Fxmsp
Description
(AdvIntel) Throughout 2017 and 2018, Fxmsp established a network of trusted proxy resellers to promote their breaches on the criminal underground. Some of the known Fxmsp TTPs included accessing network environments via externally available remote desktop protocol (RDP) servers and exposed active directory.
Most recently, the actor claimed to have developed a credential-stealing botnet capable of infecting high-profile targets in order to exfiltrate sensitive usernames and passwords. Fxmsp has claimed that developing this botnet and improving its capabilities for stealing information from secured systems is their main goal.
Names
| Name | Name-Giver |
|---|---|
| Fxmsp | self given |
| ATK 134 | Thales |
| TAG-CR17 | Recorded Future |
Country
Motivation
- Financial gain
First Seen
2016
Observed Sectors
- Aviation
- Education
- Energy
- Financial
- Food and Agriculture
- Government
- Manufacturing
- Retail
- Transportation
Observed Countries
- Australia
- Brazil
- Canada
- Chile
- China
- Colombia
- Cyprus
- Ecuador
- Egypt
- El Salvador
- Germany
- Ghana
- Hong Kong
- India
- Indonesia
- Ireland
- Italy
- Jamaica
- Japan
- Kenya
- Kuwait
- Malaysia
- Maldives
- Mexico
- Netherlands
- Nigeria
- Oman
- Pakistan
- Philippines
- Russia
- Saudi Arabia
- Singapore
- South Africa
- South Korea
- Sri Lanka
- Thailand
- UAE
- UK
- USA
- Zimbabwe
Tools
Operations
- 2019-05: Breaches of Three Major Anti-Virus Companies https://www.advanced-intel.com/blog/top-tier-russian-hacking-collective-claims-breaches-of-three-major-anti-virus-companies
Counter Operations
- 2020-07: Feds indict ‘fxmsp’ in connection with million-dollar hacking operation https://www.cyberscoop.com/fxmsp-andrey-turchin-indictment-fraud-stolen-data/
Information
- https://www.advanced-intel.com/blog/top-tier-russian-hacking-collective-claims-breaches-of-three-major-anti-virus-companies
- https://www.group-ib.com/resources/threat-research/fxmsp-report.html
Other Information
Uuid
9d6819bf-0b1d-45a8-9042-f0873e2e5227
Last Card Change
2021-12-09