Thursday, May 25, 2017

Free Online Payment System Credentials: Contact Señor

Wapack Labs analysts exposed a threat to the financial sector, one who is actively posting in several clear web and underground forums. Within these forums, the actor creates threads of free, downloadable log-in credentials, for an online payment system. Analysts assess that it is likely that the actor is brute-forcing the accounts to obtain the passwords. A brute force attack is a trial and error method used by application programs to decode encrypted data such as passwords - highly effective if the account uses simple passwords. The language, emails, and passwords indicate that the actor is a Spanish or Portuguese speaker, likely operating in South America...READ MORE

Wapack Labs has cataloged and reported extensively on Spanish speaking, threat actors in the past. An archive of related reporting can be found in the Red Sky Alliance portal.