All resources by Group-IB

Explore the world of
cybersecurity in one place

Our Resource Center brings together expert reports, real-world success stories, engaging webinars, insightful podcasts, hands-on videos, and up-to-date blog content to help you stay informed, empowered, and ready to tackle today’s digital threats

Reports

Success Stories

Webinars

Podcasts

Videos

Blogs

Investigations

Ransom Notes

Threat Actors

Reports

Success Stories

Webinars

Podcasts

Videos

Blogs

Investigations

Ransom Notes

Threat Actors

Browse Group-IB Resources

Enter your query in the search bar

Group-IB x Trusttech

Group-IB x Trusttech

Securing digital trust in Uzbekistan's financial sector

Multi-Stage Phishing Kit

Uncovering a Multi-Stage Phishing Kit Targeting Italy’s Infrastructure

Group-IB researchers uncovered a professional phishing framework that mimics trusted brands with remarkable precision. Using layered evasion, CAPTCHA filtering, and...

Business Email Protection Spotlight

Business Email Protection Spotlight

Discover the New Era of Group-IB’s Business Email Protection

Ghosts in /proc: Manipulation and Timeline Corruption

Discover how attackers could manipulate the Linux /proc filesystem to hide malicious processes and distort forensic timelines. This technical deep...

Detecting the NPM Supply Chain Compromise Before It Spread

Discover how Group-IB’s Business Email Protection (BEP) could prevent an NPM supply chain compromise by detecting the initial phishing email...

The Illusion of Wealth: Inside the Engineered Reality of Investment Scam Platforms

This blog details online investment scam campaigns, including fraudulent cryptocurrency, forex, and trading platforms, while offering a technical investigation guide...

oilrig default image

MuddyWater & OilRig: The Cyber Espionage Playbook

As digital infrastructure becomes the backbone of global economies, cyber espionage has quietly evolved into one of the most powerful...

Unmasking MuddyWater’s New Malware Toolkit Driving International Espionage

Group-IB Threat Intelligence has uncovered a sophisticated phishing campaign, attributed with high confidence to the Advanced Persistent Threat (APT) MuddyWater....

Exposing the Immediate Era Fraud in Singapore

Group-IB’s Threat Intelligence Report on a Singapore-Targeted Scam Operation

East-west tension: Are NDR vendors monitoring the wrong traffic?

Most NDR deployments focus on perimeter traffic. Meanwhile, attackers move laterally inside networks. Here’s why east-west visibility is the blind...

Intelligence Insights Report, September 2025

Intelligence Insights Report, September 2025

Explore the most notable cybersecurity events in the region and the best practices

Europe Intelligence Insights, September 2025

Europe Intelligence Insights, September 2025

In recent months, the manufacturing, construction, and IT sectors faced fresh ransomware campaigns. Hacktivist collectives stepped up their DDoS assaults...

A new weapon against payment fraud: Unique threat intelligence for anti-fraud teams

Group-IB’s Suspicious Payment Details module for Threat Intelligence delivers payment identifiers tied to ransomware, illegal casinos, and laundering schemes. Fraud,...

Top 7 Cybersecurity Newsletters Worth Your Inbox

Your inbox deserves better than spam. Here are 7 cybersecurity newsletters that actually inform and make you a little smarter...

The Voice of Fraud: Deepfake Vishing and the New Age of Social Engineering

The Voice of Fraud: Deepfake Vishing and the New Age of Social Engineering

Group-IB’s Fraud Protection team examines the rise of deepfake vishing attacks and caller ID spoofing, exposing how cybercriminals exploit AI...

Joystick to Jailbreak

Joystick to Jailbreak: Exploring the Youth Cybercrime Pandemic

Forget everything you think you know about hackers. Today’s cybercriminals aren’t lurking in shadowy basements - they’re teenagers mastering cheat...

Market Guide for Digital Forensics and Incident Response Retainer Services

Market Guide for Digital Forensics and Incident Response Retainer Services

A downward consequence of evolving businesses today: 600 million cyberattacks happen daily. The need for better preparedness is urgent. But,...

Group-IB recognized in Forrester’s APAC Fraud Management Landscape

Group-IB recognized in Forrester’s APAC Fraud Management Landscape

Group-IB has been named a Notable Vendor in The Enterprise Fraud Management Solutions in Asia Pacific Landscape, Q2 2025. The...

Tracking MuddyWater in Action: Infrastructure, Malware and Operations during 2025

The blog provides an in-depth look at MuddyWater’s evolution in tooling, targeting, and infrastructure management, suggesting a more mature and...

META Intelligence Report, August 2025. Cyber Threat Intelligence Across Middle East, Türkiye, Africa & Pakistan

META Intelligence Report, August 2025. Cyber Threat Intelligence Across Middle East, Türkiye, Africa & Pakistan

Group-IB’s latest intelligence report highlights key cybersecurity developments from August 2025, focusing on global threats with regional impact. From targeted...

APAC Intelligence Insights Report, August 2025

APAC Intelligence Insights Report, August 2025

Discover key cybersecurity development shaping the Asia-Pacific (APAC) region for August 2025.

Intelligence Insights Report, August 2025

Intelligence Insights Report, August 2025

Explore the most notable cybersecurity events in the region and the best practices

Europe Intelligence Insights Report, August 2025

Europe Intelligence Insights Report, August 2025

Italian defense and security data leaked. New ransomware groups make their presence known. Acts of retribution against governments in Germany,...

APAC Intelligence Insights Report, July 2025

APAC Intelligence Insights Report, July 2025

Explore our insights on the most notable cybersecurity events in the Asia-Pacific (APAC) region for July 2025.

Hacktivist at War: The Cambodia-Thailand Cyber Escalation July-August 2025

Hacktivist at War: The Cambodia-Thailand Cyber Escalation July-August 2025

Hacktivist cyber attacks often rise in parallel when conflict between nations arise. Understand the common tactics, techniques and procedures that...

Group-IB x Croatian National CERT

Group-IB x Croatian National CERT

Learn how Croatia's national cybersecurity authority used Group-IB's Threat Intelligence platform to strengthen defense capabilities across five regulated sectors and...

top cybersecurity podcasts

10 Cybersecurity Podcasts to Add to Your Queue Now

From Deepfakes to Dark LLMs: 5 use-cases of how AI is Powering Cybercrime

AI in cybercrime is evolving fast, fueling AI phishing attacks, AI scam calls, AI voice cloning scams, and even AI...

ransomhub

RansomHub: From RaaS Kingpin to Cartel Mystery

When RansomHub, one of the most prolific ransomware groups, vanished overnight back in April, it sent shockwaves through the cybercriminal...

ShadowSilk: A Cross-Border Binary Union for Data Exfiltration

This blog describes attacks on victims in Central Asia and APAC. Research into the attack has identified a group also...

Trust issues: How email threats hide behind your partners

Trust issues: How email threats hide behind your partners

The most widely used email security tools still focus on yesterday’s threats. Meanwhile, attackers have moved on. By hijacking legitimate...

APAC Intelligence Insights H1-2025 Review & H2 Forecasts

APAC Intelligence Insights H1-2025 Review & H2 Forecasts

Stay ahead of the cyber threats in the Asia-Pacific (APAC) region! Join Group-IB’s experts for a live webinar on 23...

From Risk to Resilience: Redefining Cybersecurity as a Whole-of-C-Suite Priority

From Risk to Resilience: Redefining Cybersecurity as a Whole-of-C-Suite Priority

As cyber-attacks move beyond the IT department, threats such as Initial Access Brokers are reshaping how organisations across APAC think...

Classiscam en la region de LATAM

Classiscam en la region de LATAM

Descubre cómo opera Classiscam en América Latina en 2025. Conoce sus tácticas de estafa, el uso de bots en Telegram...

YouTube Video Preview

Attack Surface Management, explained

The attack surface of an organisation includes all the assets, systems.

Fraud Matrix 2.0 Webinar

Fraud Matrix 2.0 Webinar

Fraud Matrix 2.0 Webinar: Combatting Fraud with Intelligence

Evolving Mule Tactics in the META Region Banking Sector

Evolving Mule Tactics in the META Region Banking Sector

Discover how mule operators evolved in META-region banks—from IP masking to Starlink tactics with advanced GPS spoofing, SIM abuse, and...

YouTube Video Preview

Card Shops, Explained

In cybersecurity, a card shop is a type of underground market that sells specific types of data – dumps and...

META & Pakistan Intelligence Insights Report, July 2025

META & Pakistan Intelligence Insights Report, July 2025

Discover what shaped the threat landscape across the Middle East, Turkey, Africa (META), and Pakistan this July.

exposing investment scams blog

Exposing Investment Scams: AI Trading, Deepfake & Online Fraud

Discover how AI trading scams and deepfake scam videos fuel fake trading platforms. Discover how to spot investment scam signals...

YouTube Video Preview

Encryption, explained

Encryption converts readable data into an unreadable code, unless you possess the key.

The Anatomy of a Deepfake Voice Phishing Attack: How AI-Generated Voices Are Powering the Next Wave of Scams

Discover how AI voice deepfake vishing exploits trust, drains millions, and learn practical steps to detect and stop voice‑based scams.

Intelligence Insights Report, July 2025

Intelligence Insights Report, July 2025

Explore the most notable cybersecurity events in the region and the best practices

Europe Intelligence Insights Report, July 2025. Intelligence That Defeats The Enemy.

Europe Intelligence Insights Report, July 2025. Intelligence That Defeats The Enemy.

Crypto holders in Europe - tax declarations may drain your funds. Apparel, retail, and luxury businesses - stay alert. Companies...

Your Gateway To Proactive Defense: Operationalizing Cyber Threat Intelligence (CTI)

Your Gateway To Proactive Defense: Operationalizing Cyber Threat Intelligence (CTI)

Unlock the real power of CTI. Join experts live to learn how to turn cyber threat data into actionable defense...

Unmasking Cyber Fraud in the Middle East and Beyond

In this segment, we dive into the evolving deepfake threats targeting organizations across the Middle East and beyond. Key highlights...

Intelligence Insights Webinar: Cyber Threat Landscape in META & Pakistan

Intelligence Insights Webinar: Cyber Threat Landscape in META & Pakistan

Join us for an exclusive intelligence briefing as Group-IB experts reveal key findings from the monthly Intelligence Insights Reports covering...

Сyberseсurity Ultimate Assessment Guide: Part 2. Human-Centric Assessements

Сyberseсurity Ultimate Assessment Guide: Part 2. Human-Centric Assessements

Assess and strengthen your team's cybersecurity readiness with Group-IB's expert guide

UNC2891 Bank Heist: Physical ATM Backdoor & Linux Forensic Evasion

Deep dive into UNC2891’s multi‑stage bank intrusion: Raspberry Pi ATM implant, bind mount evasion, Dynamic DNS C2, and a CAKETAP...

DragonForce: The Cyber Cartel Helping Hackers Hit the High Street

Empty shelves, lost customers, and hundreds of millions of pounds in lost profit are just some of the outcomes that...

YouTube Video Preview

Account Takeovers, Explained

Let's learn about account takeovers, their impact, and how to defend against them.

Predictive AI: The “Quiet Catalyst” Behind The Future of Cybersecurity

Think threat actors are unpredictable? The rise of intelligence-driven defense and the push for incident predictions might just give us...

MSSPs: Upgrade Your Service Stack with Group-IB’s Unified Risk Platform

MSSPs: Upgrade Your Service Stack with Group-IB’s Unified Risk Platform

Conventional tools won't cut it in a world where attackers evolve by the minute. With Group-IB, deliver future-ready cybersecurity capabilities—today....

Signed, Sealed, Altered? Deepdive into PDF Tampering

Uncovering the validity of a PDF by utilizing some of the tools and methods to detect changes made to a...

Fraud-Proof Your Security: How BioConfirm Protects iGaming Platforms and Players

Enable real-time, token-based account security that stops withdrawal fraud before your brand, players, and their revenue are compromised.

YouTube Video Preview

The Deep Web, Explained

Let's learn about the Deep Web.

Fake Receipts Generators: the rising threat to major retail brands

Scammers are using tools like MaisonReceipts to create fake receipts and exploit brands. Uncover how this growing fraud ecosystem works...

APAC Intelligence Insights Report, June 2025

APAC Intelligence Insights Report, June 2025

Gain a confident understanding on how to address APAC’s unique and evolving cyber threats.

Group-IB x Data Cloud Technology

Group-IB x Data Cloud Technology

Data Cloud Technology (DCT) partnered with Group-IB to enhance visibility, secure critical infrastructure, and evolve into a trusted MSSP (with...

APAC Intelligence Insights Report, May 2025

APAC Intelligence Insights Report, May 2025

Navigate APAC's unique and evolving threat landscape with our strategic insights.

YouTube Video Preview

XDR Product Update: Smart Alerts

Discover how Smart Alert in Group-IB Managed XDR consolidates thousands of alerts into one, cuts alert volume by 80%, and...

META & Pakistan Intelligence Insights Report, June 2025

META & Pakistan Intelligence Insights Report, June 2025

From hacktivist escalations to multi-stage malware threats — June 2025 witnessed a sharp rise in cyber risk across the META...

Combolists and ULP Files on the Dark Web: A Secondary and Unreliable Source of Information about Compromises

The blog is dedicated to the analysis of combolist and URL-Login-Password (ULP) files published on the dark web and establishing...

YouTube Video Preview

DDoS, Explained

Let's learn about DDoS attacks.

Authenticate Users, Secure Transactions: How BioConfirm Secures High-Stakes Banking Operations

Introducing BioConfirm - Enable real-time, token-based user account security that stops withdrawal fraud before your brand, customers’ trust, and revenue...

