Jihadi Cybercrime

Uploaded on 2016-11-30 in NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW, TECHNOLOGY--Hackers

While monitoring closed platforms that propagate an Islamic State agenda, hacking lessons, focusing on spam and phishing methods, were found by Israeli security firm Sensecy

Many discussions in the technical sections of closed platforms affiliated with the Islamic State deal with the implementation of information security awareness among its members, therefore discussions regarding offensive capabilities are rare on these platforms, and the shared materials are basic and elementary. 

However, the fact that individuals on these platforms are becoming more aware of spam and phishing methods is a worrying development indicating interest among pro-IS hackers to become involved in cybercrime.

In one discussion regarding the establishment of hacking lessons, the main goal was to teach members to implement methods of social engineering, like creating scam pages of popular platforms to steal victim details, such as login credentials, financial information and more. 

In addition, it was mentioned that stolen credit card information can be utilized for the benefit of the Islamic State by transferring money from victims’ accounts to jihadi cells around the world, or for purchasing powerful servers for carrying out cyber-attacks.

One hacking lesson that included a detailed review, with instructions and recommendations dealing with various subjects, such as stealing email lists from different platforms using Havij (a popular automatic SQL injection tool), creating fake messages that impersonate official emails and avoiding AV detections. The lesson received favorable comments. 

This is an interesting development, as closed platforms affiliated with the Islamic State do not usually focus on activity related to hacking and offensive cyber capabilities, such as sharing malware or malicious tools.

Blog.Sensecy.com                   New Cyber Tricks Make ISIS Sophisticated:

 

 

« Malware Makes ATMs 'spit cash'
US Navy Personnel Data Breached »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

StratoKey

StratoKey

StratoKey is an intelligent Cloud Access Security Broker (CASB) that secures your cloud and SaaS applications against data breaches, so you can do secure and compliant business in the cloud.

CONCERT

CONCERT

CONCERT is a Computer Emergency Response Team and cyber security information sharing network for companies, institutes and government in Korea.

Celare

Celare

Celare delivers DPI based network perimeter monitoring solutions with integrated Big Data security analytics and threat detection.

NEC

NEC

NEC offers a complete array of solutions to governments and enterprises to protect themselves from the threats of digital disruption.

ThreatMark

ThreatMark

ThreatMark provides fraud detection solutions for digital banking and payments.

ECOS Technology

ECOS Technology

ECOS Technology specializes in the development and sale of IT solutions for high-security remote access as well as the management of certificates and smart cards.

QSecure

QSecure

QSecure specializes in the provision of information security and risk management services.

Xilinx

Xilinx

Xilinx is the inventor of the FPGA, programmable SoCs, and now, the ACAP. We are building the Adaptable, Intelligent World.

Level39 (L39)

Level39 (L39)

Level39 is the world's most connected tech community, with over 200 tech startups and scaleups based onsite.

Human Security

Human Security

Human (formerly White Ops) Bot Mitigation Platform enables complete protection from sophisticated bot attacks across advertising, marketing and cybersecurity.

Maven Security Consulting

Maven Security Consulting

Maven Security Consulting helps companies secure their information assets and digital infrastructure by providing a wide range of customized consulting and training services.

Redwall Technologies

Redwall Technologies

Redwall provides cybersecurity expertise and technology to prevent and respond to emerging threats against mobile applications and connected infrastructures.

Rubrik

Rubrik

Rubrik helps enterprises achieve data control to drive business resiliency, cloud mobility, and regulatory compliance.

Ascent Solutions

Ascent Solutions

Ascent is built to help firms evolve their cybersecurity posture, modernize their Microsoft solutions, and accelerate their journey to the cloud.

Symbol Security

Symbol Security

Through situational learning, simulations, and a gamified user experience, Symbol strengthens the cyber awareness of employees and helps companies lower cyber risk.

5S Technologies

5S Technologies

5S Technologies is a regional IT solutions and services provider based in Cary, NC and serving the Carolinas.