Cybercriminals// Malicious Actors | Intel 471 Skip to content

Cybercriminals// Malicious Actors

Hero background fallback
Zservers: Bulletproof hosting for online crime
Cybercriminals// Malicious Actors// Mar 11, 2025

Zservers: Bulletproof hosting for online crime

Russia-based bulletproof hosting service Zservers was exposed and hit with sanctions. But there are signs it may not have been permanently disrupted.

Black Basta exposed: A look at a cybercrime data leak
Cybercriminals// Malicious Actors// Feb 28, 2025

Black Basta exposed: A look at a cybercrime data leak

Black Basta suffered a leak of 197,000 internal chats messages, which has exposed critical details about how this damaging ransomware gang operated, including how its top member claims to have eluded law enforcement.

The evolution of Russian cybercrime
Cybercriminals// Malicious Actors// Feb 26, 2025

The evolution of Russian cybercrime

In this Studio 471, Roman Sannikov, Founder of Constellation Cyber shares his insight into the Russian cybercriminal landscape, the evolution of online crime and what lies ahead with ransomware.

Threat hunting case study: SocGholish
Cybercriminals// Malicious Actors// Feb 13, 2025

Threat hunting case study: SocGholish

SocGhlosh is a malware campaign that spreads via hacked web pages. This is a guide for how to detect infections by searching in SIEMs and logging systems for attacker behaviors.

Law enforcement hammered cybercrime in 2024. Is it working?
Cybercriminals// Malicious Actors// Feb 04, 2025

Law enforcement hammered cybercrime in 2024. Is it working?

In 2024, authorities took aim at ransomware gangs, malware developers, cybercriminal infrastructure and cryptocurrency thieves. Here's a look at the effects of these operations.

How ransomware may trend in 2025
Cybercriminals// Malicious Actors// Jan 21, 2025

How ransomware may trend in 2025

New variants and threat actor groups kept up the tempo of ransomware attacks in 2024. Here's a look at how this type of pervasive cybercrime may trend this year.

Holiday Season Cyber Threats (Part 2): Ransomware, Gift Cards, and Point-of-Sale breaches
Cybercriminals// Malicious Actors// Dec 10, 2024

Holiday Season Cyber Threats (Part 2): Ransomware, Gift Cards, and Point-of-Sale breaches

The surge in online shopping and travel bookings during the holiday season offers rich pickings for cybercriminals. Black Friday, Cyber Monday, Christmas shopping, and increased travel throughout December offer ample opportun...

Cybercrime Exposed Podcast: Raccoon Stealer
Cybercriminals// Malicious Actors// Dec 05, 2024

Cybercrime Exposed Podcast: Raccoon Stealer

Information stealing malware is one of the most common ways that organizations end up infiltrated by malicious hackers. For several years, one type of infostealer called Raccoon Stealer ruled them all.

A Look at Trending Chinese APT Techniques
Cybercriminals// Malicious Actors// Nov 18, 2024

A Look at Trending Chinese APT Techniques

Cyber capabilities play a key role in achieving China’s strategic goals. Here's a look at significant state-sponsored actors, which are adopting stealthy techniques to avoid their campaigns being linked to Beijing.

How to Defend Against Alleged Snowflake Attacker ‘Judische’
Cybercriminals// Malicious Actors// Nov 05, 2024

How to Defend Against Alleged Snowflake Attacker ‘Judische’

The threat actor behind the compromise of more than 165 organizations using Snowflake credentials stolen by infostealers has reportedly been detained. Here's a profile of the Com-related threat actor "Judische.&quot...

Featured Resource
Intel 471 Logo 2024

AresLoader is a new loader malware-as-a-service (MaaS) offered by threat actors with links to Russian hacktivism that was spotted recently in the wild.