The FLINT Report: August 15 | Disrupting Russian Cybercrime, Grandoreiro Malware, and the New Check Fraud Analytics Dashboard

Disrupting Russian Cybercrime: WWH-Club Admins Arrested

US authorities have charged two administrators of WWH-Club, one of the largest Russian-language cybercrime forums. According to the criminal complaint, Russian national Pavel Kublitskii and Kazakhstan native Alexandr Khodyrev served as administrators and moderators of WWH-Club, Skynetzone, Opencard, and Center-Club. They allegedly operated their criminal enterprise from abroad but sought asylum in the United States in December 2022.

Despite their arrests, WWH-Club remains online and operational. In addition, it appears that WWH-Club and its other administrators are attempting to distance themselves from Kublitskii and Khodyrev—claiming that they were only moderators and did not have administrative rights to the forum. This contradicts the details released in the official criminal complaint.?

Flashpoint has also found that WWH-Club has deleted Kublitskii’s and Khodyrev's purported accounts and is offering its current members the opportunity to change their screen names. This could potentially be a countermeasure to obscure any potential follow-on investigations.

In this blog, we explore the WWH-Club arrests, their impact on the cybercrime ecosystem, and how organizations can stay ahead of evolving threats.

Read now.

Gartner? Research: How To Respond to the Threat Landscape in a Volatile, Complex, and Ambiguous World

Security and risk management leaders must refine their strategies to respond to threats in a VUCA world, as their organizations pursue digital transformations and criminals evolve their techniques, as per Gartner?.

• Effectively responding to the threat landscape requires strong validation and prioritization, but it also implies accepting some degree of residual risk. Even the most well-funded organizations cannot address every threat they know about.
• Cybersecurity program changes based on single-sourced attack statistics are reactive by nature and rarely the best choice. They also undermine the chief information security officer’s (CISO’s) long-term credibility, as it is really easy to point out flaws in the methodology or conflicting findings.
• Cybersecurity vendors’ focus on generative AI features risk diverting their roadmaps from the behavioral detection capabilities needed to stay ahead of evolving attack techniques.

Get the report.

Grandoreiro Malware: Spear Phishing, Outlook Exploits, and More

Grandoreiro, a banking trojan that once preyed on Latin American financial institutions, has reemerged. Previously thought to have been shut down in a joint operation spearheaded by the Federal Police of Brazil, Flashpoint analysts have observed new reports of the malware targeting victims in North America, Europe, Asia, and Africa. Now that this once-regional threat has gone global, it is essential that organizations understand how the trojan works and learn how to protect against it.

In this blog, we explain what Grandoreiro malware is, how it works, and how organizations can protect themselves against this reemerging threat.

Learn more.

New: Check Fraud Analytics Dashboard

Discover comprehensive analytics with the new Check Fraud dashboard from Flashpoint Fraud Intelligence. Simplify check image analysis, spot fraudulent activities, and avoid financial losses.

View the self-guided demo.

COURT DOC: Leader of International Malvertising and Ransomware Schemes Extradited from Poland to Face Cybercrime Charges

Silnikau, along with alleged co-conspirators Volodymyr Kadariya, a Belarussian and Ukrainian national, 38, and Andrei Tarasov, a Russian national, 33, are charged with cybercrime offenses associated with a scheme to transmit the Angler Exploit Kit, other malware, and online scams.

View document.

Visit Us at the 15th Annual Billington CyberSecurity Summit

The Flashpoint team will be at the 15th Annual Billington CyberSecurity Summit. Stop by booth #117 for a demo and swag.

Learn more.

Get to Know Flashpoint

We hope you’re enjoying The FLINT Report! This newsletter is created by Flashpoint, a risk intelligence company headquartered in Washington, D.C. Our mission is to deliver timely, actionable intelligence to organizations in the public and private sectors, and help them help protect their most critical assets, infrastructure, and stakeholders from a wide range of cyber and physical security risks. Visit flashpoint.io to learn more.