Security News > 2022 > August > Conti extortion gangs behind surge of BazarCall phishing attacks
At least three groups split from the Conti ransomware operation have adopted BazarCall phishing tactics as the primary method to gain initial access to a victim's network.
Currently, there is evidence of three groups, all part of the former Conti ransomware operation, that used BazarCall or a version of those tactics: Silent Ransom Group, Quantum, and Roy/Zeon.
AdvIntel researchers say that the initial faction running BazarCall campaigns separated from the Conti syndicate in March 2022 and formed a new collective called Silent Ransom Group, also tracked as Luna Moth.
Starting April 2022, as Conti was shutting down, the BazarCall operators formed their own extortion group called Silent Ransom Group.
The BazarCall call campaigns attributed to the Quantum group have grown more sophisticated in two-months time and targeted high-profile companies based on exclusive email datasets they purchased.
The three groups adopting the BazarCall tactics to breach companies have shown that the extortion business, either by just stealing data or combined with network encryption, can still be profitable.
News URL
Related news
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)