Exploiting Trust: How Signed Drivers Fuel Modern Kernel Level Attacks on Windows

Discover how attackers leverage Windows Kernel loaders and abuse digitally signed drivers to gain privileged access, disable security tools, and...

One attack, one alert: From thousands of signals to one clear story

Discover how Smart Alert in Group-IB Managed XDR consolidates thousands of alerts into one, cuts alert volume by 80%, and...

Operationalize Threat Intelligence

Operationalize Threat Intelligence

Your All-Hands E-Book On Operationalizing Cyber Threat Intelligence (CTI)

Figure 1. A screenshot of a deceptive message via Telegram requesting users to download a malicious app to receive financial assistance from the government in Uzbek (top) and translation in English (bottom).

June’s Dark Gift: The Rise of Qwizzserial

Discovered by Group-IB in mid-2024, the Qwizzserial, which was initially not very active, began to spread strongly in Uzbekistan, masquerading...

YouTube Video Preview

Zero Days, explained

Let's learn about zero days and how to defend against them.

Intelligence Insights Report, June 2025

Intelligence Insights Report, June 2025

Explore the most notable cybersecurity events in the region and the best practices

Europe Intelligence Insights Report, June 2025. Know What Threats Are Impacting Your Region – Before They Impact You.

Europe Intelligence Insights Report, June 2025. Know What Threats Are Impacting Your Region – Before They Impact You.

With a 240-fold increase in credential compromises caused by lesser-known malware and critical insights into ransomware, hacktivism, and DDoS activity,...

Account Takeover and Social Engineering: Frontlines Stories and Signals to Combat them

Account Takeover and Social Engineering: Frontlines Stories and Signals to Combat them

Join Group-IB and industry expert Hailey Windham for an in-depth exploration of the rapidly evolving threat landscape, where fraudsters are...

Middle East Cyber Escalation: From Hacktivism to Sophisticated Threat Operations

Regional Conflict Monitoring (June 13 - 20, 2025)

YouTube Video Preview

Endpoint Security, explained

Let's learn about endpoint security!

Digital Risk Highlights 2025: Scams Don’t Respect Borders

Digital Risk Highlights 2025: Scams Don’t Respect Borders

Discover how scams are evolving worldwide and what threats to watch for in your region — all in one visual...

Declaration trap: Crypto Drainers masquerading as European Tax Authorities

Scammers are using fake tax authority emails to deploy crypto drainers. Discover how the declaration trap works and how to...

Group-IB x PSR IT Solutions

Group-IB x PSR IT Solutions

How a fintech pioneer achieved PCI MPoC compliance and secured mobile payments across the globe

Phishing Evasion Tactics: Staying Online in LATAM

Phishing Evasion Tactics: Staying Online in LATAM

Descubre cómo los atacantes de phishing en LATAM evaden la detección mediante georrestricciones, filtrado por dispositivo y validación de identidad....

APAC Intelligence Insights Report, March 2025

APAC Intelligence Insights Report, March 2025

Prepare your APAC cybersecurity strategy for the region's unique and emerging threats. Navigate its complex cyber environment with essential intelligence...

lazarus

Lazarus: The State-Sponsored Hackers Who Never Log Off

In December 2014, Sony Pictures announced they were cancelling the release of Seth Rogan’s newest venture The Interview due to...

APAC Intelligence Insights Report, April 2025

APAC Intelligence Insights Report, April 2025

Arm your cybersecurity strategy with strategic intelligence to masterfully navigate APAC’s unique and ever-evolving threat landscape

Intelligence Insights Report, May 2025

Intelligence Insights Report, May 2025

Explore the most notable cybersecurity events in the region and the best practices

YouTube Video Preview

The Dark Web, explained

Let's learn about the dark web!

META Intelligence Insights Report, May 2025. Cutting-edge Threat Intelligence for the META Region and Beyond

META Intelligence Insights Report, May 2025. Cutting-edge Threat Intelligence for the META Region and Beyond

Stay ahead of the evolving cyber threat landscape with Group-IB's latest Intelligence Insights Report – May 2025. This edition delivers...

YouTube Video Preview

Botnets, explained

Let's learn about botnets and how to defend against them.

Europe Intelligence Insights Report, April 2025

Europe Intelligence Insights Report, April 2025

LATAM Intelligence Insights Report, April 2025 (English/Spanish)

LATAM Intelligence Insights Report, April 2025 (English/Spanish)

Discover how cybercriminals are evolving their tactics in Latin America

YouTube Video Preview

Phishing, explained

Let's learn about phishing and how to defend against it.

North America Intelligence Insights Report, April 2025

North America Intelligence Insights Report, April 2025

Uncover the latest cyber threats targeting North America with Group-IB’s monthly threat insights—tailored for security leaders who need to stay...

YouTube Video Preview

Ransomware, explained

Let's learn about ransomware and how to defend against it.

Disguised Cyber Risks On The Colombian Shore: The Insurance Trap

Uncover how cybercriminals in Colombia impersonate financial brands and exploit public data to craft convincing vehicle insurance scams.

golden factory

GoldFactory: The Cybercriminals Who Want to Steal Your Face

Meet GoldFactory — an elusive, Chinese-speaking cybercrime group operating in Asia. They're behind GoldPickaxe, the first-ever iOS banking Trojan, and...

Understanding Credential Harvesting via PAM: A Real-World Threat

Learn how attackers exploit Pluggable Authentication Modules (PAM) for credential harvesting—and discover defenses to harden Linux authentication.

How To Avoid Critical Integration Mistakes In Your Cybersecurity Stack

META April Intelligence Insights. Unmasking Threats. Powering Defenses.

META April Intelligence Insights. Unmasking Threats. Powering Defenses.

Stay ahead of the curve with Group-IB’s latest cyber intelligence insights for the META region and beyond. Our April edition...

Ransomware debris: an analysis of the RansomHub operation

This blog on RansomHub provides an overview into how this Ransomware-as-a-Service (RaaS) group operates, including its extortion tactics, affiliate recruitment...

YouTube Video Preview

Keyloggers, explained

Let's learn about keyloggers and how to defend against them.

Intelligence Insights Report, March/April 2025

Intelligence Insights Report, March/April 2025

Explore the most notable cybersecurity events in the region and the best practices

Toll of Deception: Where Evasion Drives Phishing Forward

Discover the latest phishing campaign targeting a major toll road service provider, where cybercriminals use sophisticated evasion techniques to bypass...

Europe Intelligence Insights Report, March 2025

Europe Intelligence Insights Report, March 2025

Does your current cybersecurity strategy account for new and emerging threats? If not, here’s what you need to know to...

Fast, smart, and private: Group-IB introduces AI Assistant

Our new LLM-powered chatbot is designed for efficiency and security. Discover how Group-IB AI Assistant enhances threat intelligence workflows and...

Unveiling Group-IB AI Assistant for faster and smarter access to Threat Intelligence

Unveiling Group-IB AI Assistant for faster and smarter access to Threat Intelligence

Would you like to transform your threat intelligence workflows and gain instant insights into the evolving cyber threat landscape? Our...

Typical Dark Web Fraud: Where Scammers Operate and What They Look Like

Since its discovery in February 2024, RansomHub has quickly become a dominant force in ransomware. As of now, according to...

Currently, there’s limited public information on this Masked Actors group. However, in May 2024, we uncovered the first iOS trojan,...

Lazarus is a notorious hacking organization of Masked Actors, known as an advanced persistent threat (APT) group. With links to...

This significant group of Masked Actors emerged initially in the Middle East and Asia. DragonForce has since expanded globally with...

OilRig is an Iranian state-sponsored cyber espionage group that’s been active for over a decade. While these Masked Actors operate...

MuddyWater is another hacker group of cyber spies. Believed to be a subset of Iran’s Ministry of Intelligence and Security...

New to the scene, Brain Cipher emerged halfway through last year. These Masked Actors quickly gained attention for their sophisticated...

Boolka’s evolving stealth tactics have made it a notable player within the Masked Actors community. This group’s ability to adapt...

This rapidly growing group of Masked Actors are part of an affiliation network, suggesting a bigger organized cybercrime operation. Ajina...

YouTube Video Preview

Let's learn about why using 2FA can help save you from a whole lot of trouble.

These Masked Actors are infamous for cloud-targeted cryptojacking, Secure Shell (SSH) brute-force attacks, and data theft. Over the years, Team...

CISOs Top Order Of Business: Cyber Risk Reduction & Management

For modern CISOs, cyber risk management and reduction are nonstop challenges. But this blog offers exactly what you need to...

Tendenze dei Crimini Informatici Avanzati del 2025

Tendenze dei Crimini Informatici Avanzati del 2025

Unisciti a noi per scoprire perché le aziende europee sono tra i bersagli principali degli APT, attacchi ransomware, schemi di...

SMS Pumping: How Criminals Turn Your Messaging Service into Their Cash Machine

Fraud Underbelly: Australia’s Digital Boom—A Fraudster’s Goldmine?

Know exactly how cybercriminals are orchestrating attacks on Australia’s citizens and digital assets, and why are they a lucrative target?

Frost & Sullivan’s 2025 Global Technology Innovation Leadership Award

Frost & Sullivan’s 2025 Global Technology Innovation Leadership Award

Frost & Sullivan has awarded Group-IB the 2025 Global Technology Innovation Leadership Award for redefining cybersecurity with cutting-edge threat intelligence...

The beginning of the end: the story of Hunters International

Learn about technical details on the ransomware and Storage Software tool, how the criminals use the affiliate panel as well...

Operation Nervone: The takedown of OPERA1ER

Operation Nervone: The takedown of OPERA1ER

Group-IB played a pivotal role in Operation Nervone, a multinational law enforcement effort led by INTERPOL and AFRIPOL, among others,...

Navigating Cybercrime Currents in Latin America: Strengthening the Region’s Defenses

Stripping down barriers of distance, language, and the unknown, Group-IB’s mission to fight cybercrime brings us to our latest frontier...

Group-IB x Sinority

Group-IB x Sinority

With Group-IB's solutions integrated into its portfolio, Sinority can now help its clients rapidly identify and respond to online threats.

Unmasking the Classiscam in Central Asia

Scams like Classiscam automate fake websites to steal financial data, exploiting digitalization’s rise in developing countries, making fraud both effective...

Intelligence Insights Report, February 2025

Intelligence Insights Report, February 2025

Explore the most notable cybersecurity events in the region and the best practices

Hunting Rituals #5: Why hypothesis-based threat hunting is essential in cybersecurity

Discover how hypothesis-driven threat hunting uncovered stealthy malware. Learn why having a dedicated in-house team or leveraging expert threat hunting...

APAC Intelligence Insights Report, February 2025

APAC Intelligence Insights Report, February 2025

The February 2025 edition of our monthly Intelligence Insights Report provides a detailed examination of the critical shifts and emerging...

2025 Trends in der Hightech Kriminalität

2025 Trends in der Hightech Kriminalität

Diskutieren Sie mit uns, warum die Unternehmen in Europa zu den Hauptangriffszielen gehören, während staatlich unterstützte APTs, Ransomware-Angriffe, Phishing-Methoden und...

The Cybercriminal with Four Faces: Revealing Group-IB’s Investigation into ALTDOS, DESORDEN, GHOSTR and 0mid16B

Following the arrest of the cybercriminal behind the aliases ALTDOS, DESORDEN, GHOSTR, and 0mid16B, Group-IB provides a deep dive into...

High-Tech Crime Trends 2025 in North America

High-Tech Crime Trends 2025 in North America

Join our experts on April, 3 2025 at 12 pm (ET / GMT-4) for an in-depth analysis of global and...

Tendencias del Cibercrimen 2025 en Europa

Tendencias del Cibercrimen 2025 en Europa

Únase a nosotros para debatir por qué las empresas de la región son objetivos prioritarios, con un aumento de amenazas...

High-Tech Crime Trends 2025 Deep Dive in APAC

High-Tech Crime Trends 2025 Deep Dive in APAC

Join our experts on 3 April 2025 at 11 am GMT+8 for an in-depth analysis of global and APAC-specific insights...

High-Tech Crime Trends 2025 in LATAM (Spanish)

High-Tech Crime Trends 2025 in LATAM (Spanish)

Cybercrime in Latin America is evolving rapidly—are you prepared for the latest threats? Join Group-IB’s experts as we uncover the...

High-Tech Crime Trends 2025 in Europe

High-Tech Crime Trends 2025 in Europe

Join us for a discussion on why businesses in the region are prime targets, with state-sponsored APTs, ransomware attacks, phishing...

YouTube Video Preview

High-Tech Crime Trends 2025

In 2025, the world of cybercrime continues to evolve at an unprecedented pace.

ClickFix

ClickFix: The Social Engineering Technique Hackers Use to Manipulate Victims

Discover how the ClickFix social engineering attack exploits human psychology to bypass security. Learn how hackers use this tactic and...

Gartner® Report Emerging Tech: 5 Elements to Prevent Digital Commerce Fraud

Gartner® Report Emerging Tech: 5 Elements to Prevent Digital Commerce Fraud

The essential part of constructing a 'secure' digital commerce experience isn’t just centered around browsing and transaction initiations. Securing every...

High-Tech Crime Trends 2025 in the META Region

High-Tech Crime Trends 2025 in the META Region

A surge in APTs, hacktivism, and phishing in META — how cyber threats evolved in 2024

Europe Intelligence Insights Report, February 2025

Europe Intelligence Insights Report, February 2025

Which threats are shaping Europe’s cybersecurity landscape, and how can you defend against them in time? Get essential details without...

The Evolution of SIM Swapping Fraud: How Fraudsters Bypass Security Layers

Discover how SIM swapping fraud has evolved, how cybercriminals bypass security layers, and the best ways to protect yourself from...

