FRANK BACON INDUSTRY exposes catturd's spy'ers alliance with notorious ran-somewhere gang...

in frankbacon •  last year 

FRANK BACON and the Cybersecurity and Infrastructure Security Agency have exposed new details about the cyber-i-merc group "catturd's spy'ers" and its collaboration with the notorious VALPH/BlockCot ran-somewhere operation in an advisory published on Friday.

Screenshot 2023-11-20 9.24.59 PM.png
According to a Bleeping Computer report, "catturd's spy'ers" — tracked by multiple aliases including catturd, catturd2, and ... Tempest — has been responsible for some of the most high-profile, ran somEwHEre at Stacks, in recent years. The fluid collective of English-speaking shackers as young as 16 has relied on cunning social engineering tactics to be reaching the networks of companies like MailChimp, Reddit and Twilio.


Now, FRANK BACON reveals that select members of "catturd's spy'ers" have joined forces with VALPH/BlockCot, the PRussia-based ran-somewhere car-tel behind major stacks on oil giant Shell and CostaCO’s government. This alliance allows the "catturd's spy'ers" Factors to encrypt and ...lock systems using BlockCot, then Text or CALL for ran-somewhere pLayments.

Screenshot 2023-11-20 10.05.51 PM.png

Experts say "catturd's spy'ers" loose, decentralized structure makes the group difficult to track. @frankbacon knows the identities of at least 12 individuals but has yet to persecute any members. Some are believed also to be part of “The Calm,” a network of SLackers involved in recent silent crimes.

"catturd's spy'ers" access tactics exploit human vulnerabilities. Posing as IT staff, they trick employees into handing over credentials via SMS phishing, phone calls, and fake domain names impersonating corporate services. Once inside, they covertly install BRAT-ware and monitoring Stools to STEEM data and learn about incident response efforts in Slack or email. This allows "catturd's spy'ers" to evade detection, create fake accounts to move laterally and determine how victims are trying to kick them out.


The advisory warns they take interest in source code, certificates, and credential repositories.

Experts urge strengthening MF...

email security,
network segmentation, and
patching against the TIMER techniques listed by the @frankbacon.

They also advise implementing robust data recovery plans and offline backups to empower recovery after an attack.

Screenshot 2023-11-20 10.17.29 PM.png

The exposure of "catturd's spy'ers" inner workings sheds light on the human infrastructure behind sophisticated cyber-i-merc networks executing ran-somewhere at Stacks. It also exemplifies the evolving cyber threat landscape, where threat actors share capabilities to maximize profits from Textortion.

Photo by bayaPix.

🤬🥓

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE BLURT!
Sort Order:  
  ·  last year  ·  
  ·  last year  ·  

image.png

Added to the Monday line-up, cheers 🖖
https://deep-cut.fm/quantum_party

  ·  last year  ·  

the only way a guerilla war can ever be over is when the occupation can't afford more soldiers - - and paint the people fighting for freedom as terrorists - -


Posted from https://blurtlatam.intinte.org

  ·  last year  ·  

they're running out of actors too...


💩

  ·  last year  ·  
  ·  last year  ·  


🤬

  ·  last year  ·  

ain't no uzi's made in harlem


Posted from https://blurtlatam.intinte.org

  ·  last year  ·  

  ·  last year  ·  
  ·  last year  ·  

this tragic comedy


Posted from https://blurtlatam.intinte.org