- June 16, 2020
- Duration: 50 min
In October 2017, Group-IB’s Threat Intelligence & Attribution (TI) specialists detected the activity of the threat actor known as Fxmsp, who at the time was starting to sell access to various corporate networks belonging to different companies around the world. In just over three years, Fxmsp managed to penetrate networks in more than 44 countries and put access to 135 networks on sale on underground forums. Group-IB estimates that Fxmsp made at least $1.5 million while active.
Group-IB’s TI specialists tracked Fxmsp’s movements in the Russian-speaking underground from the moment he registered on the first forum in September 2016 to when he ceased all public activity in 2019.
In this webinar we will cover:
- What tactics Fxmsp used to get access to corporate networks and persist in infected systems
- The evolution of Fxmsp’s activity
- The victim portfolio, including geographical scope and industries
- How we were able to identify the potential face behind the Fxmsp mask
Questions?
Contact
Questions?
Contact
Presenters

Dmitry Shestakov
Head of Cybercrime Research
Group-IB is one of the leading providers of solutions aimed at detection and prevention of cyberattacks, online fraud, and IP protection. Group-IB Threat Intelligence & Attribution system was named one of the best in class by Gartner, Forrester, and IDC.
Group-IB’s technological leadership is built on the company’s 17 years of experience in cybercrime investigations worldwide and 65,000 hours of incident response accumulated in our leading forensic laboratory and 24/7 CERT-GIB.
Group-IB is a partner of INTERPOL, Europol, and a cybersecurity solutions provider, recommended by SWIFT and OSCE. Group-IB is a member of the World Economic Forum.
Learn more