Building Zero Trust Security: Selectively Trust To Rightfully Secure

Build resilience with a zero trust cybersecurity model. Leverage your existing infrastructure for stronger security. Get all essential insights to...

Technology Alone Isn’t the Answer to Cyber Threats: Time to Rethink Security Culture

Get the (ABCs) Awareness, Behavior, and Culture of cybersecurity right - an organization's silent drivers of cyber protection.

High-Tech Crime Trends Report 2025

High-Tech Crime Trends Report 2025

Group-IB’s annual report delves into the most critical high-tech crime trends, offering a comprehensive analysis of emerging threats, tactics, and...

North America Intelligence Insights Report, February 2025

North America Intelligence Insights Report, February 2025

Don’t miss key cybersecurity events that affected the region last month, and get defense-equipped by exploring best practices.

LATAM Intelligence Insights Report, February 2025 (English/Spanish)

LATAM Intelligence Insights Report, February 2025 (English/Spanish)

Don’t miss key cybersecurity events that affected the region last month, and get defense-equipped by exploring best practices.

META Intelligence Insights Report, February 2025

META Intelligence Insights Report, February 2025

In an increasingly interconnected world, staying ahead of cyber threats is paramount. Group-IB's META Intelligence Insights report for February 2025...

Fingerprint Heists: How your browser fingerprint can be stolen and used by fraudsters

Discover how cybercriminals steal browser fingerprints to mimic users, bypass security measures, and commit online fraud. Learn how to protect...

Cyber Resilience 2025: Battling Emerging Regional Threats

Cyber Resilience 2025: Battling Emerging Regional Threats

Join Ahmed Tharwat in this exclusive webinar to explore the latest cyber threat landscape in the region.

RansomHub Never Sleeps Episode 1

RansomHub Never Sleeps Episode 1: The evolution of modern ransomware

Discover how ransomware has evolved into a sophisticated cyber threat, with groups like RansomHub leading the charge. Learn more about...

YouTube Video Preview

Our Free Malware Analysis Tool

Group-IB’s Threat Intelligence team scours thousands of malware samples every day to detect emerging threats.

5 ways to leverage our Malware Reports for malware analysis

5 ways to leverage our Malware Reports for malware analysis

Discover 5 ways to leverage Malware Reports for daily analysis and improve detection. Perfect for SOC analysts, threat hunters, and...

The Dark Side of Automation and Rise of AI Agents: Emerging Risks of Card Testing Attacks

Card testing attacks exploit stolen credit card details through small, unnoticed purchases to verify active cards for larger fraud. Cybercriminals...

LATAM Intelligence Insights Report, January 2025 (English/Spanish)

LATAM Intelligence Insights Report, January 2025 (English/Spanish)

Explore the most notable cybersecurity events in the region and the best practices.

North America Intelligence Insights Report, January 2025

North America Intelligence Insights Report, January 2025

Spotlighting critical cybercrime trends in North America and beyond.

Cat’s out of the bag: Lynx Ransomware-as-a-Service

In this blog, we observed how the Lynx Ransomware-as-a-Service (RaaS) group operates, detailing the workflow of their affiliates within the...

APAC Intelligence Insights Report, January 2025

APAC Intelligence Insights Report, January 2025

Delve into critical shifts and emerging dangers in the Asia-Pacific (APAC) cyberthreat landscape with the January 2025 edition of our...

META Intelligence Insights Report, January 2025

META Intelligence Insights Report, January 2025

Uncover the Latest Cyber Threats and Trends. Stay informed and protect your organization with Group-IB’s January Intelligence Report. This comprehensive...

Europe Intelligence Insights Report, January 2025

Europe Intelligence Insights Report, January 2025

Don’t miss key cybersecurity events that affected the region, and get defense-equipped by exploring best practices.

Outsmart Cybercriminals with APAC Cyber Intelligence: Group-IB APAC Intelligence Insights Webinar

Outsmart Cybercriminals with APAC Cyber Intelligence: Group-IB APAC Intelligence Insights Webinar

Join us for an in-depth analysis of Group-IB’s APAC Intelligence Reports. This webinar is designed to equip your organisation with...

Odds & Ends: Unraveling the Surebet Playbook

Discover the world of surebets, a strategy that guarantees profits by leveraging differing odds from multiple bookmakers. Explore how this...

Group-IB’s GLOCAL Vision Leading The Fight Against Global Cybercrime

How is Group-IB evolving into a leading cybersecurity force that the community relies on?

Cybersecurity Ultimate Assessment Guide: Part 1. Assessment Compass

Cybersecurity Ultimate Assessment Guide: Part 1. Assessment Compass

Navigate the complexities of modern assessments with Group-IB’s expert-designed guide.

The Reality of Deception

The Realty of Deception: Real Estate Frauds Uncovered in the Middle East

Real estate scams are on the rise as fraudsters exploit online platforms to deceive victims into paying for fake properties....

APAC Intelligence Insights Report, December 2024

APAC Intelligence Insights Report, December 2024

Explore the most notable cybersecurity events and best practices in the Asia-Pacific (APAC) region from December 2024.

Beyond AI: Group-IB’s Local Expertise in Fraud Protection

Minimize false positives, proactively prevent threats, and gain customized fraud protection with Group-IB. Our AI-powered solutions are fine-tuned by local...

Social Engineering in Action: How Fraudsters Exploit Trust with Fake Refund Schemes in the Middle East

Fraudsters have devised a sophisticated scheme targeting banking customers in the Middle East, impersonating government officials and using remote access...

Cyber Predictions For 2025 (and Beyond): Group-IB’s Expert Take On What’s Coming

Don’t fall weak in the face of change and disruption. Review the upcoming cybersecurity changes and become equipped while there’s...

Reich 5 Android malware gang nabbed

Reich 5 Android malware gang nabbed

Group-IB helped to dismantle a hacker group that infected over 340,000 Android devices to steal money from bank accounts. The...

META Intelligence Insights Report, December 2024

META Intelligence Insights Report, December 2024

Explore the most notable cybersecurity events in the region and the best practices.

Patch Me If You Can: The Truth About Smartphone Vulnerabilities

Discover how smartphone manufacturers conceal security flaws, the risks these vulnerabilities pose to users and businesses, and actionable steps to...

Group-IB x NVISO

Group-IB x NVISO

Partnership for high-fidelity threat intelligence to enable next-gen cybersecurity

LATAM Intelligence Insights Report, December 2024

LATAM Intelligence Insights Report, December 2024

Explore the most notable cybersecurity events in the region and the best practices.

Operation Delilah

Operation Delilah

Operation Delilah was the third in a series of operations supported by Group-IB, providing intelligence on the threat actor’s network,...

Operation NightFury

Operation NightFury

Unravel a remarkable transnational operation where the global law enforcement and cybersecurity service providers, including Group-IB, dismantled the GetBilling JS-sniffer...

North America Intelligence Insights Report, December 2024

North America Intelligence Insights Report, December 2024

Explore the most notable cybersecurity events in the region and the best practices.

Falcon: Operation in two acts

Falcon: Operation in two acts

Group-IB supported two INTERPOL-led operations, called Falcon I and Falcon II, to stop a business email compromise (BEC) cybercrime gang...

Group-IB x One of Malaysia’s Fastest-Growing Healthcare Providers

Group-IB x One of Malaysia’s Fastest-Growing Healthcare Providers

Discover how Group-IB ensured uncompromised cybersecurity for the healthcare brand, defending it against a ransomware attack and solidifying defenses.

IDC Spotlight: “The Weakest Link” — Email Security Should Be Your Top Cyberdefense Priority

IDC Spotlight: “The Weakest Link” — Email Security Should Be Your Top Cyberdefense Priority

Discover how to safeguard your organization against phishing, business email compromise attacks, and advanced email threats with insights from IDC’s...

Trust Hijacked

Trust Hijacked: The Subtle Art of Phishing Through Familiar Facades

Explore the advanced tactics employed in recent email phishing campaigns targeting employees from over 30 companies across 12 industries and...

From chaos to clarity: Transforming cyber investigations with Group-IB’s next-gen Graph

From chaos to clarity: Transforming cyber investigations with Group-IB’s next-gen Graph

Join our experts for an exclusive session exploring key features of Group-IB’s Graph — a platform that has been re-imagined...

Group-IB x FIN-CSIRT

Group-IB x FIN-CSIRT

Discover how Serbia’s first financial sector CERT used Group-IB’s Attack Surface Management to enhance security, regulatory compliance, and resilience for...

Group-IB x AVO bank

Group-IB x AVO bank

Learn how a new digital bank in Uzbekistan leveraged Group-IB’s multi-layered cybersecurity to ensure secure operations for over 1 million...

deepfake

Deepfake Fraud: How AI is Deceiving Biometric Security in Financial Institutions

Group-IB’s Fraud Protection team examines how fraudsters use deepfake technology to bypass biometric security in financial institutions, including facial recognition...

Intelligence Insights Report, November 2024

Intelligence Insights Report, November 2024

Explore the most notable cybersecurity events in the region and the best practices.

Shady Bets

Shady Bets: How to Protect Yourself from Gambling Fraud Online

Scammers are using fake betting game advertisements on social media to target users, with over 500 deceptive advertisements and 1,377...

Fraud Matrix 1.5 Webinar: New Features You Need to Know

Fraud Matrix 1.5 Webinar: New Features You Need to Know

Join us for a live webinar with Dimitry Pisarev, Product Manager of the Group-IB Fraud Matrix, as he unveils the...

Rethinking investigation

Rethinking investigation: Group-IB’s Graph takes a leap forward

Tracing the Path of VietCredCare and DuckTail

Tracing the Path of VietCredCare and DuckTail: Vietnamese dark market of infostealers’ data

Following the arrest in May 2024 of more than 20 individuals behind Facebook infostealers campaigns in Vietnam, we have compared...

Unlock Strategic Cyber Intelligence: Group-IB Intelligence Insights Report Webinar

Unlock Strategic Cyber Intelligence: Group-IB Intelligence Insights Report Webinar

Join us on December 11th at 2 PM GST for a deep dive into Group-IB’s Intelligence Insights Report, designed to...

Beyond the Traditional SOC: Intelligence-Driven Security Operations

Beyond the Traditional SOC: Intelligence-Driven Security Operations

Join a knowledge-sharing session led by Group-IB experts and learn how to transform Security Operations Centers through intelligence-driven strategies.

Three years of change: Digital risks in the Middle East and Africa

Three years of change: Digital risks in the Middle East and Africa

Learn about key trends in digital risks over the past three years, the latest techniques used by scammers, and relevant...

Group-IB x Fawry

Group-IB x Fawry

Explore how Group-IB helped Egypt's largest e-payment provider avert a ransomware threat

Strengthening AML Defenses

Strengthening AML Defenses: Detect Money Mules During Their ‘Warm-Up’ Phase

Know the need to catch mules early in their operations to protect you from severe risks, including large-scale money laundering,...

Stealthy Attributes of APT Lazarus

Stealthy Attributes of Lazarus APT Group: Evading Detection with Extended Attributes

In this blog, we examine a fresh take on techniques regarding concealing codes in Extended Attributes in order to evade...

Adversary Hunting Code: Uncover and eliminate unknown cyber threats with Group-IB

Adversary Hunting Code: Uncover and eliminate unknown cyber threats with Group-IB

Threats often lurk in the shadows, undetected, until they escalate into full-blown crises. The key to staying protected is to...

Chase Cyber Threats

~~Run from~~ Chase Cyber Threats

Waiting for risks to be presented to you rather than actively hunting them down? After reading this, you might consider...

APAC Intelligence Insights Report, November 2024

APAC Intelligence Insights Report, November 2024

Explore the most notable cybersecurity events in the Asia-Pacific (APAC) region from November 2024 and the best practices.

Delivery Deception

Delivery Deception: Escalating cybercriminal tactics in the Balkan region

Explore our latest findings on the surge of cyberattacks in the Balkan region, focusing on threats to financial institutions and...

Group-IB Fraud Protection: Know your real users, catch the fraudsters

Stop fraud, RATs, and malware with Group-IB's Fraud Protection AI. Our advanced behavioral analysis uses AI to detect and prevent...

Tailor Your Security with Group-IB

Global iGaming? Tailor Your Security with Group-IB Fraud Protection

With Group-IB Fraud Protection, you can navigate the complexities of global iGaming regulations and risk. Tailor security measures for each...

Intelligence Insights Report, October 2024

Intelligence Insights Report, October 2024

Explore the most notable cybersecurity events in the region and the best practices.

fake-wood

Woodn’t You Believe It? The Rise of Fake Wood Scams

In this blog we uncover a long-running scheme by scammers selling wood to the people in France during the winter...

Encrypted Symphony

Encrypted Symphony: Infiltrating the Cicada3301 Ransomware-as-a-Service Group

In this blog, we observed how the Cicada3301 Ransomware-as-a-Service (RaaS) group operates, detailing the workflow of their affiliates within the...

The firming grip of cyber fraud in Asia

The firming grip of cyber fraud in Asia: What effective actions must banks take today?

Banks' current measures against cyber fraud are falling short – and the numbers don’t lie. That said, with a hyperactive...

Operation Distanthill

Operation Distanthill

Group-IB took part in Operation DISTANTHILL, which led to the arrest of 16 cybercriminals involved in large-scale Android RAT campaigns...

Unveiling USB Artifacts: A Comparative Analysis

Discover how USB artifacts enhance tracking user activities on files, examining the influence of operating systems, file systems, and applications...

