Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label youth crime. Show all posts

The Com: Youth Hacking Ring Executing High-profile Cybercrimes


A new threat actor community recently came to light. carrying out some malicious cyberattacks.

The online community, labelled as ‘the Com,’ apparently consist of young skilled hackers who are carrying out sophisticated campaigns and high-profile breaches. 

The hackers, who are primarily teenagers and young adults are not only executing malicious attacks but also bragging about their operations in a language filled with racist and misogynistic slurs. 

The cybersecurity researchers, who have been studying and monitoring the Com activities have urged policymakers and the cybersecurity community to confront the issue more seriously and take strong actions against the youth-led cybercrime group. While, in comparison to cybercriminal networks, state-backed hackers build a more high-profile case, recent instances of breaches led by new-generation hackers shall not be underestimated. 

One of the instances being the high-profile breach that recently shook the operations of Las Vegas resorts, including Caesars Entertainment and MGM Resorts is believed to be the doing of threat actors called “Star Fraud,” one of the subgroups of the Com. These assaults show how dangerous and serious the larger Com ecosystem is. 

The Caesars and MGM attacks were attributed to ALPHV, a Russian-based ransomware-as-a-service organization related to other attacks. The moniker "Scattered Spider," which has been linked to the attacks, is inaccurate, according to the researchers at the LABScon conference, as it combines a number of competing organizations from the Com ecosystem. Despite having similar strategies, these groups are different and might even face off against one another.

However, this does not stop here. In the past two years, some members of the threat group behind cyberattacks in corporate giants like Nvidia, Samsung, and Microsoft – Lapsus$ – are believed to have originated from the Com ecosystem. 

This incident further highlighted the reach of cybercrime on young minds. In August 2023, a Cyber Safety Review Board report on Lapsus$ suggested an investigation to Congress to explore funding programs in order to prevent juvenile cybercrime. 

In regards to the issue, the FBI has also conducted an investigation on the individuals linked with the Com for alleged cybercrime activities. 

The Com has been connected to a number of illegal activities, including swatting, SIM swapping, bitcoin theft, and even real-world assault. These young cybercriminals are skilled at social engineering, taking advantage of their fluency in English to trick IT support desks and steal crucial company credentials.

The researchers also caution that these young hackers are now working together with international ransomware syndicates, which have a history of extorting millions of dollars globally. The question of how harmful online communities can radicalize children is comparable to how Com plays a role in luring young hackers into a life of cybercrime. The researchers contend that the radicalization these hackers experience is focused on cybercrime and evolving into their worst selves.  

₹79 lakh online fraud to withdraw ₹49 in over 1.5 lakh transactions

A gang from Jharkhand, responsible for fraud of over ₹79 lakh, was busted on Friday for hacking over 2,020 accounts of State Bank of Mysore (SBM) customers last year.

The gang was led by a 19-year-old school dropout. Suraj Mohali, the accused perpetrator, has now been arrested along with three others for hacking and withdrawing ₹49 from the savings bank accounts and Mastercard holders of SBM in Bengaluru, Sringeri, Mangaluru, and Tirthahalli.

The gang made as much as 1.56 lakh transactions, withdrawing over ₹79 lakh in a few hours.

Then they diverted this money into different bank accounts using fake documents and used some of the cash to recharge mobile phones, which led to the cyber police tracking them down and arresting them.

The gang is allegedly a part of a much larger network operating in Jharkhand.

The mastermind behind this network is yet to be identified, but would allegedly give them the details of various bank accounts and instruct them to withdraw only ₹49 from each account.

The Inspector-General of Police, Chandrashekhar said, “We cracked the case after tracking the accused for over a year. We are questioning them to know more about the racket.” The accused and his accomplices have been brought to Bengaluru for questioning.

It has reportedly been found during the investigation that many youths from Jharkhand are trained and involved in online fraud throughout the country.