• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Home
  • Contact Us

iHash

News and How to's

  • FreeCast Value Channels: 1-Yr Subscription for $39

    FreeCast Value Channels: 1-Yr Subscription for $39
  • Refurbished Apple iPad 4 (2012) WiFi Black / 16GB / Grade B for $71

    Refurbished Apple iPad 4 (2012) WiFi Black / 16GB / Grade B for $71
  • Apple iPad 7th Gen (2019) 128GB Space Gray (Wi-Fi Only) Bundle with Beats Flex Headphones (Refurbished) for $299

    Apple iPad 7th Gen (2019) 128GB Space Gray (Wi-Fi Only) Bundle with Beats Flex Headphones (Refurbished) for $299
  • Apple iPhone XS Max (A1921) 256GB – Space Gray (Grade A+ Refurbished: Wi-Fi + Unlocked) for $399

    Apple iPhone XS Max (A1921) 256GB – Space Gray (Grade A+ Refurbished: Wi-Fi + Unlocked)  for $399
  • Apple iPhone XS Max (A1921) 64GB – Silver (Grade A+ Refurbished: Wi-Fi + Unlocked) for $349

    Apple iPhone XS Max (A1921) 64GB – Silver (Grade A+ Refurbished: Wi-Fi + Unlocked)  for $349
  • News
    • Rumor
    • Design
    • Concept
    • WWDC
    • Security
    • BigData
  • Apps
    • Free Apps
    • OS X
    • iOS
    • iTunes
      • Music
      • Movie
      • Books
  • How to
    • OS X
      • OS X Mavericks
      • OS X Yosemite
      • Where Download OS X 10.9 Mavericks
    • iOS
      • iOS 7
      • iOS 8
      • iPhone Firmware
      • iPad Firmware
      • iPod touch
      • AppleTV Firmware
      • Where Download iOS 7 Beta
      • Jailbreak News
      • iOS 8 Beta/GM Download Links (mega links) and How to Upgrade
      • iPhone Recovery Mode
      • iPhone DFU Mode
      • How to Upgrade iOS 6 to iOS 7
      • How To Downgrade From iOS 7 Beta to iOS 6
    • Other
      • Disable Apple Remote Control
      • Pair Apple Remote Control
      • Unpair Apple Remote Control
  • Special Offers
  • Contact us

Conti Cybercrime Cartel Using ‘BazarCall’ Phishing Attacks as Initial Attack Vector

Aug 11, 2022 by iHash Leave a Comment

BazarCall Phishing Attacks

Three different offshoots of the notorious Conti cybercrime cartel have resorted to the technique of call-back phishing as an initial access vector to breach targeted networks.

“Three autonomous threat groups have since adopted and independently developed their own targeted phishing tactics derived from the call back phishing methodology,” cybersecurity firm AdvIntel said in a Wednesday report.

These targeted campaigns “substantially increased” attacks against entities in finance, technology, legal, and insurance sectors, the company added.

The actors in question include Silent Ransom, Quantum, and Roy/Zeon, all of which have split from Conti after the latter orchestrated its shutdown in May 2022 following its public support for Russia in the ongoing Russo-Ukrainian conflict.

CyberSecurity

The advanced social engineering tactic, also called BazaCall (aka BazarCall), came under the spotlight in 2020/2021 when it was put to use by operators of the Ryuk ransomware, which later rebranded to Conti.

It’s said to have received substantial operational improvements in May, around the same time the Conti team was busy coordinating an organization-wide restructuring while simulating the movements of an active group.

BazarCall Phishing Attacks

The phishing attack is also unique in that it forgoes malicious links or attachments in email messages in favor of phone numbers that recipients are tricked into calling by alerting them of an upcoming charge on their credit card for a premium subscription.

If a target recipient falls for the scheme and decides to call the phone number indicated in the email, a real person from a fraudulent call center set up by BazaCall’s operators attempts to convince the victim to grant the customer service person remote desktop control to help cancel the supposed subscription.

With access to the desktop, the threat actor stealthily takes steps to infiltrate the user’s network as well as establish persistence for follow-on activities such as data exfiltration.

“Call back phishing was the tactic that enabled a widespread shift in the approach to ransomware deployment,” AdvIntel said, adding the “attack vector is intrinsically embedded into the Conti organizational tradition.”

Silent Ransom, the first Conti subgroup to move away from the cybercrime gang in March 2022, has since been linked to data extortion attacks after gaining initial access through subscription expiry emails that claim to notify users of pending payment for Zoho Masterclass and Duolingo services.

“These attacks can be categorized as data breach ransom attacks, in which the main focus of the group is to gain access to sensitive documents and information, and demand payment to withhold publication of the stolen data,” Sygnia noted last month, describing the infection procedure.

CyberSecurity

The Israeli cybersecurity company is tracking the activities of Silent Ransom under the moniker Luna Moth.

BazarCall Phishing Attacks

Quantum and Roy/Zeon are the two other Conti spin-offs to follow the same approach starting June 2022. While Quantum has been implicated in the devastating ransomware attacks on the Costa Rican government networks in May, Roy/Zeon consists of members “responsible for the creation of Ryuk itself.”

“As threat actors have realized the potentialities of weaponized social engineering tactics, it is likely that these phishing operations will only continue to become more elaborate, detailed, and difficult to parse from legitimate communications as time goes on,” the researchers said.

