05 March 21, 14:34
Quote:Maza, a place online for fraudsters and extorters to connect to pull off their operations, has been breached by an unknown attacker, in just the latest in a series of attacks targeting elite Russian-language cybercrime forums. Members are worried that their data is being used by researchers and law enforcement to track down their true identities, a new report from Flashpoint said.
These forums are where threat actors can go to access ransomware-as-a-service tools, launder stolen money and even get advice on how to improve their crimes, Flashpoint vice president Thomas Hofmann explained to Threatpost.
“Maza is a place where one can connect to trustworthy threat actors, who have been active in the Russian-language underground anywhere between 10 to 20 years,” Hoffman said. “Ultimately, the forum serves the role of a board where one can establish initial contact with respected and trustworthy service providers.” Membership to Maza is by invitation only and comes with a fee, he added.
Another Russian-language cybercrime forum called Verified was abruptly resurrected after sitting dormant for some time with unknown administrators and new domains, Flashpoint said. By Feb. 18[sup]t[/sup], the new forum’s new leadership started deanonymizing Verified’s former operators, raising suspicions among its user base.
Another forum, Exploit, reportedly suffered a compromise this week, and a member of the forum warned other users to “be careful with registered emails across multiple forums,” Flashpoint reported.
Read more: https://threatpost.com/cyberattackers-ta...ms/164511/