Saturday, February 20, 04:09
Home security Fxmsp: The hacking team sold access to corporate networks!

Fxmsp: The hacking team sold access to corporate networks!

New information has come to light about the activity of the Russian hacking group Fxmsp, which last year advertised access to the networks of three suppliers. cyber security. Researchers monitoring Fxmsp's activities underground forum, measured the attacks carried out by the hacking team and revealed the alleged one ID card of the invader. The Fxmsp hacking team became widely known about a year ago when cybersecurity boutique Advanced Intelligence (AdvIntel) published reports on the team's efforts to close a $ 300.000 sale deal access in networks owned by Symantec, Trend Micro and McAfee. The group has lowered its tone since it came to the attention of the media, but it is very likely that it will continue to operate through private messaging.

hacking group

Researchers from Group-IB examined the Fxmsp group's activity in the forums where it advertised its business, estimating that the group has so far violated networks of at least 135 companies in 44 countries. Its targets included banks, small and medium-sized enterprises businesses, government agencies as well as companies listed on the Fortune 500. The Group-IB estimates that since about 2016, Fxmsp has earned at least $ 1,5 million from selling access to networks. In May 2019, AdvIntel stated that Fxmsp is a threat that has earned about $ 1.000.000, taking advantage of violations carried out at the expense of companies. The profit can seem quite large for hackers who have little to no experience in trading their "assets". However, Fxmsp was not alone in all this. However, the real profit made by the hacking team is estimated to be much higher in reality, since the transactions for access to 20% of the companies that were violated, were done privately and were not accompanied by a public price.


According to Group-IB, Fxmsp stopped their public activity at the end of 2019, but not before advertising access to a power company in Europe that fell victim. ransomware attack in 2020. One such company affected by ransomware this year is the Italian multinational Enel. According to Yelisey Boguslavskiy, director of security research at AdvIntel, Fxmsp was part of a crew called GPTitan, which consisted of experts who aimed to operate secretly in financial settings to steal. data customers from high profile networks. GPTitan contributed to the hacking team's activity by two other crews, one in China and one in USA. It was a collaboration that led to data breaches by antivirus companies from the spring of 2019. It seems that Fxmsp has stopped operating on its own and is now operating as part of a larger team. The non-hacking department of Fxmsp was responsible for marketing and generating revenue from access to networks and data. A network of subsidiaries operating under the pseudonym Antony Moricone offered to give the stolen information to hackers and illegal information traders, who used it to their advantage in the decision-making process, to companies they were interested in.

Fxmsp-access to corporate networks

Boguslavskiy does not consider it unlikely that the pseudonyms of Antony Moricone will be used by a single individual in many forums, according to the Group-IB report. Specifically, the researchers of Group-IB identified the pseudonyms of Lampeduza in other forums: Antony Moricone, BigPetya, Fivelife, Nikolay, tor.ter, andropov and Gromyko. In addition, the researchers revealed in a report what the identity may be behind the hacking team Fxmsp: Andrey Turchin (who appears to be from Kazakhstan), the same as what BleepingComputer found in a survey last year. Dmitry Volkov, Group-IB's CTO, told Fxmsp that he had set a trend that led to a doubling of the number of retailers in networks specializing in corporate interference in the second half of 2019. Volkov added that Fxmsp may still be active, keeping its business private. Even if it is not, it is now in the forefront, it has set an example that others can follow.


Please enter your comment!
Please enter your name here

Every accomplishment starts with the decision to try.


How to quickly create QR codes with Bing

If you ever need to create a QR code, but you do not know how, Microsoft has an easy-to-use tool available in any program ...

Brave: Onion addresses leaked to DNS traffic

The Tor function included in the Brave web browser, allows users to access .onion dark web domains within ...

What are the 6 most known attacks on gaming companies?

A few days ago, the gaming company Big Huge Games informed the players that it was the victim of an attack, which affected its data ...

Xbox gift cards are sold at a 10% discount on Amazon

Xbox owners can save some money on games, add-ons, subscriptions and more if they buy Xbox gift cards at ...

Perseverance: NASA spacecraft lands on Mars!

The spacecraft "Perseverance" successfully landed yesterday, shortly before 11 pm Greek time on Mars. Aim of this mission of ...

YouTube: You can play 4K videos on devices with low resolution screens

Youtube application on Android allows you to play videos up to 4K resolution. All you need is a phone with ...

Top positions Software Engineering and coding skills for 2021

Due to COVID-19, recruitment efforts and employment opportunities fell sharply last year. However, the technology industry has proven to be more resilient ...

Phishing emails: How to recognize them and how to protect yourself? Το phishing είναι ίσως η μεγαλύτερη απειλή στον κυβερνοχώρο εδώ και περισσότερα από πέντε χρόνια. Γι΄...

US and UK condemn Facebook for blocking Australia

Politicians, news agents and civil rights groups in the UK and US have targeted Facebook for its decision to ...

Vaio Z (2021) Released - What are its specifications?

The Vaio Z (2021) was released as the last laptop of Vaio Corporation based in Japan. The laptop comes with a border ...