Jihadi Cybercrime

While monitoring closed platforms that propagate an Islamic State agenda, hacking lessons, focusing on spam and phishing methods, were found by Israeli security firm Sensecy

Many discussions in the technical sections of closed platforms affiliated with the Islamic State deal with the implementation of information security awareness among its members, therefore discussions regarding offensive capabilities are rare on these platforms, and the shared materials are basic and elementary. 

However, the fact that individuals on these platforms are becoming more aware of spam and phishing methods is a worrying development indicating interest among pro-IS hackers to become involved in cybercrime.

In one discussion regarding the establishment of hacking lessons, the main goal was to teach members to implement methods of social engineering, like creating scam pages of popular platforms to steal victim details, such as login credentials, financial information and more. 

In addition, it was mentioned that stolen credit card information can be utilized for the benefit of the Islamic State by transferring money from victims’ accounts to jihadi cells around the world, or for purchasing powerful servers for carrying out cyber-attacks.

One hacking lesson that included a detailed review, with instructions and recommendations dealing with various subjects, such as stealing email lists from different platforms using Havij (a popular automatic SQL injection tool), creating fake messages that impersonate official emails and avoiding AV detections. The lesson received favorable comments. 

This is an interesting development, as closed platforms affiliated with the Islamic State do not usually focus on activity related to hacking and offensive cyber capabilities, such as sharing malware or malicious tools.

Blog.Sensecy.com                   New Cyber Tricks Make ISIS Sophisticated:

 

 

« Malware Makes ATMs 'spit cash'
US Navy Personnel Data Breached »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

National Response Centre for Cyber Crime (NR3C)

National Response Centre for Cyber Crime (NR3C)

National Response Centre for Cyber Crime (NR3C) is a law enforcement agency in Pakistan dedicated to fighting cyber crime.

Qolcom

Qolcom

Qolcom is a leading UK based integrator of secure wireless network and mobile device management solutions.

Napatech

Napatech

Napatech develops and manufactures high speed network accelerators specifically designed for real-time network monitoring and analysis applications.

ClickDatos

ClickDatos

ClickDatos specializes in consulting, auditing, data protection training, accredited by ISO/IEC 27001 certification.

HackCon Norway

HackCon Norway

HackCon is for the people who are interested in technology, psychology, IT and security, and who wants to improve their knowledge within these areas.

Dcoya

Dcoya

Dcoya's complete security awareness training program gives you out-of-the-box compliance with PCI-DSS, HIPAA, SOX and ISO regulations.

Redstor

Redstor

Redstor's complete data management helps you discover, manage and control your data from a single control centre, unifying backup and recovery, disaster recovery, archiving and search and insight.

CyberEdBoard

CyberEdBoard

CyberEdBoard is a private, peer-to-peer education and networking community focused on cybersecurity, technology, business processes and risk management.

Cybermerc

Cybermerc

Cybermerc's services, training programmes and cyber security solutions are designed to forge collaborations across industry, government and academia, for collective defence of our digital borders.

VeriClouds

VeriClouds

VeriClouds is a password verification service that helps organizations detect compromised passwords and stop account takeover attacks.

Ostendio

Ostendio

Ostendio is a cybersecurity and information management solutions provider that develops affordable compliance solutions for digital health companies and other regulated entities.

TWC IT Solutions

TWC IT Solutions

Since 2011, TWC IT Solutions has offered managed IT Support, Cybersecurity, Disaster Recovery, Contact Centre and Business Connectivity services to clients across 24 countries globally.

SE Ventures

SE Ventures

SE Ventures provides capital to big ideas and bold entrepreneurs who can benefit from Schneider Electric's deep domain expertise, R&D assets, and global customer base.

Raito

Raito

Raito's unique solution integrates with the data development process and lets data teams monitor, manage, and automate data security across the data stack.

Nova Microsystems

Nova Microsystems

Nova's mission is to revolutionize cybersecurity through continuous data analysis and dynamic AI-driven encryption.

NetBird

NetBird

NetBird combines a WireGuard-based overlay network with Zero Trust Network Access, providing a unified platform for reliable and secure connectivity.