Security News > 2022 > July > New ‘Luna Moth’ hackers breach orgs via fake subscription renewals
The gang received the name Luna Moth and has been active since at least March in phishing campaigns that delivered remote access tools that enable the corporate data theft.
The Incident Response team at cybersecurity company Sygnia has been tracking the activity of the Luna Moth ransom group, noting that the actor is trying to build a reputation using the name Silent Ransom Group.
Luna Moth uses email addresses with names that impersonate the brands used in the phishing campaign.
As seen from the modus operandi, Luna Moth is far from a sophisticated threat actor and the tool they use support this theory.
The threat actor's demands are quite high, as researchers say that Luna Moth may ask for "Millions of dollars in ransom."
Despite lacking sophistication, Sygnia found that Luna Moth has been using close to 90 domain names as part of their infrastructure or for hosting data from breached companies.
News URL
Related news
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- Schneider Electric confirms dev platform breach after hacker steals data (source)
- Nokia investigates breach after hacker claims to steal source code (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)