Carding 4 Carders
Professional
- Messages
- 2,730
- Reaction score
- 1,516
- Points
- 113
Over the past two years, a number of high-profile cyber attacks have one thing in common – the involvement of a small online community of mostly young people who make audacious intrusions into networks.
The community, dubbed "the Com," is playing a key role in a wide range of online crimes, including recent attacks on resorts in Las Vegas that severely disrupted the operations of several well-known hotels and casinos. Researchers emphasize that the appearance of" the Com " shows the need for a tougher approach on the part of legislators and cybersecurity specialists to the problem of cybercrime among young people.
Teenagers and young adults under the age of 20 are increasingly committing high-profile hacks, demonstrating a high level of skill and openly bragging about their exploits in language full of racism and misogyny, with "the Com" serving as a radicalizing medium for some of these cybercriminals.
Politicians and cybersecurity experts tend to underestimate this criminal environment compared to the threat from hackers linked to states. However, recent hacks show that a new generation of hackers has high capabilities.
According to the researchers, people from one of the subgroups of "the Com" called "Star Fraud" are probably involved in the recent attacks on Caesars Entertainment and MGM Resorts, demonstrating the seriousness of the threat from this ecosystem.
Earlier, the hacker group ALPHV claimed responsibility for the attacks on Caesars and MGM. Experts believe that in fact the group behind this was Scattered Spider, associated with ALPHV and consisting of hackers from the United States and Britain, skilled in social engineering.
However, the term "Scattered Spider" is not accurate, as the researchers stated at LABScon, because it combines the actions of several different and sometimes competing groups within the "the Com" ecosystem into one whole. Groups imitate each other and learn each other's tactics, but they are different.
The attacks coming from "The Com" go far beyond the recent hacks in Las Vegas. This year hackers attacked Nvidia, Samsung, Microsoft and other large corporations. According to the researcher, some members of "The Com" got into this community, like children in toxic online groups where radicalization occurs. "Here, radicalization is cybercrime and the maximum manifestation of low human qualities," he said.
In an August report, the Cyber Safety Review Board recommended that Congress consider funding programs to prevent juvenile cybercrime as part of a "community-based" approach to youth cybercrime.
The FBI has been involved in several investigations involving individuals associated with "the Com" for alleged brutality. In a May 2023 FBI agent's statement, "the Com" was described as a "cybercriminal group" that is "geographically diverse" and organizes subgroups to carry out various types of criminal activities, including cyber intrusions, SIM swapping, cryptocurrency theft, organizing real violence, and "Swatting" - the practice of sending armed rapid response teams to the scene victims under false pretenses.
Cybersecurity companies describe this group of online cybercriminals as highly skilled social engineering hackers, especially because there are many native English speakers among their members who are adept at contacting tech support services and convincing technicians to give out corporate credentials.
The researchers who presented the data at LabsCON warn that these young cybercriminals are now collaborating with global ransomware syndicates with a history of ransomware attacks around the world and tens of millions of dollars in ransoms paid.
The Com's role in attracting these young hackers to a life of crime is similar to the well-documented problem of how toxic online communities can radicalize children, one of the researchers said. "Radicalization manifests itself in cybercrime and becoming the worst possible person," the researcher said.
+++
Microsoft rolled out a detailed profile of an English-speaking attacker with advanced social engineering capabilities who recently broke the Caesars and MGM casinos.
Microsoft tracks the group as Octo Tempest, but they are also known as 0ktapus, Scattered Spider, and UNC3944.
The hacker group was found to have used threats of physical violence to gain initial access to victims ' networks, targeting administrators and support staff with sufficient permissions.
Researchers began paying attention to the group in early 2022, which Cyberscoop links to an underground community called The Com, whose members allegedly practiced spoofing SIM cards, incidents with shelling of houses and organizing power actions in real life.
By early 2023, some members of the group had developed a more advanced and aggressive approach and started monetizing ransomware by attacking telecom, IT, and MSP providers.
Octo Tempest attacks have steadily evolved and the group has now moved from simple ransomware schemes to ransomware, actively using AlphV for both data theft and encryption.
In addition, the profile of victims has expanded. Earlier this year, the group attacked companies in the gaming, hotel, retail, manufacturing, technology and financial sectors.
The company gained public attention after it targeted Caesars Entertainment and MGM Resorts last month in an operation that caused massive damage to their operations, but it was just one of a string of attacks that have affected major corporations including Okta, Microsoft, Nvidia, Rockstar and Samsung.
Microsoft estimates that Octo Tempest is the most dangerous financially motivated and top-notch organized group, demonstrating a diverse set of TTPs for navigating complex hybrid environments, extracting sensitive data, and encrypting data.
