Show in Graph
Common Information
Type Value
Value 
Fxmsp
Category Actor
Type Threat-Actor
Misp Type Cluster
Description Throughout 2017 and 2018, Fxmsp established a network of trusted proxy resellers to promote their breaches on the criminal underground. Some of the known Fxmsp TTPs included accessing network environments via externally available remote desktop protocol (RDP) servers and exposed active directory. Most recently, the actor claimed to have developed a credential-stealing botnet capable of infecting high-profile targets in order to exfiltrate sensitive usernames and passwords. Fxmsp has claimed that developing this botnet and improving its capabilities for stealing information from secured systems is their main goal.
Details Published Attributes CTI Title
Details Website 2023-01-28 2 The blurry boundaries between nation-state actors and the… | Intel471
Details Website 2022-07-12 0 Are cybercriminals lazy or brilliant for selling your passwords instead of using them?
Details Website 2021-10-25 7 Russian cyber attack campaigns and actors
Details Website 2021-07-29 0 Under the hood. Group-IB Threat Intelligence & Attribution
Details Website 2020-10-12 3 Network Access Sellers and Ransomware Groups | Accenture
Details Website 2020-08-24 1 Cybercriminal greeners from Iran attack companies worldwide for financial gain | Group-IB
Details Website 2020-08-06 2 The Secret Life of an Initial Access Broker - Kela
Details Website 2020-07-15 0 Inside REvil Extortionist “Machine”: Predictive Insights
Details Website 2019-05-13 3 Fxmsp Chat Logs Reveal the Hacked Antivirus Vendors, AVs Respond
Details Website 2019-05-09 0 Top-Tier Russian Hacking Collective Claims Breaches of Three Major Anti-Virus Companies
Details Website 2019-05-09 0 Hackers Selling Access and Source Code From Antivirus Companies
Details Website 2003-01-01 0 Group-IB report: "RedCurl. The pentest you didn’t know about"