It was once the case that only governments had the technical ability to penetrate secure data, telecoms networks and the devices connected to them. The threat now posed by private firms with cyber capabilities that rival the world’s most skilled spy agencies, is not widely known. The lucrative spy-for-hire industry targets people and organizations with aims to collect their intelligence information and monitor/analyze them to infiltrate their tech devices. These operations will silently get their victims to unwittingly reveal information and hance compromise their devices and accounts.
One such of these is an emerging cybercrime organization called the Atlantis Cyber-Army or the Atlas Intelligence Group (AIG). AIG offers a range of services, including exclusive data leaks, DDoS attacks, and Remote Desktop Protocol (RDP) exploits. This criminal group operates on a for-hire basis and seeks to recruit cyber mercenaries that conduct specific illicit activities that are pieces of larger cyber campaigns.[1]
AIG's business model appears to take advantage of the growing number of hacker-for-hire groups that have begun surfacing all over the world in recent years. The groups, many of which operate out of India, Russia, or the United Arab Emirates, specialize in breaking into target networks, stealing data, and carrying out a variety of other malicious activities on behalf of the clients who hire them. Another example of such a group is Russia-based "Void Balaur," a cyber-mercenary group that researchers at Trend Micro have linked to attacks on thousands of organizations and individuals for several years.[2]
Organized threat groups tend to follow a similar path in which they recruit individuals with certain desirable capabilities that can benefit the group’s agenda. AIG is different from this model by outsourcing specific aspects of an attack to mercenaries, who are not responsible or involved in the rest of the attack. Each actor focuses on a specific piece of the attack and multiple different individuals may be involved. Their activities include Ransomware-as-a-Service (RaaS) exploits which can involve multiple threat actors, each being paid a percentage of any extorted funds or digital assets stolen.
What makes AIG unique is it outsources specific aspects of an attack to mercenaries who have no further involvement in an attack. The group is understood to have targeted various sectors, including education, finance, government entities, manufacturing and technology, and published leaked databases for sale on the Dark Web, with a starting price from little as 15 Euros.
AIG offers premium services that demand more skill and demonstrate the group’s sophistication, researchers said. One of these products is hacked panels and initial access to organizations, with prices for these services starting from about $1,000. The group also offers “VIP services” that claim ties to people in law-enforcement positions across Europe that can give customers access to sensitive information about specific individuals.
AIG's model appears designed to ensure a high level of operations security for its leaders by keeping them segregated from those doing the criminal hacking activity.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization and cautions contacting the AIG threat group. Unless you want to contact the ‘real” AIG – the American International Group, Inc. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs. com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www. redskyalliance. org/
- Website: https://www. wapacklabs. com/
- LinkedIn: https://www. linkedin. com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
[1] https://www.cybersecurityintelligence.com/blog/mercenary-cyber-spies-for-hire-6450.html
[2] https://www.darkreading.com/threat-intelligence/aig-threat-group-launches-unique-business-model
Comments