BlackBerry Uncovers Initial Access Broker Linked to 3 Distinct Hacker Groups
Nov 08, 2021
A previously undocumented initial access broker has been unmasked as providing entry points to three different threat actors for mounting intrusions that range from financially motivated ransomware attacks to phishing campaigns. BlackBerry's research and intelligence team dubbed the entity " Zebra2104 ," with the group responsible for offering a means of a digital approach to ransomware syndicates such as MountLocker and Phobos, as well as the advanced persistent threat (APT) tracked under the moniker StrongPity (aka Promethium). The threat landscape as we know it has been increasingly dominated by a category of players known as the initial access brokers ( IABs ), who are known to provide other cyber-criminal groups, including ransomware affiliates, with a foothold to an infinite pool of potential organizations belonging to diverse geographies and sectors via persistent backdoors into the victim networks, effectively building a pricing model for remote access...
