- Security Assessment
- Red Teaming
- Compliance Audit
- Pre-IR Assessment
- Compromise Assessment
- Cyber Education
- GIB Crypto
where Fxmsp struck
were hit, 8.9% of which were state-owned. Light industry, IT, and Retail were the most common targets
Estimated earnings of the threat actor based on his public lots
Active on underground forums
Follow the hacker from his first posts requesting for technical help and first victims to him earning the nickname «invisible god» in compromised networks.
Learn how he gained access to networks and what was unique about his attacks; how he prepared for and accomplished network persistence, and compromised back up servers; and how to protect your business from similar attacks.
Follow the steps Group-IB Threat Intelligence & Attribution experts took to unmask the hacker. See how top-tier technology and analytical tools helped find out who was hiding behind the famous nickname.
At the time of writing, Fxmsp is no longer publicly active. It remains uncertain, however, whether he is still breaking into company networks and selling access to them. Given the risk, Group-IB Threat Intelligence & Attribution experts decided to release this report, share its expanded version with international law enforcement agencies, and make our materials on Fxmsp’s TTPs accessible to the general public.
Group-IB’s security ecosystem provides comprehensive protection for your IT infrastructure based on our unique cyber intelligence and deep analysis of attacks and incident response.
Аctionable, finished intelligence to track actors and prevent attacks before they happen
Comprehensive solution to protect corporate network, hunt for threats and respond to even the most complex cyber attacks
Client-side digital identity protection and fraud prevention in real time
Al-driven online platform for external digital risk identification and migration