Security News > 2022 > August > Conti extortion gangs behind surge of BazarCall phishing attacks
At least three groups split from the Conti ransomware operation have adopted BazarCall phishing tactics as the primary method to gain initial access to a victim's network.
Currently, there is evidence of three groups, all part of the former Conti ransomware operation, that used BazarCall or a version of those tactics: Silent Ransom Group, Quantum, and Roy/Zeon.
AdvIntel researchers say that the initial faction running BazarCall campaigns separated from the Conti syndicate in March 2022 and formed a new collective called Silent Ransom Group, also tracked as Luna Moth.
Starting April 2022, as Conti was shutting down, the BazarCall operators formed their own extortion group called Silent Ransom Group.
The BazarCall call campaigns attributed to the Quantum group have grown more sophisticated in two-months time and targeted high-profile companies based on exclusive email datasets they purchased.
The three groups adopting the BazarCall tactics to breach companies have shown that the extortion business, either by just stealing data or combined with network encryption, can still be profitable.
News URL
Related news
- Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)