New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Europol Dismantles Cybercrime Ring

The Spanish National Police, Italian National Police, and Europol have dismantled a large cybercrime operation specializing in online fraud, money laundering, drug trafficking, and property crime. The operation was based in Spain’s Canary Islands and was supported by several mafia cartels. Over 106 arrests were made after a year-long sting operation. The crime network was well organized in a “pyramid structure” with several specialists assigned to distinct roles in phishing domain creation, business email compromise, SIM card swapping attacks, cryptocurrency and money laundering.

Analyst Notes

Phishing attacks through business and personal email were the primary attack route of this well-organized operation. Modern threat models should include not just nation state sponsored Advanced Persistent Threats (APT), but also financially motivated criminals that target both large and small businesses as well as individuals with personal assets or access to business infrastructures. Personal attacks can be mitigated through regular updates, use of EDR or antivirus security products, and avoiding clicking through any suspicious or unusual links. Businesses can mitigate risks in a similar fashion but also need to protect their larger infrastructures with a robust defense in depth strategy that enables comprehensive post-exploitation mitigation and detection; such a strategy can include the threat hunting and MDR offerings from Binary Defense.