor to Ryuk Ransomware "one" Group via Cobalt Strike
By Vitali Kremez An intimate look at the Ryuk "one" adversaries During one routine AdvIntel incident response engagement and enhanced...
- Oct 29, 2020
- 6 min
Fraud Evolution: Synthetic Identities, COVID-Times Carding & Physical Identity Obfuscation
By Riley Boos As anti-fraud technology continues to be developed and refined, threat actors are adapting their tactics, techniques, and...
- Oct 12, 2020
- 7 min
"Front Door" into BazarBackdoor: Stealthy Cybercrime Weapon
By Roman Marshanski & Vitali Kremez Key Points BazarBackdoor is the newer preferred stealthy covert malware leveraged for high-value...
- Sep 28, 2020
- 11 min
With the U.S. Elections Fast Approaching, Fear Becomes a Vulnerability
By: Daniel Frey, Yelisey Boguslavskiy, & Mikaela Buryj Key Takeaways On September 1, 2020, Russian media outlets reported that US voter...
- Jul 15, 2020
- 14 min
Inside REvil Extortionist “Machine”: Predictive Insights
Takeaways Cybercrime groups often operate on traditional crime group behavioral patterns. REvil main collective group patterns are:...
- Jul 11, 2020
- 2 min
TrickBot Group Launches Test Module Alerting on Fraud Activity
Executive Summary On July 10, 2020, according to Advanced Intelligence's Vitali Kremez, it was revealed that sandboxed TrickBot banking...
- Dec 9, 2019
- 22 min
DarkWeb Politics. Cybercrime & Meddling Threat Landscape
With the upcoming 2020 elections and increasingly heated political discussion, the threat of social media manipulation and election...
- Oct 29, 2019
- 9 min
Digital "Pharmacusa" II: The “GandCrab” Phenomenon
In the 1st century BC, a small island of Pharmacusa (Farmakonisi) became a scene of one of the most infamous ransom extortions in...
- Jul 1, 2019
- 5 min
Card Enrollment Services: Highly Effective Fraud Methodology Offered in Russian Underground
Card "enrollment" is a type of carding operation in which cybercriminals register stolen cards (primary enroll) into online banking.
- Jun 6, 2019
- 5 min
“Achilles”, Hacker Behind Attacks on Military Shipbuilders, UNICEF & International Corporations
Executive Summary Background: “Achilles” is an English-speaking threat actor primarily operating on various English-language underground...
- May 23, 2019
- 5 min
Skimming Threat Landscape: Technology Advances Lower Barriers of Entry for Novice Skimming Operators
Skimmers are microelectronic spying devices which are planted into automated teller machine (ATM) and/or point of sale (PoS) terminals to st
- May 13, 2019
- 2 min
Ethics, Humanity, Intelligence Tradecraft: Responsible Disclosure of High-Profile Event
Security and intelligence are about human beings: not everything should remain a paid-fee; the public has a right to know.
- May 9, 2019
- 3 min
Top-Tier Russian Hacking Collective Claims Breaches of Three Major Anti-Virus Companies
"Fxmsp" is a high-profile Russian- and English-speaking hacking collective. They specialize in breaching highly secure protected networks to