The Intelligence Corner

Our experts’ unique discoveries, observations, and opinions on what’s trending today in Business Risk Intelligence and the Deep & Dark Web.

Blog

Linguistic Analysis of WannaCry Ransomware Messages Suggests Chinese-Speaking Authors

Since the May 12, 2017, “WannaCry” ransomware worm attack, researchers have struggled with the question of attribution. As of this writing, a number of researchers have linked the activity to the suspected North Korean-affiliated “Lazarus Group” due to similarities in the code and the infrastructure. Flashpoint analysts conducted similar analyses, but also included a linguistic […]

Read more

Diaries of a Fraudster

By FP_Analyst
May 11, 2017

Last week, a fraudster published his own “diary” on the Deep & Dark Web. As far as the typical excitement of reading someone else’s diary goes, it’s a little disappointing. But in terms of providing insight into the mind of a fraudster, there are some juicy tidbits that detail the individual’s rise and maturation as […]

Read more

Threat Actors Leverage “Phonecord” Bot to Harass Victims

Although the majority of cyber threat actors are fueled by the desire for financial or political gain, some actors lack traditional motivations altogether. Often referred to as “attention-seekers”, these actors’ malicious activities are driven typically by nothing more than a desire to attract attention by causing chaos for their own amusement. Despite their reputation for […]

Read more

Dataset from “xDedic” Marketplace Suggests Government, Corporate RDP Servers Targeted

April 25, 2017

Background The xDedic marketplace is a predominant cybercriminal marketplace on the dark web known for hosting sales of access to compromised Remote Desktop Protocol (RDP) servers. RDP is Microsoft’s proprietary protocol that provides users with a graphical interface to connect to another computer over a network connection. System administrators frequently use RDP to control servers […]

Read more

Large Protests Expected for May Day 2017

The origins of International Workers’ Day, also known as May Day, stem from an 1880s Chicago-based movement by labor unions to force the adoption of eight-hour work days. May 1, 1886, is considered the first official International Workers’ Day, which included several days of protests, violent clashes with police, and heavy anarchist involvement during the […]

Read more

Cybercrime Economy: An Analysis of Cybercriminal Communication Strategies

April 19, 2017

Malicious actors’ widespread preference for encrypted tools and services continues to fuel the ongoing debate over encryption. While jihadist groups such as ISIS first drew public attention to the issue during the high-profile battle between the FBI and Apple over the mobile phone belonging to one of the San Bernardino shooters in 2015, various threat […]

Read more

Jihadists and Vault 7: What it Means for the Rest of Us

April 17, 2017

The so-called Vault 7 files released by Wikileaks that describe the Central Intelligence Agency’s electronic surveillance and cyber warfare capabilities continue to attract a significant amount of attention. In addition to the numerous reports and news stories about the leaks and associated consequences, some researchers have even gone so far as to draw connections between […]

Read more