BLOG

AdvIntel's Threat Reporting Blog

Blog offers insight into the botnet & breaches & its unique workings. Our investigators and reverse engineers share AdvIntel's most illuminating findings on subjects such as ransomware, political meddling, high-profile financial fraud & APT threats.

Economic Growth, Digital Inclusion, & Specialized Crime: Financial Cyber Fraud in LATAM

Feb 22, 2021
22 min

Cybercrime

Economic Growth, Digital Inclusion, & Specialized Crime: Financial Cyber Fraud in LATAM

By Beatriz Pimenta Klein This Research is the first part of the AdvIntel LATAM Series. To see other blogs within this series please...

Crime Laundering Primer: Inside Ryuk Crime (Crypto) Ledger & Risky Asian Crypto Traders

Jan 7, 2021
5 min

Cybercrime

Crime Laundering Primer: Inside Ryuk Crime (Crypto) Ledger & Risky Asian Crypto Traders

By Vitali Kremez and Brian Carter We are releasing the report today with the redacted version in research collaboration with the...

Anatomy of Attack: Inside BazarBackdoor to Ryuk Ransomware "one" Group via Cobalt Strike

Nov 6, 2020
4 min

Cybercrime

Anatomy of Attack: Inside BazarBackdoor to Ryuk Ransomware "one" Group via Cobalt Strike

By Vitali Kremez An intimate look at the Ryuk "one" adversaries During one routine AdvIntel incident response engagement and enhanced...

Fraud Evolution: Synthetic Identities, COVID-Times Carding & Physical Identity Obfuscation

Oct 29, 2020
6 min

Cybercrime

Fraud Evolution: Synthetic Identities, COVID-Times Carding & Physical Identity Obfuscation

By Riley Boos As anti-fraud technology continues to be developed and refined, threat actors are adapting their tactics, techniques, and...

Oct 12, 2020
7 min

Cybercrime

"Front Door" into BazarBackdoor: Stealthy Cybercrime Weapon

By Roman Marshanski & Vitali Kremez Key Points BazarBackdoor is the newer preferred stealthy covert malware leveraged for high-value...

With the U.S. Elections Fast Approaching, Fear Becomes a Vulnerability

Sep 28, 2020
11 min

DarkWeb

With the U.S. Elections Fast Approaching, Fear Becomes a Vulnerability

By: Daniel Frey, Yelisey Boguslavskiy, & Mikaela Buryj Key Takeaways On September 1, 2020, Russian media outlets reported that US voter...

Inside REvil Extortionist “Machine”: Predictive Insights

Jul 15, 2020
14 min

Cybercrime

Inside REvil Extortionist “Machine”: Predictive Insights

Takeaways Cybercrime groups often operate on traditional crime group behavioral patterns. REvil main collective group patterns are:...

TrickBot Group Launches Test Module Alerting on Fraud Activity

Jul 11, 2020
2 min

Cybercrime

TrickBot Group Launches Test Module Alerting on Fraud Activity

Executive Summary On July 10, 2020, according to Advanced Intelligence's Vitali Kremez, it was revealed that sandboxed TrickBot banking...

Dec 9, 2019
22 min

DarkWeb

DarkWeb Politics. Cybercrime & Meddling Threat Landscape

With the upcoming 2020 elections and increasingly heated political discussion, the threat of social media manipulation and election...

Digital "Pharmacusa" II: The “GandCrab” Phenomenon

Oct 29, 2019
9 min

Ransomware

Digital "Pharmacusa" II: The “GandCrab” Phenomenon

In the 1st century BC, a small island of Pharmacusa (Farmakonisi) became a scene of one of the most infamous ransom extortions in...

Card Enrollment Services: Highly Effective Fraud Methodology Offered in Russian Underground

Jul 1, 2019
5 min

Cybercrime

Card Enrollment Services: Highly Effective Fraud Methodology Offered in Russian Underground

Card "enrollment" is a type of carding operation in which cybercriminals register stolen cards (primary enroll) into online banking.

“Achilles”, Hacker Behind Attacks on Military Shipbuilders, UNICEF & International Corporations

Jun 6, 2019
5 min

Cybercrime

“Achilles”, Hacker Behind Attacks on Military Shipbuilders, UNICEF & International Corporations

Executive Summary Background: “Achilles” is an English-speaking threat actor primarily operating on various English-language underground...

Skimming Threat Landscape: Technology Advances Lower Barriers of Entry for Novice Skimming Operators

May 23, 2019
5 min

Cybercrime

Skimming Threat Landscape: Technology Advances Lower Barriers of Entry for Novice Skimming Operators

Skimmers are microelectronic spying devices which are planted into automated teller machine (ATM) and/or point of sale (PoS) terminals to st

May 13, 2019
2 min

Cybercrime

Ethics, Humanity, Intelligence Tradecraft: Responsible Disclosure of High-Profile Event

Security and intelligence are about human beings: not everything should remain a paid-fee; the public has a right to know.

Top-Tier Russian Hacking Collective Claims Breaches of Three Major Anti-Virus Companies

May 9, 2019
3 min

Cybercrime

Top-Tier Russian Hacking Collective Claims Breaches of Three Major Anti-Virus Companies

"Fxmsp" is a high-profile Russian- and English-speaking hacking collective. They specialize in breaching highly secure protected networks to

BLOG

Economic Growth, Digital Inclusion, & Specialized Crime: Financial Cyber Fraud in LATAM

Crime Laundering Primer: Inside Ryuk Crime (Crypto) Ledger & Risky Asian Crypto Traders

Anatomy of Attack: Inside BazarBackdoor to Ryuk Ransomware "one" Group via Cobalt Strike

Fraud Evolution: Synthetic Identities, COVID-Times Carding & Physical Identity Obfuscation

"Front Door" into BazarBackdoor: Stealthy Cybercrime Weapon

With the U.S. Elections Fast Approaching, Fear Becomes a Vulnerability

Inside REvil Extortionist “Machine”: Predictive Insights

TrickBot Group Launches Test Module Alerting on Fraud Activity

DarkWeb Politics. Cybercrime & Meddling Threat Landscape

Digital "Pharmacusa" II: The “GandCrab” Phenomenon

Card Enrollment Services: Highly Effective Fraud Methodology Offered in Russian Underground

“Achilles”, Hacker Behind Attacks on Military Shipbuilders, UNICEF & International Corporations

Skimming Threat Landscape: Technology Advances Lower Barriers of Entry for Novice Skimming Operators

Ethics, Humanity, Intelligence Tradecraft: Responsible Disclosure of High-Profile Event

Top-Tier Russian Hacking Collective Claims Breaches of Three Major Anti-Virus Companies

GET IN TOUCH