Pig Butchering Blog Banner

Pig Butchering Alert: Fraudulent Trading App targeted iOS and Android users

In this article, Group-IB specialists uncovered a large-scale fraud campaign involving fake trading apps targeting Apple iOS and Android users...

APAC Intelligence Insights Report, October 2024

APAC Intelligence Insights Report, October 2024

Explore the most notable cybersecurity events in the Asia-Pacific (APAC) region from October 2024 and the best practices.

DragonForce blog banner

Inside the Dragon: DragonForce Ransomware Group

In this blog, we look at the DragonForce ransomware group, which poses a severe threat with two variants—a LockBit fork...

Storm clouds on the horizon: Resurgence of TeamTNT?

Storm clouds on the horizon: Resurgence of TeamTNT?

Investigations into recent campaigns may suggest the reemergence of TeamTNT in 2023 to present day, since evaporating in 2022.

Group-IB dark web investigations blog cover

Concealed networks: Are dark web syndicates turning to social media for cybercrime?

Group-IB dark web investigations: To avoid prying eyes, find out how adversaries increasingly shift from the dark web to social...

Intelligence Insights Report, September 2024

Intelligence Insights Report, September 2024

Explore the most notable cybersecurity events in the META region and the best practices in September 2024.

Ajina blog cover

Ajina attacks Central Asia: Story of an Uzbek Android Pandemic

Discovered by Group-IB in May 2024, the Ajina.Banker malware is a major cyber threat in the Central Asia region, disguising...

Carberp gang knocked down

Carberp gang knocked down

Exposing the million-dollar hacking group behind large-scale attacks on payment systems.

Blog Banner PAM blog

The Duality of the Pluggable Authentication Module (PAM)

The Group-IB DFIR Team has identified a new technique not yet included in the MITRE ATT&CK framework, which could lead...

lazarus apt malware banner

APT Lazarus: Eager Crypto Beavers, Video calls and Games

Explore the growing threats posed by the Lazarus Group's financially-driven campaign against developers. We will examine their recent Python scripts,...

RansomHub Blog Cover

RansomHub ransomware-as-a-service

Learn why RansomHub's new affiliate program and its advanced ransomware tactics—recruiting former Scattered Spider members, exploiting unprotected RDP services, and...

Hiding in plain sight_ Techniques and defenses against `_proc` filesystem manipulation in Linux cover blog

Hiding in plain sight: Techniques and defenses against `/proc` filesystem manipulation in Linux

Group-IB explores methods of process visibility evasion through /proc filesystem manipulation in Linux, along with effective defenses to counteract these...

META Intelligence Insights Report, August 2024

META Intelligence Insights Report, August 2024

Explore the most notable cybersecurity events in the META region and the best practices.

Deciphering the Brain Cipher Ransomware blog cover

Deciphering the Brain Cipher Ransomware

Deep dive into Brain Cipher ransomware group's activities and techniques, and how they are seemingly linked to other ransomware groups...

The Threat of Compromised Mobile Device Management Credentials

Under Siege: The threat of compromised Mobile Device Management credentials and its implications for organizational security

The leakage of credentials for Mobile Device Management (MDM) services could pose significant risks to organizations and their data security.

NIS 2 compliance for EU businesses: Meet cybersecurity requirements before the deadline (October 17)

With NIS 2 non-compliance proving detrimental — resulting in millions in fines, business activity suspension, and more, become compliant while...

Beware the RAT: Android Remote Access malware strikes in Malaysia

Beware CraxsRAT: Android Remote Access malware strikes in Malaysia

CraxsRAT is a notorious Android malware family known for its Remote Administration Tools (RAT), which include remote device control and...

GXC Team Unmasked

GXC Team Unmasked: The cybercriminal group targeting Spanish bank users with AI-powered phishing tools and Android malware

Specializing in AI-powered phishing-as-a-service and Android malware capable of intercepting OTP codes, the GXC Team targets Spanish bank users and...

CYBERSECURITY X AI: Building capabilities to defend assets and defeat attackers

CYBERSECURITY X AI: Building capabilities to defend assets and defeat attackers

There’s no denying it: Artificial intelligence has emboldened and empowered cyber criminals, helping them attack faster, more frequently, and with...

Intelligence Insights Report, June 2024

Intelligence Insights Report, June 2024

Explore the most notable cybersecurity events in the META region and the best practices.

Qilin Revisited blog

Qilin Revisited: Diving into the techniques and procedures of the recent Qilin Ransomware Attacks

Discover the insidious tactics of the Qilin ransomware group, notorious for their $50 million attack on the healthcare sector, impacting...

Group-IB Digital Risk Protection blog

Group-IB Digital Risk Protection: How does it enable the fastest violation detection and takedown?

The digital space is riddled with risks to your brand. Ensure it stays defended with Group-IB Digital Risk Protection’s automated...

Patch or Peril: A Veeam Vulnerability Incident

Patch or Peril: A Veeam vulnerability incident

Delaying security updates and neglecting regular reviews created vulnerabilities that were exploited by attackers, resulting in severe ransomware consequences.

Breaking silos: The convergence of cybersecurity and fraud prevention

Breaking silos: The convergence of cybersecurity and fraud prevention

Where adversaries do not hesitate to initiate blended attacks combining multiple tactics, why are security teams still operating in silos?

El Dorado Ransomware: The New Golden Empire of Cybercrime?

Eldorado Ransomware: The New Golden Empire of Cybercrime?

All about Eldorado Ransomware and how its affiliates make their own samples for distribution.

Boost Your MSSP's Competitive Edge

Boost your MSSP’s competitive edge: New strategies for leveraging Threat Intelligence

How to best empower your business clients’ cybersecurity with critical cyber threat intelligence

Investigating in tip-top fashion: TipTop group identified and arrested

Investigating in tip-top fashion: TipTop group identified and arrested

Group-IB helped the police take down the largest mobile malware gang in Russia, which had infected more than 800,000 Android...

Craxs RAT Malware Blog

Craxs Rat, the master tool behind fake app scams and banking fraud

The scam schemes enabled by Craxs Rat malware provide complete remote control of the victims’ devices. Defend yourself from being...

Boolka Unveiled: From web attacks to modular malware

Boolka Unveiled: From web attacks to modular malware

Uncovering the operations of threat actor Boolka, driven by the creation of malicious scripts, malware trojans, sophisticated malware delivery platforms,...

No-Vax Free: Exposing the real faces behind the fake Green Pass

No-Vax Free: Exposing the real faces behind the fake Green Pass

Group-IB helped to expose the cybercriminal gang who offered fake green passes, targeting Italian victims.

Cron: Overthrown titan

Cron: Overthrown titan

Group-IB helped law enforcement to identify and arrest a notorious gang that compromised more than one million devices with Android...

GoldPickaxe exposed: How Group-IB analyzed the face-stealing iOS Trojan and how to do it yourself

GoldPickaxe exposed: How Group-IB analyzed the face-stealing iOS Trojan and how to do it yourself

Learn how to protect your devices against evolving iOS threats

Paunch & The BlackHole Exploit Kit Case

Paunch & The BlackHole Exploit Kit Case

Group-IB supported the police in identifying and taking down a malware kingpin who once dominated the exploit kit sales market,...

Ransomware readiness: From quick wins to long-term strategies

Ransomware readiness: From quick wins to long-term strategies

Check all the key ransomware readiness boxes and shield your infrastructure with Group-IB's industry-proven framework.

Group-IB x Special Needs School

Group-IB x Special Needs School

Learn how Group-IB helped a school to combat ransomware in real time and shored up its defenses against future threats.

To GenAI or not to GenAI

Reorienting Cybersecurity: To GenAI or not to GenAI?

Amidst the GenAI revolution, how can you harness its potential to boost cybersecurity?

Group-IB x Sorint.SEC

Group-IB x Sorint.SEC

Know how the joint expertise of Group-IB and Sorint.SEC enhances critical infrastructure security and facilitates the seamless adoption of cybersecurity...

GDPR: A shield for consumers, a shackle for fraud fighters?

Does the GDPR, designed to protect customer data, unintentionally create opportunities for cybercriminals to exploit it?

Hi-Tech Crime Trends 2024 – Latin America

Hi-Tech Crime Trends 2024 – Latin America

Join us as we discuss why businesses in the LATAM region are prime targets for exploitation, given the surge in...

Twin brothers in crime

Twin brothers in crime

Group-IB partnered with law enforcement to bring a phishing gang to justice for the first time in Russia. The operation...

Hi-Tech Crime Trends 2024 – North America

Hi-Tech Crime Trends 2024 – North America

Join us as we talk about AI threats, the rise in nation-state threat actors, APT groups, persisting ransomware threats and...

Hi-Tech Crime Trends 2024 – Asia-Pacific

Hi-Tech Crime Trends 2024 – Asia-Pacific

Join us as we talk about why businesses in the region are ripe targets for exploitation, given the surge in...

Hi-Tech Crime Trends 2024 – Middle East and Africa

Hi-Tech Crime Trends 2024 – Middle East and Africa

Join us as we discuss why businesses in the region are ripe targets for exploitation, given the surge in information-stealing...

Hi-Tech Crime Trends 2024 – Europe

Hi-Tech Crime Trends 2024 – Europe

Join us as we discuss why businesses in the region are prime targets for exploitation, given the increase in compromised...

Generative AI Blog

Generative AI: Raising the stakes for fraud in iGaming

Fraudsters see potential in generative AI to defraud the gambling industry. Here’s how.

Phishy Business: Unraveling LabHost’s scam ecosystem

Group-IB takes part in a global operation to cripple Canadian Phishing-as-a-Service provider LabHost

Hunting Rituals

Hunting Rituals #4: Threat hunting for execution via Windows Management Instrumentation

Actionable insights on hunting for Windows Management Instrumentation (WMI) execution abuse

Pegasus and other spyware

In-Depth Analysis of Pegasus Spyware and How To Detect It on Your Mobile Devices

How does Pegasus and other spyware work discreetly to access everything on your iOS device?

The Reconnaissance Handbook: Map and mitigate intrusion pathways into your network

The Reconnaissance Handbook: Map and mitigate intrusion pathways into your network

As adversaries use reconnaissance to plot their attacks against you, discover how you can leverage the same process to thwart...

Operation Lyrebird

Operation Lyrebird

Group-IB supported INTERPOL in disrupting a prolific cybercriminal’s activities - codenamed Lyrebird. This effort led to the identification and apprehension...

Shooting down in flames: tactical guide to outrun ransomware groups

Shooting down in flames: tactical guide to outrun ransomware groups

Watch a critical session by Group-IB's DFIR experts, as they shed light on the latest ransomware tactics seen in the...

Hi-Tech Crime Trends 2023/2024 – Global

Hi-Tech Crime Trends 2023/2024 – Global

Discover the Group-IB’s annual threat research to discover the global cybersecurity landscape and get region-tailored insights.

Hi-Tech Crime Trends 2023/2024 – Latin America

Hi-Tech Crime Trends 2023/2024 – Latin America

Discover Group-IB’s unmatched annual report delivering valuable findings related to the Latin American region

Hi-Tech Crime Trends 2023/2024 – Middle East and Africa

Hi-Tech Crime Trends 2023/2024 – Middle East and Africa

Dive into Group-IB’s comprehensive report sharing facts, data, findings, and our takes on these findings related to the Middle East

Hi-Tech Crime Trends 2023/2024 – Europe

Hi-Tech Crime Trends 2023/2024 – Europe

Discover Group-IB’s unparalleled annual report calibrated by the latest findings related to the European region

Hi-Tech Crime Trends 2023/2024 – Asia-Pacific

Hi-Tech Crime Trends 2023/2024 – Asia-Pacific

Discover Group-IB’s unmatched annual report fine-tuned by the latest insights related to the Asia-Pacific region

Hi-Tech Crime Trends 2023/2024 – North America

Hi-Tech Crime Trends 2023/2024 – North America

Explore Group-IB’s unmatched annual report delivering actionable cybersecurity insights related to the North American region

The Fraud Family Case

The Fraud Family Case

Group-IB partnered with the Dutch National Police to uncover critical details about the criminal syndicate - the Fraud Family and...

Extra credit: VietCredCare information stealer takes aim at Vietnamese businesses

Group-IB discovers new information stealer targeting Vietnam with rare functionality to filter out Facebook accounts with advertising credits

Face Off: Group-IB identifies first iOS trojan stealing facial recognition data

Group-IB uncovers the first iOS Trojan harvesting facial recognition data used for unauthorized access to bank accounts. The GoldDigger family...

Frost & Sullivan’s 2023 Competitive Strategy Leadership Award

Frost & Sullivan’s 2023 Competitive Strategy Leadership Award

Gain unmatched localized cybersecurity with Group-IB's award-winning decentralized model and tailored cyber-fraud framework.

Fraud and Online Scams Trends – December 2023

Fraud and Online Scams Trends – December 2023

In this short video we explore the latest scams, regulatory updates, and the key challenges facing the industry.

ResumeLooters gang

Dead-end job: ResumeLooters infect websites in APAC through SQL injection and XSS attacks

ResumeLooters gang infects websites with XSS scripts and SQL injections to vacuum up job seekers' personal data and CVs

Gartner® Report: Emerging Tech: Security — Cyber-Fraud Fusion Is the Future of Online Fraud Detection

Gartner® Report: Emerging Tech: Security — Cyber-Fraud Fusion Is the Future of Online Fraud Detection

In the rapidly evolving landscape of online fraud, traditional fraud detection methods can’t keep up. Read the report by Gartner...

Phishing Store Shutdown

Phishing Store Shutdown

Group-IB made a significant contribution to an international crime fighting operation involving INTERPOL and national law enforcement agencies from Indonesia,...

