Morocco as an rising cybercrime originator
Though cybercrime operations are a worldwide phenomenon, most financially motivated cybercriminals function from a well-understood checklist of nations, together with China, Russia, Ukraine, the US, Romania, and Nigeria. However at this 12 months’s Sleuthcon, a brand new nation emerged that threatens to interrupt into the ranks of prime cybercrime havens: Morocco.
Microsoft researchers lately uncovered a brand new, quiet, and productive group it calls Storm-0539, also called Atlas Lion, working out of Morocco. The group engages in fee and reward card fraud. However as an alternative of counting on malware or malicious tooling, as is likely to be present in peculiar point-of-sale bank card fraud, Storm-0539 represents an evolution in cybercrime as a result of it exploits cloud identities to focus on retailers to print their very own reward playing cards, typically in hefty quantities.
Utilizing worker directories and schedules, contact lists, and electronic mail inboxes, Storm-0539 targets retail workers by way of smishing or phishing to realize entry to the reward card enterprise course of, print their very own reward playing cards after which redeem the playing cards, promote them on black market web sites or use mules to money out the playing cards.
