Security News > 2022 > July > New ‘Luna Moth’ hackers breach orgs via fake subscription renewals
The gang received the name Luna Moth and has been active since at least March in phishing campaigns that delivered remote access tools that enable the corporate data theft.
The Incident Response team at cybersecurity company Sygnia has been tracking the activity of the Luna Moth ransom group, noting that the actor is trying to build a reputation using the name Silent Ransom Group.
Luna Moth uses email addresses with names that impersonate the brands used in the phishing campaign.
As seen from the modus operandi, Luna Moth is far from a sophisticated threat actor and the tool they use support this theory.
The threat actor's demands are quite high, as researchers say that Luna Moth may ask for "Millions of dollars in ransom."
Despite lacking sophistication, Sygnia found that Luna Moth has been using close to 90 domain names as part of their infrastructure or for hosting data from breached companies.
News URL
Related news
- Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs (source)
- Fortinet confirms data breach after hacker claims to steal 440GB of files (source)
- Temu denies breach after hacker claims theft of 87 million data records (source)
- Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms (source)
- Dell investigates data breach claims after hacker leaks employee info (source)