Operation Dragon Eye

Operation Dragon Eye

Group-IB played a crucial role in identifying the individual behind the Dragon botnet, which was responsible for relentless distributed denial-of-service...

Operation Dating Disaster

Operation Dating Disaster

Group-IB played a major role in identifying members of CybSec Group, which was engaged in extortion and DDoS attacks on...

Inferno Drainer: A Deep Dive into Crypto Wallet-Draining Malware

Inferno Drainer may have shut down in November 2023, but users of the devastating scam-as-a-service platform still pose a risk...

The Art of SOC

Ultimate guide to establishing and evolving intelligence-driven security operations with Group-IB SOC Framework

Fraud and Online Scams Trends – November 2023

Fraud and Online Scams Trends – November 2023

In this digest, we cover the newest scam schemes, regulatory updates, and industry challenges to keep you posted and your...

Hunting Rituals

Hunting Rituals #3: Threat hunting for scheduled tasks

Actionable guide to hunting for the scheduled tasks by using Group-IB MXDR

The future is now: Watch out for these 20 trends that will change the course of cybersecurity (Part 2)

Cybersecurity is changing, and changing fast. Learn how Group-IB can help you lead the change instead of being carried by...

The future is now: Watch out for these 20 trends that will change the course of cybersecurity (Part 1)

Cybersecurity is changing, and changing fast. Learn how Group-IB can help you lead the change instead of being carried by...

You versus adversaries: How to become unbeatable in 20 cybersecurity moves (Part 2)

Cybersecurity essentials that ensure your business stays undisrupted in the upcoming year.

Ace in the Hole: exposing GambleForce, an SQL injection gang

Analysis of TTPs tied to GambleForce, which carried out SQL injection attacks against companies in the APAC region

Fraud and Online Scams Trends – October 2023

Fraud and Online Scams Trends – October 2023

In this video, we will discuss the cases researched at Group-IB, active threats, and the most pressing challenges related to...

You versus adversaries: How to become unbeatable in 20 cybersecurity moves (Part 1)

Cybersecurity essentials that will ensure your business stays undisrupted in the upcoming year.

Curse of the Krasue: New Linux Remote Access Trojan targets Thailand

This piece of malware has an insatiable appetite. Group-IB's Threat Intelligence unit offers their insights on the new RAT used...

Current Cyber Threats in the Middle East Region

Current Cyber Threats in the Middle East Region

Learn how Group-IB’s joint initiative with CORVIT will help cybersecurity professionals and leaders in cyber activity within the MEA region.

Hunting Rituals

Hunting Rituals #2.2: Threat hunting for abuse of Windows Services

Actionable guide to hunting for the Windows Services abuse by using Group-IB MXDR.Part 2: Execution of Windows Services

Group-IB x Libertex Group

Group-IB x Libertex Group

Explore how Group-IB helped Libertex Group stay ahead of emerging cyber risks and strengthen its security posture with proactive and...

Fraud and Online Scam Trends – September 2023

Fraud and Online Scam Trends – September 2023

In this video, we will discuss the cases researched at Group-IB, active threats, and the most pressing challenges related to...

Investigation into farnetwork cover

Ransomware manager: Investigation into farnetwork, a threat actor linked to five strains of ransomware

Take a deep dive into the operations of one of the most active players in the Ransomware-as-a-Service market.

Cybersecurity Space: Analytics, Threats, and Solutions

Cybersecurity Space: Analytics, Threats, and Solutions

Access exclusive insights from our top-rated Threat Intelligence team on recent cyber threats and how Group-IB can safeguard your sector,...

The untold story of incident response: Insider’s Gambit

Get a close look at details of the most notable cases faced by Group-IB’s Digital Forensics and Incident Response (DFIR)...

Analyzing cyber activity surrounding the conflict in the Middle East

Hacktivists take center stage with DDoS, defacement attacks – summary of Week 1 and 2 of the conflict. The blog...

The untold story of incident response: A Christmas Miracle

Twas the night before Christmas, when out came the cry, a cyberattack is happening, so stop them, won’t you try?

Let’s dig deeper: dissecting the new Android Trojan GoldDigger with Group-IB Fraud Matrix

Delve into the tactics of the GoldDigger Trojan and discover ways to safeguard your customers

Group-IB x Security Lab

Group-IB x Security Lab

Learn how innovative solutions and joint expertise helped a MSSP provider enhance customer protection

Dusting for fingerprints: ShadowSyndicate, a new RaaS player?

No sleep until the Cybercrime Fighters Club is done with finding the answer as to who is behind this new...

It’s a trap: Detecting a cryptominer on a popular website using Group-IB MXDR

Group-IB analysts discovered and analyzed a cryptojacking campaign on a popular educational resource using Group-IB Managed XDR.

Hunting Rituals

Hunting Rituals #2: Threat hunting for abuse of Windows Services

Actionable guide to hunting for the Windows Services abuse by using Group-IB MXDR.Part 1: Creation/modification of Windows Services

Group-IB x Tier-1 Global Bank

Group-IB x Tier-1 Global Bank

Explore how Group-IB’s real-time Threat Intelligence and defense-driven solutions helped solve modern cybersecurity challenges for a global bank and bolster...

Incident Response through an opportunity lens: In conversation with Dmitry Volkov (CEO, Group-IB)

Gather valuable insights on how incident response can be a make-or-break factor in securing your business.

From Rags to Riches: The illusion of quick wealth in investment scams

Group-IB Digital Risk Protection uncovers malicious campaign leveraging almost 900 scam pages with potential financial damage estimated at $280,000 over...

W3LL done: uncovering hidden phishing ecosystem driving BEC attacks

W3LL done: uncovering hidden phishing ecosystem driving BEC attacks

Access untapped details into the scope and sophistication of the W3LL’s BEC-focused criminal enterprise

Respond Like A Rockstar: The Group-IB Advantage in Incident Response for APAC

Respond Like A Rockstar: The Group-IB Advantage in Incident Response for APAC

Learn how Group-IB’s Incident Response team helps you fight real cybercriminals in the APAC region.

Stealing the extra mile: How fraudsters target global airlines in air miles and customer service scams

Uncover the vulnerabilities crippling the airline industry and learn how to implement appropriate countermeasures

New hierarchy, heightened threat: Classiscam’s sustained global campaign

The automated scam-as-a-service program designed to steal your money and data is still going strong four years after launch

Beyond OWASP Top 10: The ultimate guide to web application security (2023 and onwards)

Beyond OWASP Top 10: The ultimate guide to web application security (2023 and onwards)

Leverage the latest OWASP list combined with Group-IB experts’ manual analysis techniques to identify, prioritize and thwart the most critical...

Traders’ dollars in danger: CVE-2023-38831 zero-day vulnerability in WinRAR exploited by cybercriminals to target traders

Spoof extensions help cybercriminals target users on trading forums as 130 devices still infected at time of writing

Hunting Rituals

Hunting Rituals #1: Threat hunting for DLL side-loading

Actionable guide to hunting for the DLL side-loading threat by using Group-IB MXDR.

Group-IB x Oris Lab

Group-IB x Oris Lab

Learn how this blockchain fintech company improved its security posture through penetration testing.

Breaking down Gigabud banking malware with Group-IB Fraud Matrix

Uncover the disruptive nature of Gigabud malware and take proactive measures to mitigate the associated risks

JOIN THE CYBERCRIME FIGHTERS CLUB

Fighting cybercrime is more effective when we work together. Find out more about how you can work with Group-IB to...

Demystifying Mysterious Team Bangladesh

Analysis of a highly active hacktivist group with global reach

Panel discussion “Cybersecurity Landscape in the Middle East”

Panel discussion “Cybersecurity Landscape in the Middle East”

Explore Middle East's ever-evolving cyber security landscape with experts. Watch the insightful webinar recording now to uncover the latest threats,...

Digital Risk Trends 2023

Digital Risk Trends 2023

Explore the most dangerous risks for brands and learn how to mitigate them

Clouded Judgment: how mismanaged cloud infrastructure can expose users to cyber risks

Discover how organizations unwittingly create vulnerabilities by misconfiguring their cloud infrastructure

Group-IB x Digital Wealth Management Platform

Group-IB x Digital Wealth Management Platform

Learn how Group-IB’s Digital Risk Protection uncovered a sophisticated fraud network behind a suspicious resource.

Group-IB x OSOM

Group-IB x OSOM

Discover how our web application security analysis service provides a thorough assessment of vulnerabilities, attack vectors, and security mechanisms.

Respond like a Rockstar (French version)

Respond like a Rockstar (French version)

Faites connaissance avec l’équipe de digital forensics et de réponse aux incidents de Group-IB, qui lutte contre la cybercriminalité et...

Busting CryptosLabs: a scam ring targeting French speakers for millions

Get all the undisclosed details that our investigators uncovered on CryptosLabs' full scope of fraudulent schemes

Group-IB Fraud Day (French)

Group-IB Fraud Day (French)

Nous continuons nos webinar Fraud Intel, cette fois dédiée à la région africaine.

Rispondi come una Rockstar!

Rispondi come una Rockstar!

Scopri come il gruppo di Digital Forensics e Incident Response di Group-IB combatte i criminali informatici allo scopo di aiutare...

Operation Triangulation: Mapping the threat

What we know about APT campaign to date and how to detect it

Dark Pink. Episode 2

APT Dark Pink is back with 5 victims in new countries.

Bridging the gap: How to leverage API security best practices to combat top 3 vulnerability types

Security misconfiguration, excessive data exposure, and injections top three API vulnerability types for financial and tech firms

Investment Scam in Europe Video

Investment Scam in Europe Video

The classic type of scams that increased with the new, easy-to-use broker applications, NFTs, crypto trading platforms, and more.

Respond like a Rockstar (English)

Respond like a Rockstar (English)

How Group-IB's Incident Response Team fights against real cyber criminals during incident engagements around the MEA region.

Respond like a Rockstar (Arabic version)

Respond like a Rockstar (Arabic version)

How to effectively stop security incidents in the region.

The distinctive rattle of APT SideWinder

Bridewell and Group-IB expose the APT’s unknown infrastructure

Mastering Attack Surface Management for Resilient Cyber Defense

Mastering Attack Surface Management for Resilient Cyber Defense

How Group-IB unifies Attack Surface Management, Digital Risk Protection, Threat Intelligence to complement intelligence

The Qilin Ransomware: Analysis and Protection Strategies

All you need to know about Qilin ransomware and its operations targeting critical sectors.

Managed upgrades. Enhance malware analysis efficiency with Group-IB Malware Detonation Platform updates

New and modified malware detonation capabilities in Group-IB’s Managed XDR and Business Email Protection solutions for precise threat detection and...

Tech (non)support: Scammers pose as Meta in Facebook account grab ploy

Group-IB Digital Risk Protection discovers more than 3,200 fake Facebook profiles in ongoing phishing campaign that sees scammers impersonate Meta...

Investigation into PostalFurious: a Chinese-speaking phishing gang targeting Singapore and Australia

How to investigate phishing campaigns

SimpleHarm: Tracking MuddyWater’s infrastructure

Group-IB analysts discovered the new MuddyWater infrastructure while researching the pro-state group’s use of the legitimate SimpleHelp tool.

The old way: BabLock, new ransomware quietly cruising around Europe, Middle East, and Asia

Group-IB uncovers a new stealthy ransomware strain

36gate: supply chain attack

What is known about the 3CX supply chain incident and how to defend against it?

Fraud Day Africa 2023

Fraud Day Africa 2023

Fraud Intel Series is dedicated to the African region.

Venomous vacancies: Job seekers across MEA hit by sting in scammers’ tail

Group-IB uncovers more than 2,400 scam job pages in ongoing campaign targeting users in Egypt, KSA, Algeria, and 10 other...

Bleak outlook: Mitigating CVE-2023-23397

Microsoft Outlook Elevation of Privilege Vulnerability

Bad Behaviour: How to detect banking trojans

Mobile banking users are being manipulated by attackers to authorize fraudulent transactions. Learn what financial service providers can do to...

Package deal: Malware bundles causing disruption and damage across EMEA

What happens when you combine ransomware with information stealers, remote access Trojans, and other malware in one easy-to-download package?

Old Snake, New Skin: Analysis of SideWinder APT activity in 2021

Old Snake, New Skin: Analysis of SideWinder APT activity in 2021

Group-IB Threat Intelligence team uncovered a previously undocumented spear phishing campaign carried out by APT SideWinder between June and November...

Nice Try Tonto Team

How a nation-state APT attempted to attack Group-IB

Know Thy Enemy: unraveling the “Hi-Tech Crime Trends 2022/2023” report

Which cybercrimes will dominate the threat landscape for 2023 and beyond? Find out!

Hi-Tech Crime Trends 2022/2023

Hi-Tech Crime Trends 2022/2023

Benefit from Group-IB’s flagship cybersecurity report and explore the current threat landscape trends and forecasts

New APT hitting Asia-Pacific, Europe that goes deeper and darker

Godfather Trojan – mobile banking malware that is impossible to refuse

Group-IB discovers banking Trojan targeting users of more than 400 apps in 16 countries

Scam-free Christmas

8 online scams to protect your customers from

The financial sector VS Fraud

The financial sector VS Fraud

Keep up with the biggest threats to the financial sector and learn how to counteract them

Threat Intelligence: Insights for pre-emptive strategies against cyber adversaries

Threat Intelligence: Insights for pre-emptive strategies against cyber adversaries

Download a new Frost & Sullivan report to learn how to approach cybersecurity proactively and incentivize business growth with the...

OPERA1ER – How millions were stolen from banks

Get insights on efficient defense against OPERA1ER’s attacks

Uncovering the Attack Surface

Uncovering the Attack Surface

An analysis of attack surface risks for a sample of major financial services providers in 3 global regions

Group-IB’s Fraud Intelligence

How can you find mule accounts lurking in your digital payments?

