Russian Cyber Underground: Genesis and Anatomy of the Dark Web Forum Infinity

Executive Summary The Yarix Cyber Threat Intelligence (YCTI) team analysed the genesis and anatomy of a brand-new forum operating in the Russian cyber underground: the Infinity Forum. Infinity is a recently appeared cyber creature founded by KillMillk (former head of the pro-Russia hacktivist group Killnet) and  engineered by Russian hacktivists. It is officially operative since January 2023, but its embryonic traces can...

The Foreigner – A (not so) quick and dirty drop box for Red Teamers

Some time ago, the Yarix Red Team was engaged on a red team assessment that included an onsite activity to test the physical security posture of the Customer. Although we would have used social engineering tactics to physically enter the Customer property, this would have given us a too short amount of time to stay connected to its internal network...

Advanced Phobia

Ransomware Gang Details Phobos ransomware, first discovered in December 2018, is another notorious cyber threat actor which targets businesses. Phobos is popular among threat actors because of its simple design. In addition, the Greek god Phobos was thought to be the incarnation of fear and panic: the gang’s name was likely inspired by him. Phobos is a ransomware infection that spreads through hijacked...

Phobia

Ransomware Details Phobos ransomware, first discovered in December 2018, is another notorious cyber threat that targets businesses. Phobos is popular among threat actors of various technical abilities because of its simple design. In addition, the Greek god Phobos was thought to be the incarnation of fear and panic; hence the name Phobos was likely inspired by him. Phobos is a ransomware infection that...