acm-header
Sign In

Communications of the ACM

ACM TechNews

Ransomware Gang Masquerades as Real Company to Recruit Tech Talent


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
A Colonial Pipeline substation.

The Colonial Pipeline system was hacked using software believed to have been built by Fin7, which has since set up a fake company to recruit employees, security researchers say.

Credit: Mike Stewart/Associated Press

Researchers at Microsoft and the intelligence firm Recorded Future said the ransomware group Fin7 has established a counterfeit company to recruit potential technology talent.

The researchers said the false company uses the name Bastion Secure, which claims on its Website to sell cybersecurity services.

Federal prosecutors and researchers said Fin7 is thought to have hacked hundreds of businesses, stolen over 20 million customer records, and written software used in the Colonial Pipeline breach that disrupted gasoline delivery in the Southeastern U.S.

The researchers said the recruitment effort appears focused on Russian speakers, and masquerading as a legitimate company to hire employees marks a new strategy by ransomware purveyors.

From The Wall Street Journal
View Full Article - May Require Paid Subscription

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account