Hired hand: Scammers mimic Saudi manpower provider

Group-IB uncovers one thousand (and one) fake domains part of a scam campaign targeting users in KSA

OPERA1ER: Ceux qui jouent à Dieu sans y avoir été autorisés

OPERA1ER: Ceux qui jouent à Dieu sans y avoir été autorisés

Le groupe, équipé seulement d’outils « prêts à l’emploi », est parvenu à dérober des millions à des opérateurs de...

Group-IB x Paxful

Group-IB x Paxful

Explore how Paxful enhanced its fraud prevention capabilities with Group-IB's Fraud Protection, leveraging advanced device fingerprinting and dynamic analysis to...

Armés et dangereux : une soif d’argent inextinguible L’APT OPERA1ER en Afrique

En 2019, l'équipe Threat Intelligence de Group-IB a détecté une série d'attaques ciblant des organisations financières en Afrique.

Financially motivated, dangerously activated: OPERA1ER APT in Africa

The French-speaking gang managed to carry out over 30 successful attacks on banks, financial services and telecommunications companies, mainly located...

OPERA1ER: Playing God Without Permission

OPERA1ER: Playing God Without Permission

The group relied solely on known “off-the-shelf” tools to steal millions from financial service and telecommunications companies. In total they...

Treasure trove. Alive and well point-of-sale malware

Analysis of months-long MajikPOS and Treasure Hunter campaign that infected dozens of terminals

OldGremlin Ransomware: Never Ever Feed Them after The Locknight

OldGremlin Ransomware: Never Ever Feed Them after The Locknight

The case of OldGremlin illustrates how the ransomware industry has evolved in recent years. In this report, you will find...

Deadbolt ransomware decryption: unlock your data

The Group-IB Incident Response Team investigated an incident related to a DeadBolt attack and analyzed a DeadBolt ransomware sample

With well-set digital marketing campaigns and professional call-centres

Group-IB x IHS Teknoloji

Group-IB x IHS Teknoloji

Learn how IHS Teknoloji found the perfect fraud protection partner in Group-IB, meeting all their technical requirements, excelling in performance...

Introduction à Fraud Protection

Découvrez la protection contre la fraude lors de notre webinaire introductif et protégez efficacement votre entreprise contre les activités frauduleuses.

Take control of your shadow IT

How Group-IB Attack Surface Management ensures full mastery of your external attack surface

Letting off steam

Hackers use the browser-in-the-browser technique to steal Steam accounts

The 5 Step Guide to Making Your MDR More Efficient

The 5 Step Guide to Making Your MDR More Efficient

Ultimate guide on how to optimize your managed detection and response offering and SOC activity.

Roasting 0ktapus: The phishing campaign going after Okta identity credentials

Over 130 organizations have been compromised in a sophisticated attack using simple phishing kits

APT41 World Tour 2021 on a tight schedule

4 malicious campaigns, 13 confirmed victims, and a new wave of Cobalt Strike infections

Switching side jobs

Links between ATMZOW JS-sniffer and Hancitor

Challenge accepted

Detecting MaliBot, a fresh Android banking trojan, with a Fraud Protection solution

The Global State of Scams Report 2022

The Global State of Scams Report 2022

Defacing the actual nature of current online scams - an underreported and adverse impact of the global pandemic. Also, know...

Fake investment scams in Europe

How we almost got rich

Under the Hood. Group-IB Managed XDR

What Group-IB’s new all-in-one solution offers: cybersecurity management, network event analysis, and lightning-fast stops to attacks

Demystifying Classiscam

Demystifying Classiscam

Deep dive into where the scheme started, how it works and evolves. Learn more about one of the most popular...

Fraud Intel Series by Group-IB Fraud Protection

Fraud Intel Series by Group-IB Fraud Protection

This event was created in collaboration with our experts working hard to equip you with the must-have knowledge about the...

Partner fireside talk: Mitigating risk with Group IB Digital Risk

Dmitriy Tiunkin, Head of Digital Risk Protection at Group-IB Europe, talks about the current scam landscape, presents the latest technologies...

Group-IB introduces the Unified Risk Platform

Group-IB’s platform allows organizations to overcome cyber risks

We see you, Gozi

Hunting the latest TTPs used for delivering the Trojan

Conti Armada: The ARMattack Campaign

Conti Armada: The ARMattack Campaign

Take a deep dive into “ARMattack”, one of the shortest yet most successful campaigns by the Russian-speaking ransomware group Conti....

“We find many things that others do not even see”

Nikita Rostovtsev on current cyber threats and his profession

Thousands of IDs exposed in yet another data breach in Brazil

Unsecured public-facing database allowed anyone to access ID selfies for months

Digital Risk Summit 2022

The event brings together independent analysts and researchers, a variety of cybersecurity specialists, as well as representatives of different industries...

Swiss Army Knife Phishing

Group-IB identifies massive campaign capable of targeting clients of major Vietnamese banks

Ransomware Insights 2021-2022

Ransomware Insights 2021-2022

What does it take to effectively repel a ransomware attack? Learn how to expose ransomware movements and make it harder...

Group-IB x Maggioli Group

Group-IB x Maggioli Group

Learn how Group-IB Attack Surface Management helped Maggioli Group enhance client security by providing comprehensive visibility into external IT assets...

SideWinder.AntiBot.Script

APT SideWinder’s new tool that narrows their reach to Pakistan

Aite-Novarica Group Named Group-IB the Largest and Most Experienced IRR Provider

Aite-Novarica Group Named Group-IB the Largest and Most Experienced IRR Provider

The Aite-Novarica Group 2022 Incident Response Retainer Services report recognized Group-IB as one of the top IRR service firms in...

Aite-Novarica Group Named Group-IB the Largest and Most Experienced IRR Provider

Aite-Novarica Group Named Group-IB the Largest and Most Experienced IRR Provider

The Aite-Novarica Group 2022 Incident Response Retainer Services report recognized Group-IB as one of the top IRR service firms in...

Aite-Novarica Group Named Group-IB the Largest and Most Experienced IRR Provider

Aite-Novarica Group Named Group-IB the Largest and Most Experienced IRR Provider

The Aite-Novarica Group 2022 Incident Response Retainer Services report recognized Group-IB as one of the top IRR service firms in...

Fraud Hunting Day APAC – Act II – 2022

Fraud Hunting Day APAC – Act II – 2022

Hindsight, Deep Dive and Moving Forward

Ransomware Uncovered 2021/2022

Ransomware Uncovered 2021/2022

The well-known complete guide to the latest tactics, techniques, and procedures of ransomware operators based on MITRE ATT&CK®

A Guide to Cyber Threats Targeting the Financial Sector

A Guide to Cyber Threats Targeting the Financial Sector

Learn why cyber threats are one of the biggest business risks for the financial sector

Old Gremlins, new methods

Russian-speaking ransomware gang OldGremlin resumes attacks in Russia

Scammers make off with $1.6 million in crypto

Fake giveaways hit bitcoiners again. Now on YouTube

Mitigating Spring4Shell with Group-IB

What we know about Spring4Shell so far

Arms race: Fraudster use of neural network technology

Arms race: Fraudster use of neural network technology

Needless to mention, as a region rich on natural resources, the Middle East is inevitably attractive to investors. But what...

Group-IB unveils three groups of fraudsters behind delivery scams in Singapore

Threat Hunting Day APAC

Hunting for signs of impending ransomware attacks in enterprise environment.

Lost & Found: Group-IB Unveils Attack Surface Management (ex. AssetZero)

Intelligence-Driven Attack Surface Management

Cyber Response Chain

A framework for security professionals to manage risk and respond to threats.

Group-IB x Banca Mediolanum

Group-IB x Banca Mediolanum

Learn how Group-IB Attack Surface Management helped Banca Mediolanum streamline asset discovery and vulnerability management by automating the identification of...

Top 5 recommendations for preventing ransomware for 2022

With ransomware attacks on the rise, companies need to take a proactive approach to security. Group-IB has put together a...

Fraud Hunting Day APAC

Fraud Hunting Day APAC

Discover Group-IB Fraud Hunting Day: our experts shared the latest fraud hunting techniques, use cases, and talked about different types...

Cleaning the atmosphere

Weak points in modern-day corporate email security

Shedding light on the dark web

Cybersecurity analyst's guide on how to use machine learning to show cybercriminals' true colors

Mitigating Log4Shell in Log4j with Group-IB

Group-IB's recommendations to mitigate this vulnerability and protect your organization.

How MITRE ATT&CK® helps users of Threat Intelligence

The MITRE ATT&CK® framework became the industry standard to describe attack tactics and techniques.

Ready-made fraud

Behind the scenes of targeted scams

Inside the Hive

Deep dive into Hive RaaS, analysis of latest samples

Still the Number 1 cyber threat – CyberCrimeCon 2021

Get a broad overview of the ransomware market and learn more about its latest developments in CyberCrimeCon 2021 video presentation.

Unexpected guests – CyberCrimeCon 2021

Group-IB Threat Intelligence Head Dmitry Shestakov presentes a report titled “Unexpected guests: who is selling access to your network” that...

The rise and fall of The Fraud Family – CyberCrimeCon2021

Anton Ushakov and Roberto Martineztell told about cybercriminal syndicate Fraud Family that developed, sold and rented sophisticated phishing frameworks to...

EvilCorp – CyberCrimeCon 2021

Learn more about Evil Corp (EC), an advanced cybercrime operations cluster, in Antonio Pirozzi presentation on CyberCrimeCon 2021.

Carding Action, a joint effort combating online fraud – CyberCrimeCon 2021

Rosal Cosano presented on the importance of public-private partnerships in tackling cybercrime around the world, particularly in fighting online and...

Zero trust why trust – CyberCrimeCon 2021

Meet Craig Jones, INTERPOL's Cybercrime Director at CyberCrimeCon 2021. Explore his presentation as he works to reduce cybercrime's global impact...

Hi-Tech Crime Trends 2021-2022 – CyberCrimeCon 2021

To provide a comprehensive picture of modern cybercrime, Group-IB experts have prepared annual cyber threat reports. Learn more in Dmitry...

Group-IB Mission and Principles – CyberCrimeCon 2021

Group-IB CEO Dmitry Volkov opened CyberCrimeCon21!

Hacking the pandemic most popular software – CyberCrimeCon 2021

Security Researcher at Computest Thijs Alkemade will share his findings about hacking the pandemic's most popular software — Zoom.

Attacking Java Deserialization – CyberCrimeCon 2021

Senior Security Researcher at VNPT Cyber Immunity Quynh Le will shares her findings about attacks on #Java deserialization.

The Art of Cyberwarfare – CyberCrimeCon 2021

Group-IB Senior Malware Analyst Dmitry Kupin analyzes espionage campaigns of Chinese state-sponsored APT groups in APAC.

Master of Disguise – CyberCrimeCon 2021

Denis Kuvshinov, the head of CTI Group at Positive Technologies, shares with you details on the newly discovered APT group...

APT41 2021 World Tour – CyberCrimeCon 2021

Group-IB APT Research Analyst Nikita Rostovcev shares his findings on the notorious APT41 group and its recent “world tour,” during...

APT Cobalt Strike Campaign – CyberCrimeCon 2021

Ladislav Baco, Senior Security Consultant and Malware Analyst, shares his findings about APT campaign targeting European governments, diplomats, individuals and...

Kill One, Kill All – CyberCrimeCon 2021

Cyber Threat Intelligence Manager at CyberSOC Africa Olakanmi Oluwole introduces you to the African and Nigerian Threat Landscape and tells...

Hi-Tech Crime Trends 2021/2022. Scams and Phishing: The Epidemic of Online Fraud

Hi-Tech Crime Trends 2021/2022. Scams and Phishing: The Epidemic of Online Fraud

New fraud technologies & an analysis of schemes, tools and infrastructure

Hi-Tech Crime Trends 2021/2022. Big Money: Threats to Financial Sector

Hi-Tech Crime Trends 2021/2022. Big Money: Threats to Financial Sector

A look at the cyber threat landscape: ransomware attacks, carding activity, network access sales, phishing and scams.

Hi-Tech Crime Trends 2021/2022. Corporansom: Threat Number One

Hi-Tech Crime Trends 2021/2022. Corporansom: Threat Number One

The history and analysis of affiliate programs and trends in the ransomware market.

Hi-Tech Crime Trends 2021/2022. Uninvited Guests: The Sale of Access to Corporate Networks

Hi-Tech Crime Trends 2021/2022. Uninvited Guests: The Sale of Access to Corporate Networks

Analysis of dark web forums to understand the sale of access to compromised infrastructure.

RedCurl: The Awakening

RedCurl: The Awakening

Commercial cyber espionage remains a rare and largely unique phenomenon. We cannot rule out, however, that RedCurl’s success could lead...

The Darker Things

BlackMatter and their victims

Cannibal Carders

Group-IB uncovers largest networks of fake shops – phishing websites disguised as card shops

Australian Latest Trends on Threat Intelligence

Group-IB teams up with Virtual Vendors in Australia and New Zealand to deliver local companies rock solid cyber defense.

The Total Economic Impact of Group-IB Threat Intelligence

Cost savings and business benefits enabled by Threat Intelligence

Incident Response Preparedness: A hard look at the statistics

Many organizations believed that they had an effective security program and incident response solutions. However, statistics prove otherwise.

Scamdemic outbreak

Scammers attack users in Middle Eastern countries

RUNLIR – phishing campaign targeting Netherlands

Phishers take an approach to bypass security controls never seen in the country

Digital risks 2021: Scam trends and projections in APAC region

Digital risks 2021: Scam trends and projections in APAC region

Kamo Basentsyan, Digital Risk Protection and Anti-piracy Development Director, APAC, and Shafique Dawood, Head of Sales and Development, APAC, share...

