| Category | Details |
|---|---|
| Threat Actors | Dark Basin |
| Campaign Overview | Hack-for-hire group linked to BellTroX InfoTech Services Pvt Ltd; targeted advocacy groups, journalists, government officials, and industries globally. |
| Target Regions (Victims) | Multiple industries, advocacy groups, journalists, government officials (including U.S.), hedge funds, and campaigns like #ExxonKnew. |
| Methodology | Phishing campaigns, creating high-quality phishing sites, using subdomains and URL shorteners for targeting individuals and corporations. |
| Product Targeted | Email accounts, corporate and advocacy group information, and data tied to campaigns like net neutrality and environmental activism. |
| Malware Reference | Not specified in this text, primarily phishing-based. |
| Tools Used | High-quality phishing sites, URL shorteners, malicious emails, and well-designed subdomains. |
| Vulnerabilities Exploited | Social engineering via phishing emails, reliance on legitimate-looking email templates and landing pages. |
| TTPs | Phishing emails, fake landing pages, use of time-zone manipulation for operational consistency, exploiting trust in professional contexts. |
| Attribution | Linked to BellTroX InfoTech Services Pvt Ltd; evidence connects operations to its owner, Sumit Gupta. |
| Recommendations | Increase awareness about phishing campaigns, investigate and prosecute hacking clients, and enforce stricter regulations on hack-for-hire services. |
| Source | Redcanary |
Read full article: https://redcanary.com/news/dark-basin-hacking-group-targeted-thousands-in-hack-for-hire-scheme/
The above summary has been generated by an AI language model
Leave a Reply