Jihadi Cybercrime

While monitoring closed platforms that propagate an Islamic State agenda, hacking lessons, focusing on spam and phishing methods, were found by Israeli security firm Sensecy

Many discussions in the technical sections of closed platforms affiliated with the Islamic State deal with the implementation of information security awareness among its members, therefore discussions regarding offensive capabilities are rare on these platforms, and the shared materials are basic and elementary. 

However, the fact that individuals on these platforms are becoming more aware of spam and phishing methods is a worrying development indicating interest among pro-IS hackers to become involved in cybercrime.

In one discussion regarding the establishment of hacking lessons, the main goal was to teach members to implement methods of social engineering, like creating scam pages of popular platforms to steal victim details, such as login credentials, financial information and more. 

In addition, it was mentioned that stolen credit card information can be utilized for the benefit of the Islamic State by transferring money from victims’ accounts to jihadi cells around the world, or for purchasing powerful servers for carrying out cyber-attacks.

One hacking lesson that included a detailed review, with instructions and recommendations dealing with various subjects, such as stealing email lists from different platforms using Havij (a popular automatic SQL injection tool), creating fake messages that impersonate official emails and avoiding AV detections. The lesson received favorable comments. 

This is an interesting development, as closed platforms affiliated with the Islamic State do not usually focus on activity related to hacking and offensive cyber capabilities, such as sharing malware or malicious tools.

Blog.Sensecy.com                   New Cyber Tricks Make ISIS Sophisticated:

 

 

« Malware Makes ATMs 'spit cash'
US Navy Personnel Data Breached »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

it-sa 365

it-sa 365

it-sa 365 is a digital platform for connecting IT security vendors and experts with those who bear responsibility for IT security in management and technology.

Cyber Fusion Center - Maryville University

Cyber Fusion Center - Maryville University

Maryville University Cyber Fusion Center is a virtual lab for working on real-world cyber security challenges.

National Cyber Security Directorate (DNSC) - Romania

National Cyber Security Directorate (DNSC) - Romania

DNSC (formerly CERT-RO) is the Romanian national cyber security and incident response team.

Siscon

Siscon

Siscon delivers tailor-made compliance solutions that are based on the customer's specific wishes and reality and then supplement with many years of experience in the field.

Skurio

Skurio

Skurio create cost-effective, intuitive and powerful Cloud based solutions to identify threats, detect data breaches outside the network and automate the response.

Avira

Avira

Avira provide a portfolio of antivirus, security and performance applications for Windows, Android, Mac, and iOS.

Garrison Technology

Garrison Technology

Garrison SAVI® is a unique technology for secure remote browsing that can dramatically change the risk profile for enterprise cyber security.

White & Black

White & Black

White & Black are specialist corporate & technology lawyers based in London & Oxford.

eXate

eXate

eXate provides pioneering technology that empowers organisations to protect, control and manage their sensitive data centrally, providing a complete data privacy solution.

Havoc Shield

Havoc Shield

Havoc Shield is an all-in-one information security platform that includes everything a growing team needs to secure their remote workforce.

Palitronica

Palitronica

Palitronica build cutting-edge hardware and breakthrough software that revolutionizes how we defend critical infrastructure and key resources.

Serbus

Serbus

Serbus Secure is a fully managed suite of secure communication, enterprise mobility and mobile device security tools.

Royal United Services Institute (RUSI)

Royal United Services Institute (RUSI)

The Royal United Services Institute is an independent think tank engaged in cutting edge defence and security research. Areas of research include cyber security and resilience.

Delta Partners

Delta Partners

Delta Partners is a venture capital firm investing in Ireland and the United Kingdom with a strong focus on early stage technology companies.

iomart Group

iomart Group

iomart is a cloud computing and IT managed services business providing secure hybrid cloud, network connectivity, data management, and digital workplace capability.

ThreatDown

ThreatDown

ThreatDown, powered by Malwarebytes, is on a mission to overpower threats and empower IT by removing the complexity of detecting and stopping today’s most advanced threats.