Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Rackspace Accelerates External Digital Threat Investigation with RiskIQ PassiveTotal
Download Case Study
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
The Massive Threat Campaigns Circling Beneath the Surface
Businesses are targets for large, organized, and well-funded cyber threat campaigns that use massive amounts of infrastructure both beyond the firewall and on the internal network.
RiskIQ researchers have uncovered one of these campaigns, a sophisticated, far-ranging operation that uses commercially available and open-source marketing tools to launch phishing attacks against an array of organizations, many of which deal with gift cards.
This cyber threat group’s activities initially surfaced when investigative journalist Brian Krebs reported on the breach of IT supplier Wipro, but RiskIQ data shows this attack is far from an isolated incident and involves a long list of targets dating back to 2016.
Although attribution cannot be confirmed, the group’s numerous concurrent attacks display hallmarks of some state-sponsored activity such as precision, organization, and, likely, a financial motive. In this cyber threat intelligence report, Infrastructure overlap in PDNS, WHOIS, and SSL certificate data sets allowed RiskIQ researchers to profile this group and surface and connect its infrastructure.
Report highlights include: