New blog post from Group-IB’s Threat Intelligence team!
Group-IB TI analysts examined Prometheus TDS — an underground service designed to distribute malicious files and redirect users to phishing and malicious sites. Prometheus TDS-operated campaigns, to distribute #Hancitor specifically, were previously described by Unit42 and McAfee researchers.
Group-IB researchers determined that the very same pattern was used to distribute #Campo Loader, #IcedID, #QBot, #SocGholish, and #BuerLoader. Group-IB discovered at least 3,000 targets of separate malware campaigns that make use of the same scheme.
By analyzing the malware distribution campaigns, Group-IB's suggested that it was possible for them to be carried out using the same MaaS solution. This assumption proved correct after Group-IB found offers to sell Prometheus TDS on underground forums.
More details in our blog post ➡️ https://bit.ly/3yuXneD
Group-IB TI analysts examined Prometheus TDS — an underground service designed to distribute malicious files and redirect users to phishing and malicious sites. Prometheus TDS-operated campaigns, to distribute #Hancitor specifically, were previously described by Unit42 and McAfee researchers.
Group-IB researchers determined that the very same pattern was used to distribute #Campo Loader, #IcedID, #QBot, #SocGholish, and #BuerLoader. Group-IB discovered at least 3,000 targets of separate malware campaigns that make use of the same scheme.
By analyzing the malware distribution campaigns, Group-IB's suggested that it was possible for them to be carried out using the same MaaS solution. This assumption proved correct after Group-IB found offers to sell Prometheus TDS on underground forums.
More details in our blog post ➡️ https://bit.ly/3yuXneD
#ransomware
It's alive: the story behind the BlackMatter ransomware strain
⚔️The summer of 2021 brought not only hot weather, but also hot news from the world of ransomware. In late May, DoppelPaymer used a marketing trick and renamed its new ransomware to Grief (Pay OR Grief). Moreover, in June-July hacker groups DarkSide and REvil disappeared from the radars after the notorious attacks against Colonial Pipeline and Kaseya, respectively. By the end of July, a new player called BlackMatter entered the ransomware market. Is BlackMatter really new to the scene, however?
🕵️♀️Andrey Zhdanov, an expert in proactive search for cyber threats at Group-IB, has already analyzed one of the samples of the new ransomware program BlackMatter and came to the conclusion that in terms of code and functionality, it is suspiciously very similar to the tools of infamous groups DarkSide and REvil. All the details are in our blog.
It's alive: the story behind the BlackMatter ransomware strain
⚔️The summer of 2021 brought not only hot weather, but also hot news from the world of ransomware. In late May, DoppelPaymer used a marketing trick and renamed its new ransomware to Grief (Pay OR Grief). Moreover, in June-July hacker groups DarkSide and REvil disappeared from the radars after the notorious attacks against Colonial Pipeline and Kaseya, respectively. By the end of July, a new player called BlackMatter entered the ransomware market. Is BlackMatter really new to the scene, however?
🕵️♀️Andrey Zhdanov, an expert in proactive search for cyber threats at Group-IB, has already analyzed one of the samples of the new ransomware program BlackMatter and came to the conclusion that in terms of code and functionality, it is suspiciously very similar to the tools of infamous groups DarkSide and REvil. All the details are in our blog.
Group-IB
It's alive!
The story behind the BlackMatter ransomware strain
#Ransomware
Comparing BlackMatter, DarkSide and REvil: spot the difference
☝️And now about the most important conclusions of our fresh study. As a result of the analysis of the new ransomware program sample, Group-IB experts revealed clear links between BlackMatter, DarkSide and REvil samples. The legacy of DarkSide seems to be the most apparent. For the specific details, check our table 👈
🎯 It is still impossible to say for sure whether the same development team was behind all the three ransomware strains. However, it is obvious that the vacant seat was quickly filled: DarkSide and REvil were replaced by an equally sophisticated BlackMatter. All the details are in our blog.
Comparing BlackMatter, DarkSide and REvil: spot the difference
☝️And now about the most important conclusions of our fresh study. As a result of the analysis of the new ransomware program sample, Group-IB experts revealed clear links between BlackMatter, DarkSide and REvil samples. The legacy of DarkSide seems to be the most apparent. For the specific details, check our table 👈
🎯 It is still impossible to say for sure whether the same development team was behind all the three ransomware strains. However, it is obvious that the vacant seat was quickly filled: DarkSide and REvil were replaced by an equally sophisticated BlackMatter. All the details are in our blog.
#links #cardshops
Bold ad campaign: AWC joins illicit carding business by offering 1 Mln compromised cards for free
🖥On August 2, Group-IB Threat Intelligence & Attribution system detected an unconventional post on several carding forums. A user, nicknamed AW_cards posted links to a file containing 1 million pieces of stolen payment records. The file offered for free contained compromised card details from over 1,000 banks in more than 100 countries, including India, Mexico, the US, Australia, Brazil, and etc.
🕵️♀️The post immediately sparked Group-IB researchers' interest, because cybercriminals in the carding community rarely offer so many cards for free. It's especially unusual for a previously unknown market player. The analysis of the file revealed that this huge batch of compromised cards had not appeared on other underground forums.
💰Further research revealed that the post was nothing but a very bold ad to scale up the user base of newly established card shop All World Cards, which joined the carding market in May 2021. Group-IB researchers found out that the alleged owners of the card shop had launched a massive promo campaign in the underground to advertise their new platform, which, in addition to a huge database giveaway, included a writing contest for other cybercriminals with a cash prize of USD 15,000.
🎯This post analyzes the latest 1 mln stolen bank card record database as well as the short history of the All World Cards card shop and the activity of its alleged owners who are most likely not the newbies of the carding business. All the details are in our fresh blog
Bold ad campaign: AWC joins illicit carding business by offering 1 Mln compromised cards for free
🖥On August 2, Group-IB Threat Intelligence & Attribution system detected an unconventional post on several carding forums. A user, nicknamed AW_cards posted links to a file containing 1 million pieces of stolen payment records. The file offered for free contained compromised card details from over 1,000 banks in more than 100 countries, including India, Mexico, the US, Australia, Brazil, and etc.
🕵️♀️The post immediately sparked Group-IB researchers' interest, because cybercriminals in the carding community rarely offer so many cards for free. It's especially unusual for a previously unknown market player. The analysis of the file revealed that this huge batch of compromised cards had not appeared on other underground forums.
💰Further research revealed that the post was nothing but a very bold ad to scale up the user base of newly established card shop All World Cards, which joined the carding market in May 2021. Group-IB researchers found out that the alleged owners of the card shop had launched a massive promo campaign in the underground to advertise their new platform, which, in addition to a huge database giveaway, included a writing contest for other cybercriminals with a cash prize of USD 15,000.
🎯This post analyzes the latest 1 mln stolen bank card record database as well as the short history of the All World Cards card shop and the activity of its alleged owners who are most likely not the newbies of the carding business. All the details are in our fresh blog
Group-IB
Bold ad campaign
AWC joins illicit carding business by offering 1 Mln compromised cards for free
#GIB_TIA #threatintelligence
Group-IB is honored to announce it has been named one of the leaders in the global cyber threat intelligence market by Frost & Sullivan, an international research & consulting firm.
According to “Frost Radar: Global Cyber Threat Intelligence Market, 2021,” Group-IB with its proprietary Threat Intelligence & Attribution (TI&A) platform is one of the most innovative threat intelligence vendors and the third-largest one, enjoying an over 15-percent share of the global market. Frost & Sullivan analysts particularly highlighted the growth rate of the company, having noted its average revenue growth of 72% in the course of the past three years.
“Group-IB is rapidly gaining mindshare in the cybersecurity industry and threat intelligence community,” the report read. “Group-IB recognizes the importance of tackling cybercrime for public security and forms partnerships with law enforcement agencies and non-governmental and intergovernmental organizations worldwide. Such initiatives contribute to Group-IB's recognition as a trusted intelligence provider.”
Read more -> https://bit.ly/2VK8yCf
Group-IB is honored to announce it has been named one of the leaders in the global cyber threat intelligence market by Frost & Sullivan, an international research & consulting firm.
According to “Frost Radar: Global Cyber Threat Intelligence Market, 2021,” Group-IB with its proprietary Threat Intelligence & Attribution (TI&A) platform is one of the most innovative threat intelligence vendors and the third-largest one, enjoying an over 15-percent share of the global market. Frost & Sullivan analysts particularly highlighted the growth rate of the company, having noted its average revenue growth of 72% in the course of the past three years.
“Group-IB is rapidly gaining mindshare in the cybersecurity industry and threat intelligence community,” the report read. “Group-IB recognizes the importance of tackling cybercrime for public security and forms partnerships with law enforcement agencies and non-governmental and intergovernmental organizations worldwide. Such initiatives contribute to Group-IB's recognition as a trusted intelligence provider.”
Read more -> https://bit.ly/2VK8yCf
Group-IB
Group-IB recognized as a global cyber threat intelligence leader by Frost & Sullivan | Group-IB
Group-IB, one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation of high-tech crimes and intellectual property protection, has been named one of the leaders in the global cyber…
#GIB_TIA #threatintelligence
Why Tailored Threat Intelligence?
From the new Group-IB threat intelligence blog post you will learn why tailored threat intelligence is the key to making a corporate CTI program effective and how to move away from irrelevant generic feeds to:
- Custom Threat hunting rules
- Tailored threat landscape
- Tailored reports and research
Click here to learn more: https://bit.ly/3s7Z3II
Why Tailored Threat Intelligence?
From the new Group-IB threat intelligence blog post you will learn why tailored threat intelligence is the key to making a corporate CTI program effective and how to move away from irrelevant generic feeds to:
- Custom Threat hunting rules
- Tailored threat landscape
- Tailored reports and research
Click here to learn more: https://bit.ly/3s7Z3II
#mou #cooperation
Group-IB signs an MoU with VNPT-IT!
🔹Today, Group-IB signed an MoU with VNPT-IT, a national Vietnamese technology company. The document was signed by Sergey Nikitin, the Chief Operating Officer at Group-IB HQ in Singapore, and VNPT-IT CEO Duong Thanh Long. Together, we'll work to develop and provide solutions and services that will ensure a cybersafe business environment in Vietnam.
🔹The partnership is expected to broaden the range of services provided by VNPT Cyber Immunity as a Managed Security Service (MSS) provider to turn it into a Managed Detection and Response (MDR) provider.
🔹Leveraging Group-IB’s Threat Intelligence & Attribution system and also Group-IB Threat Hunting Framework, an all-in-one solution for the protection of IT and industrial networks against previously unknown and targeted attacks, VNPT Cyber Immunity will be providing threat hunting and intelligence services to its customers, enabling them to track down threats to particular attackers and get extensive data on the instruments and strategies they employ.
💬"Group-IB’s philosophy is to reap the benefits of work with the industry leaders, leveraging this cooperation for the mutual growth. Together with VNPT Cyber Immunity, Group-IB will be able to deliver high-performance solutions and services to a broad range of customers in Vietnam. It is my conviction that this partnership will immediately be able to bring increased cyber resilience and expertise to the local market," welcomed the MoU Sergey Nikitin.
Learn more -> https://bit.ly/3mdp9Jd
Group-IB signs an MoU with VNPT-IT!
🔹Today, Group-IB signed an MoU with VNPT-IT, a national Vietnamese technology company. The document was signed by Sergey Nikitin, the Chief Operating Officer at Group-IB HQ in Singapore, and VNPT-IT CEO Duong Thanh Long. Together, we'll work to develop and provide solutions and services that will ensure a cybersafe business environment in Vietnam.
🔹The partnership is expected to broaden the range of services provided by VNPT Cyber Immunity as a Managed Security Service (MSS) provider to turn it into a Managed Detection and Response (MDR) provider.
🔹Leveraging Group-IB’s Threat Intelligence & Attribution system and also Group-IB Threat Hunting Framework, an all-in-one solution for the protection of IT and industrial networks against previously unknown and targeted attacks, VNPT Cyber Immunity will be providing threat hunting and intelligence services to its customers, enabling them to track down threats to particular attackers and get extensive data on the instruments and strategies they employ.
💬"Group-IB’s philosophy is to reap the benefits of work with the industry leaders, leveraging this cooperation for the mutual growth. Together with VNPT Cyber Immunity, Group-IB will be able to deliver high-performance solutions and services to a broad range of customers in Vietnam. It is my conviction that this partnership will immediately be able to bring increased cyber resilience and expertise to the local market," welcomed the MoU Sergey Nikitin.
Learn more -> https://bit.ly/3mdp9Jd
Group-IB
Group-IB, VNPT-IT partner to enhance Vietnam’s digital environment
Group-IB, one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation of high-tech crimes and intellectual property protection, and VNPT Information Technology Company (VNPT-IT), a…
#groupib #cybersecurity
Group-IB included among major cybersecurity consulting firms by Forrester!
Group-IB is pleased to announce that it has been featured in the overview of the global cybersecurity consulting providers “Now Tech: Global Cybersecurity Consulting Providers, Q3 2021.” The report covers 36 major global cybersecurity consulting firms.
The Forrester analysts included Group-IB service offering in the category of consultancies that “offer clients a broad range of audit, consulting, and advisory services, including cybersecurity consulting. They have a diverse set of assets and intellectual property to help clients solve security problems.”
While many corporate cybersecurity teams struggle to manage multiple vendors, Group-IB offers its customers a single point of accountability and security consulting expertise trusted by the international automotive, fintech, retail companies.
Learn more 🔽
https://bit.ly/3DcGCHV
Group-IB included among major cybersecurity consulting firms by Forrester!
Group-IB is pleased to announce that it has been featured in the overview of the global cybersecurity consulting providers “Now Tech: Global Cybersecurity Consulting Providers, Q3 2021.” The report covers 36 major global cybersecurity consulting firms.
The Forrester analysts included Group-IB service offering in the category of consultancies that “offer clients a broad range of audit, consulting, and advisory services, including cybersecurity consulting. They have a diverse set of assets and intellectual property to help clients solve security problems.”
While many corporate cybersecurity teams struggle to manage multiple vendors, Group-IB offers its customers a single point of accountability and security consulting expertise trusted by the international automotive, fintech, retail companies.
Learn more 🔽
https://bit.ly/3DcGCHV
#groupib #cybersecurity
We are very proud to announce that Vesta Matveeva, Group-IB’s Head of High-Tech Crime Investigation Unit in APAC, was named as one of ASEAN’s Top 30 Women in Cyber Security!
Here’s what Ms. Matveeva said in a post-ceremony interview: “It is a great honor to be among such respectful and incredibly talented cyber ladies…
The pandemic has shown how dependent we are on technologies and how vulnerable they are. The pandemic-driven shift to remote work has opened more doors for cybercriminals, making our journey more complicated. The ASEAN region is being increasingly often challenged by both financially and government sponsored hackers. I have been in cybersecurity for over 10 years, monitoring cybercriminals, deanonymizing them and helping to bring them to justice. We at Group-IB see how quickly they evolve, threatening the peaceful existence of companies, industries and even entire nations.
Fortunately, cyber resilience is something that we can control and improve. But only if we work together. All of us here are recognised experts in different areas of cybersecurity. Together we are a great power. We need to use this power to work harder and more efficiently, educate people about cyber and innovate in our field to ultimately become more cyber aware, resilient and secure.”
We are very proud to announce that Vesta Matveeva, Group-IB’s Head of High-Tech Crime Investigation Unit in APAC, was named as one of ASEAN’s Top 30 Women in Cyber Security!
Here’s what Ms. Matveeva said in a post-ceremony interview: “It is a great honor to be among such respectful and incredibly talented cyber ladies…
The pandemic has shown how dependent we are on technologies and how vulnerable they are. The pandemic-driven shift to remote work has opened more doors for cybercriminals, making our journey more complicated. The ASEAN region is being increasingly often challenged by both financially and government sponsored hackers. I have been in cybersecurity for over 10 years, monitoring cybercriminals, deanonymizing them and helping to bring them to justice. We at Group-IB see how quickly they evolve, threatening the peaceful existence of companies, industries and even entire nations.
Fortunately, cyber resilience is something that we can control and improve. But only if we work together. All of us here are recognised experts in different areas of cybersecurity. Together we are a great power. We need to use this power to work harder and more efficiently, educate people about cyber and innovate in our field to ultimately become more cyber aware, resilient and secure.”
#groupib #fhp #fraudhunting
Bolstering detection and prevention
Group-IB commissioned an independent study to analyze the performance of its Fraud Hunting Platform.
Group-IB Fraud Hunting Platform has demonstrated a 130% return on investment compared to the current market leader in six months. The End-user, a large Bank serving 10 million online clients with over 6 million transactions a month saw a drop in the number of false positives, enabling the organization to focus on the truly risky transactions and block more fraud attempts.
Find out how to reduce fraud and false positives: https://bit.ly/2WI4YbS
Bolstering detection and prevention
Group-IB commissioned an independent study to analyze the performance of its Fraud Hunting Platform.
Group-IB Fraud Hunting Platform has demonstrated a 130% return on investment compared to the current market leader in six months. The End-user, a large Bank serving 10 million online clients with over 6 million transactions a month saw a drop in the number of false positives, enabling the organization to focus on the truly risky transactions and block more fraud attempts.
Find out how to reduce fraud and false positives: https://bit.ly/2WI4YbS
#groupib #fhp #fraudprevention #fintech
Webinar: Tackling fraud without impacting end-customers
Register for Group-IB’s webinar to learn how a large bank quickly delivered a complete fraud platform changeover to meet more stringent requirements and saw a drop in the number of false positives with Group-IB Fraud Hunting Platform, enabling the organization to focus on the truly risky transactions and block more fraud attempts.
You will also discover key insights from an independent study commissioned by Group-IB, which shows that Group-IB Fraud Hunting Platform has demonstrated a 130% return on investment compared to the current market leader in six months.
Join this webinar and learn first-hand why deploying a new fraud prevention solution might be easier and more rewarding than you think.
When: Thu, Sep 9th, 2021, 11:30-12:30 (GMT+1)
Register here: https://bit.ly/3yPYYuK
Webinar: Tackling fraud without impacting end-customers
Register for Group-IB’s webinar to learn how a large bank quickly delivered a complete fraud platform changeover to meet more stringent requirements and saw a drop in the number of false positives with Group-IB Fraud Hunting Platform, enabling the organization to focus on the truly risky transactions and block more fraud attempts.
You will also discover key insights from an independent study commissioned by Group-IB, which shows that Group-IB Fraud Hunting Platform has demonstrated a 130% return on investment compared to the current market leader in six months.
Join this webinar and learn first-hand why deploying a new fraud prevention solution might be easier and more rewarding than you think.
When: Thu, Sep 9th, 2021, 11:30-12:30 (GMT+1)
Register here: https://bit.ly/3yPYYuK
#ransomware #CERT
If there is one thing that most cybersecurity experts agree on, it's that ransomware is still public enemy number one.
Join Alexander Kalinin (Head of CERT-GIB) at CONFidence Legends: 20th edition and watch his presentation 'Ransomware Uncovered' on September 8 at 1:15 pm CEST.
The presentation was designed for incident response analysts, threat hunters, SOC and CERT specialists, СTI analysts, and IS and IT specialists who want to learn more about:
- The ransomware threat landscape
- The latest TTPs used by attackers
- Technical mitigations for each step of the kill chain
Register now ➡️ https://eventory.cc/event/confidence-legends
If there is one thing that most cybersecurity experts agree on, it's that ransomware is still public enemy number one.
Join Alexander Kalinin (Head of CERT-GIB) at CONFidence Legends: 20th edition and watch his presentation 'Ransomware Uncovered' on September 8 at 1:15 pm CEST.
The presentation was designed for incident response analysts, threat hunters, SOC and CERT specialists, СTI analysts, and IS and IT specialists who want to learn more about:
- The ransomware threat landscape
- The latest TTPs used by attackers
- Technical mitigations for each step of the kill chain
Register now ➡️ https://eventory.cc/event/confidence-legends
#apple #update
🍏Apple suddenly released updates to its operating systems literally a day before the presentation of new devices, apparently the rush is associated with the urgent closure of vulnerabilities. Updates impacts most part of Apple devices - iOS / IPadOs 14.8, WatchOS 7.6.2 and MacOS BigSur 11.6
❗️What's new in this patch?
Apple fixed 2 CVE, which was actively exploited - special prepared malicious PDF and web-page.
❗️We strongly recommend updating your device
👉 This document describes the security content of iOS / IPadOs 14.8
https://support.apple.com/en-us/HT212807
🍏Apple suddenly released updates to its operating systems literally a day before the presentation of new devices, apparently the rush is associated with the urgent closure of vulnerabilities. Updates impacts most part of Apple devices - iOS / IPadOs 14.8, WatchOS 7.6.2 and MacOS BigSur 11.6
❗️What's new in this patch?
Apple fixed 2 CVE, which was actively exploited - special prepared malicious PDF and web-page.
❗️We strongly recommend updating your device
👉 This document describes the security content of iOS / IPadOs 14.8
https://support.apple.com/en-us/HT212807
Apple Support
About the security content of iOS 14.8 and iPadOS 14.8
This document describes the security content of iOS 14.8 and iPadOS 14.8.
#CERT #phishing #Netherlands
RUNLIR - phishing campaign in the Netherlands that instructs victims to cut up their cards
Group-IB Computer Emergency Response Team (CERT-GIB) team in Amsterdam identified an unorthodox phishing campaign aimed at Dutch residents, codenamed #RUNLIR.
Our analysts identified multiple phishing websites impersonating Dutch financial organizations that are part of a single network of more than 750 connected domains. Group-IB researchers observed a very unconventional "Cut the card" phishing scheme that requires fraudsters' efforts both online and offline.
RUNLIR uses the combination unique for the Netherlands that involves the BlackTDS anti-bot service, the notorious bulletproof hosting Yalishanda and different versions of the uAdmin. This approach ensures that their phishing pages are shown to victims and not to security pros.
Find out more: https://bit.ly/3EoHREG
RUNLIR - phishing campaign in the Netherlands that instructs victims to cut up their cards
Group-IB Computer Emergency Response Team (CERT-GIB) team in Amsterdam identified an unorthodox phishing campaign aimed at Dutch residents, codenamed #RUNLIR.
Our analysts identified multiple phishing websites impersonating Dutch financial organizations that are part of a single network of more than 750 connected domains. Group-IB researchers observed a very unconventional "Cut the card" phishing scheme that requires fraudsters' efforts both online and offline.
RUNLIR uses the combination unique for the Netherlands that involves the BlackTDS anti-bot service, the notorious bulletproof hosting Yalishanda and different versions of the uAdmin. This approach ensures that their phishing pages are shown to victims and not to security pros.
Find out more: https://bit.ly/3EoHREG
#groupib #DRP #scam
Scamdemic outbreak: scammers attack users in Middle Eastern countries
In a new blog post, Group-IB Digital Risk Protection team tells about a #scam targeting Middle Eastern countries. The scammers used a tried-and-tested scheme involving giveaways supposedly by popular brands, lottery games purporting to be recommended by celebrities, and fake job offers from the government.
As part of their attacks, the threat actors abused more than 130 well-known brands worldwide from sectors such as telecommunications, retail, entertainment, and etc. The fraudulent campaign targeted 16 Arabic-speaking countries: Saudi Arabia, Kuwait, Jordan, Sudan, Morocco, Egypt, Bahrain, Iraq, Yemen, Palestine, the United Arab Emirates (UAE), Algeria, Lebanon, Qatar, Syria, and Oman. The attack also targeted English-speaking users from Turkey and Nigeria.
The distinguishing feature of this scam group is the use of Blogspot, a popular blogging platform, for the registration of fraudulent pages. In total, Group-IB analysts discovered more than 4,300 fraudulent pages created on Blogspot.
Read more -> https://bit.ly/39bIOla
Scamdemic outbreak: scammers attack users in Middle Eastern countries
In a new blog post, Group-IB Digital Risk Protection team tells about a #scam targeting Middle Eastern countries. The scammers used a tried-and-tested scheme involving giveaways supposedly by popular brands, lottery games purporting to be recommended by celebrities, and fake job offers from the government.
As part of their attacks, the threat actors abused more than 130 well-known brands worldwide from sectors such as telecommunications, retail, entertainment, and etc. The fraudulent campaign targeted 16 Arabic-speaking countries: Saudi Arabia, Kuwait, Jordan, Sudan, Morocco, Egypt, Bahrain, Iraq, Yemen, Palestine, the United Arab Emirates (UAE), Algeria, Lebanon, Qatar, Syria, and Oman. The attack also targeted English-speaking users from Turkey and Nigeria.
The distinguishing feature of this scam group is the use of Blogspot, a popular blogging platform, for the registration of fraudulent pages. In total, Group-IB analysts discovered more than 4,300 fraudulent pages created on Blogspot.
Read more -> https://bit.ly/39bIOla
Group-IB
Scamdemic outbreak
Scammers attack users in Arab-speaking countries