• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

BEC Group Uses Open Source Tactics in Hundreds of Attacks

You are here: Home / General Cyber Security News / BEC Group Uses Open Source Tactics in Hundreds of Attacks
February 1, 2023

Security scientists have warned of a extremely profitable new small business email compromise (BEC) team that has qualified hundreds of victims in the past two years employing rather unsophisticated techniques.

Dubbed “Firebrick Ostrich” by Irregular Security, the team has been dependable for at the very least 347 strategies considering the fact that April 2021. Whilst it’s unclear how many have been successful, the seller described its hit charge as “massive.”

The team makes use of open resource exploration, these as trawling by govt sites to verify information on present contracts and vendors, and complete seller quantities.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


“While this info is generally constrained, it at the very least offers an adversary a tiny piece of information they can exploit in an attack: the fact that there is an present relationship in between the two corporations,” said Abnormal Security’s director of threat intelligence, Crane Hassold.

Once the attacker has collected this details, they will register a area identify via Namecheap or Google that seems extremely similar to the impersonated vendor’s respectable area. For the reason that they don’t have comprehensive information and facts about the vendor–customer connection, the BEC email is generally imprecise – inquiring about an exceptional payment or even requesting an update to the vendor’s payment particulars.

Firebrick Ostrich has thus considerably impersonated 151 unique corporations making use of 212 distinctive maliciously registered domains, across a large wide variety of sectors, Hassold explained.

Most (60%) domains were being registered on the working day the BEC email was sent, offering company menace hunters with some handy clues.

The group’s deficiency of comprehensive perception into their targets also implies they normally ship emails to centralized accounts payable email distribution lists, which focus on all finance staff at the same time.

If any just one of them take the bait, the fraudsters will deliver more than updated account facts for them to fork out into.

“What makes this team pretty exclusive is that they have found significant accomplishment even devoid of the need to compromise accounts or do in-depth exploration on the vendor–customer romantic relationship,” Hassold concluded.

“By using fairly noticeable social engineering practices, they can explore almost everything they will need in buy to run a effective BEC campaign – without having investing any considerable time or means into the preliminary analysis.”


Some components of this short article are sourced from:
www.infosecurity-journal.com

Previous Post: «hackers target business cloud environments by abusing microsoft’s ‘verified publisher’ Hackers target business cloud environments by abusing Microsoft’s ‘verified publisher’ status
Next Post: Experts Warn of ‘Ice Breaker’ Cyberattacks Targeting Gaming and Gambling Industry experts warn of 'ice breaker' cyberattacks targeting gaming and gambling»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • BreachForums Shuts Down After Admin’s Arrest
  • New Android Banking Trojan ‘Nexus’ Promoted As MaaS
  • CISA and NSA Enhance Security Framework With New IAM Guide
  • CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems
  • ScarCruft’s Evolving Arsenal: Researchers Reveal New Malware Distribution Techniques
  • Surge in compromised credentials highlights rampant cyber hygiene failings
  • Preventing Insider Threats in Your Active Directory
  • Security Researchers Spot $36m BEC Attack
  • Just 1% of Dot-Org Domains Are Fully DMARC Protected
  • Ransomware Attacks Double in Europe’s Transport Sector

Copyright © TheCyberSecurity.News, All Rights Reserved.