Building a customer-centric approach to fraud prevention

Webinar hosted by Group-IB with Sanny Mok, Consultant at Forrester and Kadir Yüceer, CEO at IHS Teknolojilearn, to hear first-hand...

The evolution of threats in Bahrain

Stay ahead of evolving threats in Bahrain with our webinar, as we delve into the dynamic landscape of cybersecurity challenges,...

Digital risks 2021: Scam trends and projections in MEA region

Digital risks 2021: Scam trends and projections in MEA region

Ashraf Koheil, Regional Sales Director (MEA & Turkey), and Igor Stolyarov, Head of Digital Risk Protection (MEA), share valuable insights...

Under the hood. Group-IB Threat Intelligence. Part 2

How we make Tailored Threat Intelligence

Bold ad campaign

AWC joins illicit carding business by offering 1 Mln compromised cards for free

The story behind the BlackMatter ransomware strain

The key to success for Campo Loader, Hancitor, IcedID, and QBot

The Art of Cyberwarfare

Chinese APTs attack Russia

Under the hood. Group-IB Threat Intelligence. Part 1

Dive into Breached DB section

The Fraud Family

Fraud-as-a-Service operation targeting Dutch residents

Warding off REvil: How to keep ransomware gangs out of your company

The massive cyberattack conducted by infamous ransomware gang REvil affected hundreds of businesses in over a dozen countries.

Forrester: Group-IB TI Solution Generated Significant Return on Investment

Forrester: Group-IB TI Solution Generated Significant Return on Investment

Cost savings and business benefits enabled by Threat Intelligence & Attribution

Red Teaming vs. Penetration Testing

Adversaries are probing your networks on a daily basis in order to find a way in. An organization that can...

The Brothers Grim

The reversing tale of GrimAgent malware used by Ryuk

REvil Twins: Ransomware-as-a-Service program

Deep Dive into Prolific RaaS Affiliates' TTPs

Leaks, spies, and blackmail: Insights into modern high-tech crime

During this webinar, you’ll learn the secrets behind Group-IB’s international success in investigating modern cybercrime.

Big airline heist

APT41 likely behind a third-party attack on Air India

DIGITAL RISK SUMMIT 2021

Group-IB's landmark Digital Risk Summit is a platform for industry experts to discuss the latest global trends, dive deep into...

The Total Economic Impact™ of Group-IB Fraud Protection

The Total Economic Impact™ of Group-IB Fraud Protection

Cost savings and business benefits enabled by Group-IB Fraud Protection (ex. Fraud Hunting Platform)

Digital Risk Protection win the battle against illegal brand exploitation

Join our webinar to discover how Digital Risk Protection can help you win the battle against illegal brand exploitation, providing...

FontPack: A dangerous update

Attribution secrets: Who is behind stealing credentials and bank card data by asking to install fake Flash Player, browser or...

BlackCat Ransomware: Tactics, Techniques & Mitigation Strategies

An analysis of the BlackCat ransomware affiliate program

Connecting the Bots

Hancitor fuels Cuba Ransomware Operations

GrelosGTM group abuses Google Tag Manager to attack e-commerce websites

Group-IB specialists detected GrelosGTM group started to abuse Google Tag Manager legitimate functionality for their own purposes in infections of...

Lazarus BTC Changer

Back in action with JS sniffers redesigned to steal crypto

Group-IB Ransomware Insights 2020-2021

The complete guide to the latest tactics, techniques, and procedures of ransomware operators beased on MITRE ATT&CK®

Deep water: exploring phishing kits

Group-IB's Computer Emergency Response Team built a solid phishing kit database, which helps Group-IB fight phishing that targets specific brands.

ThreatQuotient | Group IB – Actor centric threat hunting approach

ThreatQuotient, a leading security operations platform innovator, and Group-IB, a global cybersecurity company, are hosting an informative and interactive seminar...

When Karma Comes Back

The rise and fall of illicit cardshop breached twice in two years

Infoces Pakistan Data Piracy

Scam as a service targeting emerging economies in APAC via social engineering methods.

Kremlin RATs from Nigeria

The analysis of phishing campaigns carried out by a new threat actor

Digital risks 2021: Scam trends and projections

Digital risks 2021: Scam trends and projections

Learn about popular online scam techniques, including fake accounts and payment pages, malicious emails and data leaks, and how to...

Forget-me-not: using memory analysis to search for traces of commodity malware

Forget-me-not: using memory analysis to search for traces of commodity malware

Group-IB’s newest webinar is your one-stop-shop for everything commodity malware. Get an overview of the bots you need to know...

Digital Risk Insights

Digital Risk Insights

The complete guide to the threat landscape in the digital space and latest techniques of scammers

The Easy First Step to Starting Your Zero Trust Journey

The Easy First Step to Starting Your Zero Trust Journey

Learn how cybersecurity consulting can put you on the path to realizing Zero Trust Architecture

Masters of disguise

Let's hunt some bootkits

JavaScript sniffers’ new tricks

Analysis of the E1RB JS sniffer family

Digital risks 2021: Scam trends and projections – Español

Nuestro experto comparte valiosos conocimientos sobre las últimas tendencias y técnicas de estafa en el seminario web.

Risques numériques 2021: Projections et tendances des cyberarnaques

Notre expert partage des informations précieuses sur les dernières tendances et techniques en matière d'escroquerie lors du webinaire !

Tendenze delle frodi online e previsioni

Group-IB Is Recognized by Frost & Sullivan As a Leader on The Cyber Threat Intelligence Market

Group-IB Is Recognized by Frost & Sullivan As a Leader on The Cyber Threat Intelligence Market

A benchmarking system to Spark Companies to action - innovation that fuels new deal flow and growth pipelines

Attack of the clones: Scam Game in Social Media

Attack of the clones: Scam Game in Social Media

The scam uses famous brands to deceive people into multistage scam schemes, including fake surveys and visiting fraudulent third-party websites.

Ransomware Uncovered 2020/2021

Ransomware Uncovered 2020/2021

The complete guide to the latest tactics, techniques, and procedures of ransomware operators based on MITRE ATT&CK®

Inside Classiscam

A deep dive into Classiscam: automated scam as a service designed to steal money and payment data

Group-IB x YouHolder

Group-IB x YouHolder

Explore how Group-IB's auditing team conducted an External Penetration Test, Web Application Security Assessment, and Social Engineering Test for YouHodler,...

The source of everything

Forensic examination of incidents involving source code leaks

Hi-Tech Crime Trends: 2020-2021

Group-IB closely monitors the evolution of cybercriminal tactics, tools and procedures; monitors changes in the global threat landscape and key...

Digital Risks 2021: Scam trends and projections in Europe

Digital Risks 2021: Scam trends and projections in Europe

Dmitriy Tunkin, Chief Regional Officer, Europe, shares valuable insights about latest scam trends and techniques.

New attacks by UltraRank group

As part of UltraRank's new campaign, Group-IB Threat Intelligence team discovered 12 eCommerce websites infected with their JavaScript-sniffer.

Preventable Disaster: Hunting for Egregor Operators in Your Network

Preventable Disaster: Hunting for Egregor Operators in Your Network

What makes Egregor more dangerous is that it has also become the ransomware of choice for Qakbot operators, who are...

Hi-Tech Crime Trends 2020/2021

Hi-Tech Crime Trends 2020/2021

Source of strategic data on the global cyber threat landscape and forecasts for its development

The footprints of Raccoon

A story about operators of JS-sniffer FakeSecurity distributing Raccoon stealer

The Locking Egregor

Analysis of TTPs employed by Egregor operators

Frost & Sullivan recognized Group-IB as a leader in Digital Risk Protection

Frost & Sullivan recognized Group-IB as a leader in Digital Risk Protection

Frost & Sullivan recognized Group-IB as a leader in Digital Risk Protection

How to level up on your cyber knowledge: Group-IB hands-on cybersecurity programs

Take your cyber knowledge to the next level with our immersive webinar on Group-IB's hands-on cybersecurity programs. Explore cutting-edge techniques,...

Gioca d’anticipo – i TTP utilizzati dai gruppi di ransomware nel

Preparati in anticipo: scopri le tattiche, tecniche e procedure (TTP) utilizzate dai gruppi di ransomware nel nostro webinar, per difenderti...

Egregor Ransomware: The Legacy of Maze Lives On

Egregor Ransomware: The Legacy of Maze Lives On

The new gang may be young, but it is already doing serious damage

Big Game Hunting: Now in Russia

Top Russian companies and banks under attack from OldGremlin - a group controlling TinyCryptor ransomware

Group-IB Fraud Protection (ex. Fraud Hunting Platform)

Keeping user digital identity safe

How to keep your data safe online in 2020

Join our informative webinar to learn essential strategies and best practices on keeping your valuable data secure online in 2020.

Fraud Day Africa

Fraud that customers may face during and after the lockdown.

Outwit ProLock: The ins and outs of Qakbot’s enterprise ransomware

Outwit ProLock: The ins and outs of Qakbot’s enterprise ransomware

At the center of some of the most recent so-called Big Game Hunting campaigns is ProLock, whose use of the...

The ins and outs of modern-day email-borne attacks

96% of all the attacks involving social engineering techniques start in the inboxes. Email is the most common attack vector...

Lock like a Pro: How Qakbot Fuels Enterprise Ransomware Campaigns

Lock like a Pro: How Qakbot Fuels Enterprise Ransomware Campaigns

Group-IB alerted the world to ProLock. Now, it’s exposing the threat actor further.

Lock Like a Pro

Dive in Recent ProLock's Big Game Hunting

RedCurl: New corporate espionage group exposed

RedCurl acts covertly in the network for months to minimize the risk to be discovered. The group then cleverly mimics...

UltraRank: The Unexpected Twist of a JS-Sniffer Triple Threat

UltraRank: The Unexpected Twist of a JS-Sniffer Triple Threat

New stage in JS-sniffers research. From analyzing malware families to identifying threat actors

Leaving sandboxes behind: The rise of Malware Detonation Platforms

Leaving sandboxes behind: The rise of Malware Detonation Platforms

There is no limit to how far threat actors will go to bypass classic networked sandboxes. Hackers are constantly inventing...

How to Choose a Sandbox: Do’s and Don’ts

Uncover the secrets to selecting the perfect sandbox environment with our expert-led webinar. Learn the crucial do's and don'ts of...

RedCurl: The Pentest You Didn’t Know About

RedCurl: The Pentest You Didn’t Know About

The APT group continues to successfully attack enterprise companies in North America, Europe, and CIS countries after remaining undetected for...

Enquête au-delà des frontières

Explorez au-delà des frontières avec notre enquête captivante lors de notre webinaire, vous offrant des perspectives uniques et approfondies pour...

Scenario-Based Pentesting and Security Monitoring Webinar

Every year, cyberattack numbers increase, and attackers and defenders continue their never-ending game of cat and mouse. This has forced...

Retail Business vs Online Scammers: The Battle Against Illegal Brand Exploitation

Offline businesses often think they won’t be targeted by digital fraud. In reality, the opposite is true. Supermarkets, pharmacies, and...

Hunt or be Hunted with SCAfrica

Hunt or be hunted with SCAfrica in our thrilling webinar, as you explore advanced threat hunting techniques to detect and...

Digital forensics specialist’s bookshelf

Top 11 books on digital forensics, incident response, and malware analysis

Fxmsp: The story of 1 hacker who sold access To networks

Fxmsp: The story of 1 hacker who sold access To networks

In October 2017, Group-IB’s Threat Intelligence (TI) specialists detected the activity of the threat actor known as Fxmsp, who at...

Jolly Roger’s Patrons

Jolly Roger’s Patrons

Group-IB exposes financial crime network of online pirates in developing countries

Fxmsp: “The Invisible God of Networks”

Fxmsp: “The Invisible God of Networks”

The report shows how Fxmsp’s cybercriminal career evolved from a newbie hacker to one of the major players of the...

Stay one step ahead TTPs used by ransomware groups in 2019

Ransomware attacks are on the rise and show no signs of stopping. Stay one step ahead of the enemy by...

Improve the efficiency of your Security Operations Center

In a world of ever-evolving threats, keeping your Security Operations Center (SOC) technologically and strategically relevant can be a challenge.

Leadership Compass “Network Detection and Response”

Leadership Compass “Network Detection and Response”

KuppingerCole Analysts AG Names Group-IB a Product Leader for Managed XDR

IcedID: new malware version

When ice burns through bank accounts

Playbook of ‘Perswaysion’ Phishing Campaign

Perswaysion is a term coined by one of our Senior Threat Intelligence Analyst, based on a 3-phase phishing campaign which...

ATT&CKing ProLock Ransomware

The success of enterprise ransomware attacks has motivated more and more threat actors to join the game.

PerSwaysion Campaign

Playbook of Microsoft Document Sharing-Based Phishing Attack

How Fraudsters Attack Their Victims in Early 2020: Case Studies

Reconstructing User Activity for Forensics with FeatureUsage

Useful feature that can help forensic analysts and incident responders to reconstruct user activities.

If I have a SOC, do I need Compromise Assessment?

Your security level is not a constant; it is a variable indicator. Can you have absolute certainty that your data...

Intelligence-driven threat hunting, or don’t let the hunter to become the prey

Many businesses blindly implement Threat Hunting in their infrastructures while remaining unaware of the solution that lies at the core...

6 Symptoms of Disease: Risks for Online Pharmaceutical Market

To look into the illegal use of pharma brands, Group-IB’s Digital Risk Protection team analyzed online sales of seven of...

