Cyberwarzone

GLOBAL SITUATIONMONITORING
482 published briefsUTCSun, Apr 5 18:47:33
Intelligence Domain

Cybercrime & Underground Economy

Coverage of dark web markets, ransomware ecosystems, fraud operations, financial crime services, monetization tactics, and the evolving underground economy driving global cybercriminal activity.

28 intelligence briefs← Intelligence Hub
  • Phishing Campaign Targets Travel Websites

    Phishing Campaign Targets Travel Websites

    A Russian-speaking threat group launched a sophisticated phishing campaign, creating over 4,300 fake travel websites to steal payment information from hotel guests.

    Lara De Jong
    1–2 minutes
  • What is Operation Endgame?

    What is Operation Endgame?

    Operation Endgame is a major international law enforcement initiative aimed at disrupting and dismantling significant cybercrime infrastructure globally, targeting widespread malware families, botnets, and other illicit tools.

    Elles De Yeager
    2–3 minutes
  • What is Rhadamanthys Infostealer?

    What is Rhadamanthys Infostealer?

    Rhadamanthys Infostealer compromises digital security by illicitly acquiring sensitive user data. This sophisticated malicious software operates as a Malware-as-a-Service (MaaS), posing a significant threat to individuals and organizations. It facilitates widespread credential theft and financial exploitation. This report examines Rhadamanthys’ operational mechanisms, its propagation methods, and the broader implications of its activities, including recent efforts…

    Reza Rafati
    2–3 minutes
  • Understanding Package Registry Flooding

    Understanding Package Registry Flooding

    Package registry flooding is a cyberattack where threat actors overwhelm software package repositories with fake entries to hide malicious content, erode trust, and create vulnerabilities in the software supply chain. This article details its operation, impact, and mitigation strategies.

    Lara De Jong
    3–4 minutes
  • What is an npm Worm?

    What is an npm Worm?

    An npm worm is a self-propagating campaign that exploits the npm registry by distributing fake or deceptive software packages to flood the registry. These financially motivated campaigns often use automated means, deceptive naming schemes, and self-propagating mechanisms to proliferate and obscure legitimate packages within the software supply chain, posing a significant risk to its integrity…

    Elles De Yeager
    3–4 minutes
  • “Lighthouse” Phishing Kit Powers Global Smishing Attacks

    “Lighthouse” Phishing Kit Powers Global Smishing Attacks

    The ‘Lighthouse’ Phishing-as-a-Service (PhaaS) is a sophisticated cybercrime operation that enables extensive SMS phishing (smishing) attacks, impacting millions globally by illegally obtaining sensitive user credentials and banking details.

    Peter Chofield
    1–2 minutes
  • Global Fraud Rings Explained

    Global Fraud Rings Explained

    Global fraud rings are highly organized, transnational criminal enterprises that use intricate networks and sophisticated tactics to illicitly acquire money, assets, or sensitive information from individuals, corporations, and national economies across international borders.

    Reza Rafati
    2–3 minutes
  • What is Phishing-as-a-Service (PhaaS)?

    What is Phishing-as-a-Service (PhaaS)?

    Phishing-as-a-Service (PhaaS) evolves the cybercrime landscape, mirroring legitimate Software-as-a-Service (SaaS) models. PhaaS offers accessible tools and infrastructure, letting even novices launch sophisticated phishing attacks to steal data and money.

    Lara De Jong
    2–3 minutes