“encryption. in fact, she turned down someone who offered to work with her because she wanted someone that is willing to work on a longer - term strategy. this is a person who is all about the ring on their finger, not just a one - time fling. “ thanks for the offer but i ’ m look…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1078Valid Accounts
78%
“how one criminal tried to sell an msp on the dark web | huntress in a rare encounter, we found ourselves directly interacting with a cybercriminal that took us down a dark web rabbit hole. but before we dive in, here ' s where this story stands. the latest scoop as of february 10…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1078Valid Accounts
71%
“of a new normal. since these events have happened, our attacker, w0zniak, has already struck again. the truth is this follow - up message is not a surprise after seeing the original events. attackers will continue discovering new victims, new markets, and new ways to succeed in t…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1486Data Encrypted for Impact
56%
“with these attackers. and because we ’ re always seeing new attacker behavior, sharing these encounters is exceedingly important. it helps us stay together as a community to corroborate events, warn others of what we ’ ve seen, and enrich everyone. as always, we will stand by our…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.001Malware
54%
“with these attackers. and because we ’ re always seeing new attacker behavior, sharing these encounters is exceedingly important. it helps us stay together as a community to corroborate events, warn others of what we ’ ve seen, and enrich everyone. as always, we will stand by our…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1486Data Encrypted for Impact
39%
“of the attackers. this story is a perfect example of a team effort. and the biggest takeaway is working together allows us to not just find and resolve threats, but to identify new behavior patterns and methods of cybercriminals. in the end, this makes us all better at protecting…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1078Valid Accounts
32%
“, the coinbase account that received payment for the msp access was registered to britt ’ s name, ssn, address, and date of birth. sounds like : - w0zniak didn ’ t have the greatest online opsec - msps need to closely audit admin accounts after employees depart some dark web hack…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1583.001Domains
31%
“the facade, we said we ’ d “ transfer eur to btc ” to make it sound as though we were based out of the country. finding and helping our friends we took a closer look at these screenshots and the first thing we saw were the names and ip addresses of servers being managed by this m…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
In a rare encounter, we found ourselves directly interacting with a cybercriminal that took us down a dark web rabbit hole.