Open API security: Clarity instead of obscurity

APIs have become a hidden part of everyday life. Some industries are only beginning to develop their own open API...

Sporting Goods Maraphon: Official Brands vs. Counterfeiters

The sportswear industry is developing rapidly, which attracts countless counterfeiters who attempt to make money by selling fake products advertised...

The 3 types of online fraud attack you’re most likely to face in 2020

Discover the top three types of online fraud attacks you're most likely to face in 2020 and learn how to...

Chromium-based Microsoft Edge from a Forensic Point of View

Explore the forensic perspective of the Microsoft Edge Chromium-based version and its features, such as msedge_proxy, edge cache location, and...

Detection of Advanced Threats: Streamlined Response Proactive Threat Hunting

Each new cyberattack aimed at a company, political party, or critical infrastructure facility gives us the opportunity to see the...

The Possibilities of Mobile Forensics: Extraction, Investigation, and Crime Solving

The Possibilities of Mobile Forensics: Extraction, Investigation, and Crime Solving

A forensic expert’s guide to the latest methods of extracting data from mobile devices.

Hunting for Nextcloud Cloud Storage Forensic Artifacts on Endpoints

Forensic artifacts, which can be found during forensic examination of a Windows endpoint.

Group-IB x ENCRY TELECOM

Group-IB x ENCRY TELECOM

How to ensure enhanced protection for a virtual PBX

A Shortcut to Compromise: Cobalt Gang phishing campaign

Cobalt Gang is alive and well, and continued to attack financial institutions around the globe in 2019.

Hi-Tech Crime Trends 2019/2020

Hi-Tech Crime Trends 2019/2020

A single comprehensive source of strategic data on cyberthreats and reliable forecasts of their development

Hunting for Attacker’s Tactics and Techniques With Prefetch Files

Windows Prefetch files were introduced in Windows XP and since that time have helped digital forensics analysts and incident responders...

Ransomware Uncovered 2019: Attackers’ Latest Methods

Ransomware Uncovered 2019: Attackers’ Latest Methods

The complete guide to the TTPs used by ransomware operators in 2019

Hi-Tech Crime Trends: 2019-2020

Over the past decade, the number of cyberattacks and their complexity have increased significantly, which puts the freedom of communication...

Group-IB unveils its Graph

The story about Group-IB searching for graph analysis solution and creating its own unique instrument

Online brand abuse: Trends and evolution of scam methods in 2019

Massive malicious campaign by FakeSecurity JS-sniffer

Group-IB specialists detected a new JS-sniffer family called FakeSecurity.

WhatsApp in Plain Sight: Where and How You Can Collect Forensic Artifacts

All about WhatsApp forensics and the wealth of data extracted from a device through forensic analysis.

Cybersecurity Challenges to Pharmaceutical Brands in 2019

Cybersecurity Challenges to Pharmaceutical Brands in 2019

Learn what methods criminals use to abuse pharmaceutical brands and popular drugs and distribute poor-quality medicine under their labels.

RDoS attacks by fake Fancy Bear hit banks in multiple locations

Group-IB experts have detected a massive email campaign spreading similar ransom demands sent to banks and financial organizations across the...

Take the next step in your Threat Intelligence program. New features and use cases

Level up your Threat Intelligence program: Discover new features and explore powerful use cases in our webinar, empowering you to...

No Time to Waste

How Windows 10 Timeline Can Help Forensic Experts

50 Shades of Ransomware

The following article examines forensic artifacts left by the Shade cryptolocker and maps used tactics and techniques to MITRE ATT&CK.

Tools up: the best software and hardware tools for computer forensics

Igor Mikhailov gave his review of the best software and hardware solutions for computer forensics.

Three Steps for Building a Successful Brand Protection Strategy

Unlock the secrets to building a successful brand protection strategy with our insightful webinar, taking you through three essential steps...

How to track the most powerful hacking groups APAC

Unlock the secrets of tracking the most powerful hacking groups in APAC during our insightful webinar. Learn effective methodologies and...

Are you ready for a Cyber Incident Response? Expectations vs Reality

Are you keeping up with the ever-changing cyber threatscape and adapting your security posture accordingly?

Silence: Tools & Attack Evolution in 2019

In September 2018, Group-IB released the first comprehensive technical report on the cybergang Silence. This webinar cover the findings Group-IB...

Silence 2.0: Going Global

Silence 2.0: Going Global

A comprehensive technical analysis of Silence’s tools, tactics, and evolution. This is the first time Group−IB’s reports of this kind...

Protect Your Brand Online – 3 Approaches to Measure the ROI

Learn more about the effective brand protection approaches and gain valuable insights fraud and scam schemes in our webinar!

Voting results of

Voting results of “The Voice Kids Russia Season 6”

How to investigate a perfect cybercrime

Tips&Tricks from Group-IB's high-profile cases in our insightful webinar!

Catching fish in muddy waters

How the hacker group MuddyWater attacked a Turkish manufacturer of military electronics

Following the RTM

Forensic examination of a computer infected with a banking trojan

Meet the JS-Sniffers 4: CoffeMokko Family

Group-IB researchers have discovered 38 families of JS-sniffers, whereas only 12 were known previously.

Meet the JS-Sniffers 3: Illum Family

Group-IB researchers discovered Illum JS-sniffers family designed to steal payment data of customers of online stores.

Meet the JS-Sniffers 2: G-Analytics Family

Group-IB discovered that the stolen payment cards data is sold through an underground store specially created for this purpose.

Meet the JS-Sniffers: ReactGet Family

ReactGet is one of the most interesting families of JS-sniffers, designed to steal banking cards data from online stores.

Gustuff: Weapon of Mass Infection

Android Trojan named «Gustuff» capable of targeting more than 100 global banking apps, a number of cryptocurrency and marketplace applications

Crime Without Punishment: In-depth Analysis of JS-Sniffers

Crime Without Punishment: In-depth Analysis of JS-Sniffers

JS-sniffers pose a growing threat by attacking online stores and stealing payment data and credentials of their users. Group-IB experts...

The end of torrents era in Russia

Currently, a total of 80% of pirated films and almost 90% of TV series are being watched online

Relevant Cyberthreats to Perfume Brands in 2019

Relevant Cyberthreats to Perfume Brands in 2019

The scent of fraud. Learn how threat actors are stealing the names and reputations of luxury perfume brands for their...

How to safeguard your business from social engineering attacks

Social engineering, in the context of information security, is the psychological manipulation of people into performing actions or divulging confidential...

The Sound of Silence: New APT attacks on banks discovered in 2018

Interbank systems, Card processing, ATMs, Payment gateways

Hi-Tech Crime Trends 2018

Hi-Tech Crime Trends 2018

Group-IB annual report on cybercrime trends

The Evolution of Ransomware And Its Distribution Methods in 2018

The Evolution of Ransomware And Its Distribution Methods in 2018

Ransomware attacks were still on the rise in 2018. Some of them became more sophisticated and adopted tactics and techniques...

Financially motivated Silence

In September 2018, Group-IB released Silence: Moving into the darkside, the first comprehensive technical report on the group’s attacks. The...

Mobile Fraud Trends and Best Practices in Protecting Banking Apps

Stay ahead of mobile fraud trends and gain valuable insights into protecting banking apps with our informative webinar.

Silence: Moving Into The Darkside

Silence: Moving Into The Darkside

The first detailed report on the tactics and tools used by Silence

Silence: Moving into the Darkside

Group-IB has exposed the attacks committed by Silence cybercriminal group.

2018 Cryptocurrency Exchanges. User Accounts Leaks Analysis

2018 Cryptocurrency Exchanges. User Accounts Leaks Analysis

Estimation of the number of login and passwords leaks of cryptoсurrency exchanges users and analysis of their nature. Recommendations for...

Cobalt Modus Operandi Evolution and Joint Anunak Operations

Learn about Cobalt’s development and modification of tools and tactics which were used to steal approximately 1 billion dollars from...

Lazarus Arisen: Architecture, Tools and Attribution

Lazarus Arisen: Architecture, Tools and Attribution

The only in-depth report outlining multiple layers of Lazarus infrastructure, thorough analysis of hacker’s tools and evidence leading to North...

Cobalt: Their Evolution And Joint Operations

Cobalt: Their Evolution And Joint Operations

Learn about Cobalt’s development and modification of tools and tactics which were used to steal approximately 1 billion dollars from...

Cobalt Renaissance

New attacks and joint operations

Lazarus Arisen: Architecture, Techniques and Attribution

Due to continued media attention and alleged connections to North Korea, Lazarus has become a well-known hacking group. However, existing...

Cobalt Hacking Group Persists: Evolution of Attacks and New Targets

Cobalt group was first revealed in 2016. It is known for stealing cash directly from the ATMs with “touchless jackpotting”...

Red Teaming: The Tactics and Methods Involved in Full-Scale Attack Simulations

Red Teaming: The Tactics and Methods Involved in Full-Scale Attack Simulations

So what is the difference between a pentest and Red Teaming? Find out this and more in this definitive guide...

Analysis of The Counterfeit Goods Market Infringing on Sports Brands

Analysis of The Counterfeit Goods Market Infringing on Sports Brands

This report contains the results of Group-IB Digital Risk Protection’s study into the counterfeit goods and online fraud market with...

eDiscovery: Basics, Methods and Techniques of Strategic Digital Evidence Management

eDiscovery: Basics, Methods and Techniques of Strategic Digital Evidence Management

Learn about the delicate process of collecting, processing, and analyzing digital evidence so that it can be presented to judges...

Internet Distribution of Counterfeit Alcohol 2017-2018

Internet Distribution of Counterfeit Alcohol 2017-2018

Investigation of counterfeit alcohol market in Russia

Key Findings and Forecasts from Group IB’s Annual Research in 2017

Gain valuable insights and exclusive forecasts from Group IB's annual research in 2017, as our webinar highlights key findings that...

Hi-Tech Crime Trends 2017

Hi-Tech Crime Trends 2017

Group-IB annual report on cybercrime trends

MoneyTaker: in pursuit of the invisible

Group-IB has uncovered a hacker group attacking banks in the USA and Russia

MoneyTaker: Revealed After 1.5 Years of Silent Operations

MoneyTaker: Revealed After 1.5 Years of Silent Operations

Explore how this group managed to hide their traces while conducting 20+ attacks on banks and financial services companies in...

When Hackers are Quicker than Antiviruses: Cobalt Group Bypasses Antivirus Protection

In a Queue for a Scam

How faudsters cash in on hype around new iPhones

NotPetya pulls BadRabbit out of the hat

Research revealed that the BadRabbit code was compiled from NotPetya sources.

BadRabbit: spread of new cryptolocker

There is a connection between BadRabbit and Not Petya

‘Black spot’ for pirates

Russia has developed a strong legal framework to combat online piracy. All that is needed is for it to be...

Airline companies «landing» on fake pages

Top global airline companies have been compromised by fraudsters for the second time during the last six months.

Secrets of Cobalt

How Cobalt hackers bypass your defenses

Insecure venture

On the price of hacker attacks and the toxic cyber environment

Kronos devouring its children

The man who "saved the world" from the WannaCry outbreak has been arrested on suspicion of being the author of...

Hacktivists unmasked

Group-IB reveals the identity of alleged members of the Islamic hacker group United Islamic Cyber Force

Targeted attacks on banks

Russia as a testing ground

Petya starts with Ukraine and then goes global

Group-IB has identified the ransomware that has infected energy, telecommunications and financial companies

Top global airline companies have been compromised through fake links distributed by "friends" on Facebook

Group-IB reveals the unknown details of attacks from one of the most notorious APT groups: sophisticated espionage and APT techniques...

Echoes of cyberwar

Why WannaCry was more dangerous than other ransomware?

MoneyTaker: TTPs and Predictions

Group-IB has recently released a report outlining the activity of a previously unknown targeted attack group that we are dubbing...

In a Risk Group

Why cyberattacks may be soon at the top of the World rating of threats (Ilya Sachkov for RBC)

Cobalt: Logical Attacks on ATMs

Cobalt: Logical Attacks on ATMs

Report outlining activity of the Cobalt hacker group attacking banks in Europe and Asia

Hi-Tech Crime Trends 2016

Hi-Tech Crime Trends 2016

Group-IB annual report on cybercrime trends

Cobalt ATM jack potting: Real cases and Q&A

The "Cobalt" cyber-criminal group has garnered international attention and focus from the security community from their unique methods of conducting...

Buhtrap: The Evolution of Targeted Attacks Against Financial Institutions

Buhtrap: The Evolution of Targeted Attacks Against Financial Institutions

The report outlines the activity of the most dangerous and comprehensive cybercriminal group attacking internal banking systems.

Cron has fallen

Group-IB supports operations to arrest gang for infecting 1 million smartphones

Analysis of Attacks Against Trading and Bank Card System

Analysis of Attacks Against Trading and Bank Card System

Group-IB annual report on speculative fluctuations of exchange rate and other incidents in 2015 caused by the Trojan program Corkow...

Anunak: APT Against Financial Institutions

Anunak: APT Against Financial Institutions

This research includes the findings of Group-IB and Fox‑IT on Anunak (Carbanak) group, which focused its activity on banks and...

Ransomware Notes

Ransomware Notes

We have collected ransom notes from the most active ransomware groups in 2024 to help you stay vigilant and prepare for potential threats.

Join the Cybercrime
Fighters Club

The global fight against cybercrime is a collaborative effort, and that’s why we’re looking to partner with industry peers to research emerging threats and publish joint findings on our blog. If you’ve discovered a breakthrough into a particular threat actor or a vulnerability in a piece of software, let us know!

Join Learn more