How Do You Run A Cybercrime Gang?
Tags
| country: | Belarus North Korea Germany Gabon Israel Latvia Malta Suriname Russia Ukraine |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Botnet - T1583.005 Botnet - T1584.005 Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | 1d45d81e-88b2-4f3b-bef5-d98862d0359a |
| Fingerprint | a53088fba9291781 |
| Analysis status | DONE |
| Considered CTI value | 1 |
| Text language | |
| Published | Sept. 4, 2021, 8:10 a.m. |
| Added to db | Feb. 10, 2023, 4:13 a.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | @BushidoToken Threat Intel |
| Title | How Do You Run A Cybercrime Gang? |
| Detected Hints/Tags/Attributes | 135/3/20 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.bushidotoken.net/2021/09/how-do-you-run-cybercrime-gang.html |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 24 | ✔ | @BushidoToken Threat Intel | https://blog.bushidotoken.net/feeds/posts/default?alt=rss | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 49 | home.treasury.gov |
|
| Details | Domain | 1373 | twitter.com |
|
| Details | Domain | 172 | www.crowdstrike.com |
|
| Details | Domain | 19 | securityboulevard.com |
|
| Details | Domain | 6 | www.cyjax.com |
|
| Details | File | 1 | fin7-pursuing-an-enigmatic-and-evasive-global-criminal-operation.html |
|
| Details | Threat Actor Identifier - FIN | 377 | FIN7 |
|
| Details | Threat Actor Identifier - FIN | 73 | FIN6 |
|
| Details | Url | 2 | https://www.justice.gov/opa/pr/three-members-notorious-international-cybercrime-group-fin7-custody-role-attacking-over-100 |
|
| Details | Url | 1 | https://www.justice.gov/opa/pr/latvian-national-charged-alleged-role-transnational-cybercrime-organization |
|
| Details | Url | 13 | https://home.treasury.gov/news/press-releases/sm845 |
|
| Details | Url | 1 | https://twitter.com/nca_uk/status/1202618928209498114 |
|
| Details | Url | 2 | https://www.crowdstrike.com/blog/carbon-spider-embraces-big-game-hunting-part-1 |
|
| Details | Url | 4 | https://www.crowdstrike.com/blog/wizard-spider-adversary-update |
|
| Details | Url | 2 | https://www.crowdstrike.com/blog/hades-ransomware-successor-to-indrik-spiders-wastedlocker |
|
| Details | Url | 1 | https://www.fireeye.com/blog/threat-research/2018/08/fin7-pursuing-an-enigmatic-and-evasive-global-criminal-operation.html |
|
| Details | Url | 4 | https://research.nccgroup.com/2020/06/23/wastedlocker-a-new-ransomware-variant-developed-by-the-evil-corp-group |
|
| Details | Url | 1 | https://securityboulevard.com/2020/07/hushpuppi-and-mr-woodbery-bec-scammers-welcome-to-chicago |
|
| Details | Url | 3 | https://www.bloomberg.com/news/articles/2021-05-20/cna-financial-paid-40-million-in-ransom-after-march-cyberattack |
|
| Details | Url | 1 | https://www.cyjax.com/2021/07/09/revilevolution |