But most of all, the group is known for its uncanny ability to push for initial access. And we have always said that thermorectal cryptanalysis is the most reliable method of primary compromise.
The community, dubbed "the Com," is playing a key role in a wide range of online crimes, including recent attacks on resorts in Las Vegas that severely disrupted the operations of several well-known hotels and casinos. Researchers emphasize that the appearance of" the Com " shows the need for a tougher approach on the part of legislators and cybersecurity specialists to the problem of cybercrime among young people.
Teenagers and young adults under the age of 20 are increasingly committing high-profile hacks, demonstrating a high level of skill and openly bragging about their exploits in language full of racism and misogyny, with "the Com" serving as a radicalizing medium for some of these cybercriminals.
Politicians and cybersecurity experts tend to underestimate this criminal environment compared to the threat from hackers linked to states. However, recent hacks show that a new generation of hackers has high capabilities.
According to the researchers, people from one of the subgroups of "the Com" called "Star Fraud" are probably involved in the recent attacks on Caesars Entertainment and MGM Resorts, demonstrating the seriousness of the threat from this ecosystem.
Earlier, the hacker group ALPHV claimed responsibility for the attacks on Caesars and MGM. Experts believe that in fact the group behind this was Scattered Spider, associated with ALPHV and consisting of hackers from the United States and Britain, skilled in social engineering.
However, the term "Scattered Spider" is not accurate, as the researchers stated at LABScon, because it combines the actions of several different and sometimes competing groups within the "the Com" ecosystem into one whole. Groups imitate each other and learn each other's tactics, but they are different.
The attacks coming from "The Com" go far beyond the recent hacks in Las Vegas. This year hackers attacked Nvidia, Samsung, Microsoft and other large corporations. According to the researcher, some members of "The Com" got into this community, like children in toxic online groups where radicalization occurs. "Here, radicalization is cybercrime and the maximum manifestation of low human qualities," he said.
In an August report, the Cyber Safety Review Board recommended that Congress consider funding programs to prevent juvenile cybercrime as part of a "community-based" approach to youth cybercrime.
The FBI has been involved in several investigations involving individuals associated with "the Com" for alleged brutality. In a May 2023 FBI agent's statement, "the Com" was described as a "cybercriminal group" that is "geographically diverse" and organizes subgroups to carry out various types of criminal activities, including cyber intrusions, SIM swapping, cryptocurrency theft, organizing real violence, and "Swatting" - the practice of sending armed rapid response teams to the scene victims under false pretenses.
Cybersecurity companies describe this group of online cybercriminals as highly skilled social engineering hackers, especially because there are many native English speakers among their members who are adept at contacting tech support services and convincing technicians to give out corporate credentials.
The researchers who presented the data at LabsCON warn that these young cybercriminals are now collaborating with global ransomware syndicates with a history of ransomware attacks around the world and tens of millions of dollars in ransoms paid.
The Com's role in attracting these young hackers to a life of crime is similar to the well-documented problem of how toxic online communities can radicalize children, one of the researchers said. "Radicalization manifests itself in cybercrime and becoming the worst possible person," the researcher said.
+++
Microsoft rolled out a detailed profile of an English-speaking attacker with advanced social engineering capabilities who recently broke the Caesars and MGM casinos.
Microsoft tracks the group as Octo Tempest, but they are also known as 0ktapus, Scattered Spider, and UNC3944.
The hacker group was found to have used threats of physical violence to gain initial access to victims ' networks, targeting administrators and support staff with sufficient permissions.
Researchers began paying attention to the group in early 2022, which Cyberscoop links to an underground community called The Com, whose members allegedly practiced spoofing SIM cards, incidents with shelling of houses and organizing power actions in real life.
By early 2023, some members of the group had developed a more advanced and aggressive approach and started monetizing ransomware by attacking telecom, IT, and MSP providers.
Octo Tempest attacks have steadily evolved and the group has now moved from simple ransomware schemes to ransomware, actively using AlphV for both data theft and encryption.
In addition, the profile of victims has expanded. Earlier this year, the group attacked companies in the gaming, hotel, retail, manufacturing, technology and financial sectors.
The company gained public attention after it targeted Caesars Entertainment and MGM Resorts last month in an operation that caused massive damage to their operations, but it was just one of a string of attacks that have affected major corporations including Okta, Microsoft, Nvidia, Rockstar and Samsung.
Microsoft estimates that Octo Tempest is the most dangerous financially motivated and top-notch organized group, demonstrating a diverse set of TTPs for navigating complex hybrid environments, extracting sensitive data, and encrypting data.
But most of all, the group is known for its uncanny ability to push for initial access. And we have always said that thermorectal cryptanalysis is the most reliable method of primary compromise.