The findings come as industrial cybersecurity company Dragos disclosed the number of ransomware attacks on industrial infrastructures decreased from 158 in the first quarter of 2022 to 125 in the second quarter, a drop it attributed with low confidence to Conti closing shop.

That’s not all. Blockchain analytics firm Elliptic revealed this week that the now-defunct Conti group has laundered over $53 million in crypto assets through RenBridge, a cross-chain bridge that allows virtual funds to be transferred between blockchains, between April 2021 and July 2022.

Source link

Share this:

  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn

Filed Under: Security Tagged With: attack, attacks, BazarCall, Cartel, computer security, Conti, cyber attacks, cyber news, cyber security news, cyber security news today, cyber security updates, cyber updates, cybercrime, data breach, hacker news, hacking news, how to hack, information security, Initial, network security, Phishing, ransomware malware, software vulnerability, the hacker news, Vector

Special Offers

  • FreeCast Value Channels: 1-Yr Subscription for $39

    FreeCast Value Channels: 1-Yr Subscription for $39
  • Refurbished Apple iPad 4 (2012) WiFi Black / 16GB / Grade B for $71

    Refurbished Apple iPad 4 (2012) WiFi Black / 16GB / Grade B for $71
  • Apple iPad 7th Gen (2019) 128GB Space Gray (Wi-Fi Only) Bundle with Beats Flex Headphones (Refurbished) for $299

    Apple iPad 7th Gen (2019) 128GB Space Gray (Wi-Fi Only) Bundle with Beats Flex Headphones (Refurbished) for $299
  • Apple iPhone XS Max (A1921) 256GB – Space Gray (Grade A+ Refurbished: Wi-Fi + Unlocked) for $399

    Apple iPhone XS Max (A1921) 256GB – Space Gray (Grade A+ Refurbished: Wi-Fi + Unlocked)  for $399
  • Apple iPhone XS Max (A1921) 64GB – Silver (Grade A+ Refurbished: Wi-Fi + Unlocked) for $349

    Apple iPhone XS Max (A1921) 64GB – Silver (Grade A+ Refurbished: Wi-Fi + Unlocked)  for $349

Reader Interactions

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

  • Facebook
  • GitHub
  • Instagram
  • Pinterest
  • Twitter
  • YouTube

More to See

Swift 5.9 Released

Sep 30, 2023 By iHash

FBI Warns of Rising Trend of Dual Ransomware Attacks Targeting U.S. Companies

Sep 30, 2023 By iHash

Tags

* Apple attacks Cisco computer security cyber attacks cyber crime cyber news cybersecurity Cyber Security cyber security news cyber security news today cyber security updates cyber threats cyber updates data data breach data breaches google hacker hacker news Hackers hacking hacking news how to hack incident response information security iOS 7 iOS 8 iPhone Malware microsoft network security ransomware ransomware malware risk management security security breaches security vulnerabilities software vulnerability the hacker news Threat update video web applications

Latest

Anaconda’s State of Data Science Report Report Reveals Surge in AI Upskilling Among Data and IT Professionals

Anaconda Inc., provider of the popular platform for data science and modern AI development, released its sixth annual State of Data Science report, surfacing insights into today’s vibrant data science community and the growth and usage of AI and open-source software.  Unlike previous years, the 2023 report delves into the ways generative artificial intelligence (AI) is reshaping […]

Our 7 Favorite Observability Podcasts

Our 7 Favorite Observability Podcasts

This coming Saturday, Sept. 30, is International Podcast Day. It’s a medium that as little as 15 years ago had a very small footprint in the information landscape. Now, it’s hard to imagine our lives without them. Whether you want to get informed on a current event, discover stories of the past that may have […]

Debugging Improvements in Swift 5.9

September 28, 2023 Adrian Prantl manages the Debugger Compiler Integration team at Apple. He works on debug info in the compiler and the Swift plugin in LLDB. Augusto Noronha works on Swift debugging and is a member of the Debugger Compiler Integration team at Apple. Dave Lee works on Swift debugging as a member of […]

“Above the Trend Line” – Your Industry Rumor Central for 9/29/2023

Above the Trend Line: your industry rumor central is a recurring feature of insideBIGDATA. In this column, we present a variety of short time-critical news items grouped by category such as M&A activity, people movements, funding news, industry partnerships, customer wins, rumors and general scuttlebutt floating around the big data, data science and machine learning industries […]

Where Linux is in your home, and how to protect Linux devices from hacking

Where Linux is in your home, and how to protect Linux devices from hacking

Over the first 23 years of this century, the Linux operating system has become as ubiquitous as Windows. Although only 3% of people use it on their laptops and PCs, Linux dominates the Internet of Things, and is also the most popular server OS. You almost certainly have at least one Linux device at home […]

Over 100 new podcasts from top apps and services launch on Apple Podcasts

September 26, 2023 UPDATE Over 100 new podcasts from top apps and services launch on Apple Podcasts Subscribers to Apple Music, Apple News+, and participating apps like Calm and Lingokids can now connect their subscriptions to access new shows and more Apple Podcasts is the best place for listeners to discover, enjoy, and support their favorite podcasts, featuring […]

Jailbreak

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

  Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate.   Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

  Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

Copyright iHash.eu © 2023
We use cookies on this website. By using this site, you agree that we may store and access cookies on your device. Accept Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT