Armand here, RPost’s product evangelist, with my armadillo sporty and e-security message of the week – a message about creativity in sports, cybercrime, and in techy names.
It struck me thinking about the tactics of FIN7, an infamous Russian cyber hacker cabal. In particular, how they have maintained their creativity for a decade. For those not in the know, FIN7 is reported to have tricked, lured, or ransomed payments totaling $3 billion mainly from… retail, restaurant, hospitality, software, consulting, financial services, medical equipment, cloud services, media, food and beverage, transportation, and utilities companies in the United States (seemingly, from people across all industries). Now they are shifting to what they call big game hunting (and we’re not talking big hockey games, more on that later). Big game hunting (BGH) for these cybercriminals means investing in a team-based, creative, patient approach to building their lures in a targeted manner, steal big bucks.
Evidence of FIN7’s latest in creativity: They scoured keyword search data to see trends then put the pieces together to exploit these trends. In their latest, they’ve built on the trend of people searching for deep fake AI generators (software that makes it easy for anyone to create a deep fake AI clone of someone with simply a still photo of that person and 3-seconds of sound (the Microsoft VASA-1 project shows the art of the possible – a must see!).
They have figured out that hundreds of thousands of people are searching on Deep Fake Generator or iterations of this term and have built many websites. These sites look legitimate, are launched with aged domains (to get past reputation filters), and they make it seem simple for people to sign up for a free trial, upload a photo, and receive an AI-generated deep fake of the person in the uploaded photo. The only problem for the unsuspecting is, the download to access the deep fake comes with a hidden virus surprise that siphons off all your passwords and sends them to FIN7. With your passwords and browser cookies, they can spin up their attack, depending on what they find.
They have figured out that hundreds of thousands of people are searching on Deep Fake Generator or iterations of this term and have built many websites. These sites look legitimate, are launched with aged domains (to get past reputation filters), and they make it seem simple for people to sign up for a free trial, upload a photo, and receive an AI-generated deep fake of the person in the uploaded photo. The only problem for the unsuspecting is, the download to access the deep fake comes with a hidden virus surprise that siphons off all your passwords and sends them to FIN7. With your passwords and browser cookies, they can spin up their attack, depending on what they find.
And, at our last count, there are 152 of these creative, hyper-skilled cybercriminal gangs operating cabal-like with various types of focus in various geographical regions.
[To learn more about this and other cybercriminal impersonation schemes, join the RPost product security webinar – register here to attend or receive recording.]
FIN7 isn’t the only one who is creative. Some sports teams are (in name and/or in play). Think “Los Angeles Galaxy” as an early Major League Soccer team name. Pretty creative name, huh? Second to none, other than if there was a team named “Universe” 😉. Then comes along a newer team in the league, “Los Angeles Football Club”. Pretty boring name (my humble armadillo opinion), right?
What about hockey? October 8th marked the opening day to the National Hockey League (NHL) season.
Think Chicago Blackhawks. Cool and creative name. New creative players. Will they be resurgent? The Chicago Blackhawks have won the Stanley Cup three times within the past 15 years, yet have been on a downfall in recent seasons, sometimes not even making it to the playoffs. This past offseason they have added several prominent players, some with a lot of experience, such as Taylor Hall and Nick Foligno, and also a younger ultra creative player, 19-year-old Connor Bedard, who amazingly went first overall in the 2023 NHL draft. Although the Blackhawks are looking strong and could look to get back to the past with their success, the opening game did not go as planned, losing to the new Utah Hockey Club expansion team 5-2.
Utah Hockey Club. Hmm… Pretty boring name (again, my humble armadillo opinion). Based in Salt Lake City, besides an awful team name with no creativity, they have had an amazing start to the season, remaining undefeated with their first three wins. Part of their early success is thanks to their first ever captain, Clayton Keller. Starting off with three goals and three assists, in their opening three games, he seems to be a problem down in Utah. If Keller can stay consistent with his early season form, I can provide an armadillo guarantee: the Utah Hockey Club will stay on top throughout this NHL season and cause problems within the league, potentially even breaking the record of most wins in their debut season, currently held by the Las Vegas Golden Knights (creatively named) at 51 wins.
The Colorado Avalanche. Another cool and creative name. Will they live up to it with creative play?
The Colorado Avalanche have displayed their strengths and talents in recent seasons, even winning the Stanley Cup in 2022, but will it continue into this season? Currently, they are in last place for the division with 2 losses; even though they have scored four goals in both games, they keep falling short. Nevertheless, they still have creative playmakers on the ice, Cale Makar, Mikko Rantanen, and Nathan MacKinnon, who can hopefully help the Avalanche get out of their early slump. Despite the weak start to the season, I believe the Colorado Avalanche have the potential to make it far into the playoffs (like they usually do) if they can execute their talents properly since they have all the creative skaters required to do so.
Let’s talk RPost’s security suite name: PRE-Crime™. Creative, right? What does it do? It PRE-empts Cyber Crime. Sort of like in the famous Tom Cruise Minority Report movie, there the PRE-COGS anticipate and pre-empted future crimes. Here, RPost is identifying and pre-empting future cybercrimes.
Bottom line, while you may enjoy the creativity of sports team names and professional hockey player game play, you have to also respect the creativity of these cybercriminal gangs, like FIN7.
Respecting FIN7’s approach means learning about the type of things that you can do to pre-empt them, like for one, deploying RPost’s PRE-Crime AI-infused threat intelligence, impersonation detection, and cybercrime pre-emption technology.
October 14, 2024
October 08, 2024
October 04, 2024
October 01, 2024
September 24, 2024
Blog