Group-IB disclosed data about a Russian-speaking hacker who hacked hundreds of companies


Computer security specialists at Group-IB have identified a suspected hacker with nickname Fxmsp who has been trading on the Darknet for three years with access to corporate networks of international companies.

He is called one of the most dangerous criminals in this area: more than 130 companies around the world, including the leading American antivirus corporations, were affected by the actions of this representative of the Darknet. Allegedly, the attacker is a resident of Kazakhstan, Andrei Turchin.
Group-IB believes that the hacker compromised 135 companies in 44 countries, including the United States, England, France, Italy, the Netherlands, Japan, Australia and others. Allegedly, the attacker earned about $1.5 million through criminal means. Materials on the hacker were transferred to international law enforcement agencies.

For the first time, a criminal with the nickname Fxmsp became active in the second half of 2017. Group-IB noted that the attacker attacked banks, telecommunications operators, energy sector organizations, government organizations, IT service providers and retail. After some time of its activity, he began to sell access not as a product, but as a service.

The main activity of Fxmsp occurred in 2018, after which this area was empty for some time, and since the beginning of 2019, the cybercriminal has followers who are now active in the underground, taking up the techniques of Fxmsp, the Group-IB company said in a document.

At the same time, the "invisible God of the network" (as Fxmsp was named by his accomplice Lampeduza) became widely known after the incident that occurred in May 2019. Information stolen from three American antivirus titans: Symantec, Trend Micro and McAfee was put up for sale on the network. For providing access to their corporate networks and stolen information, the attackers asked for more than $300 thousand.

A hacker is one of the most dangerous cybercriminals. Computer security experts do not rule out that it still continues its activities. In total, Fxmsp has about 40 followers on underground forums.


from E Hacking News - Latest Hacker News and IT Security News https://ift.tt/3eGUg9K

Comments