Hackers from the Leak Wolf group stole data from more than 40 Russian companies without using any malware and posing as real employees of the organizations. Reported by RIA Novosti with reference to digital risk management company Bi.Zone.
According to data presented to Bi.Zone, retail, education and information technology organizations were most affected by Leak Wolf’s actions. It is worth noting that hackers do not try to use malware, exploit vulnerabilities in publicly available applications, and do not carry out phishing emails.
Instead, they used the accounts of company employees or IT contractors. According to experts, it was this method that allowed the attackers to go unnoticed for a long time. Hackers also rented servers in Russia or used a VPN for remote access. Due to the popularity of remote work, this has not aroused any suspicion in the security services.
According to experts, one of the reasons for the successful activity of hackers was the neglect of digital hygiene by company employees. Therefore, they sign up for third-party services with working emails, use simple passwords, do not change them from account to account.
Bi.Zone states that after hackers infiltrated the company’s infrastructure, they scanned the network, gathered important information for the business, especially its customer base, and then uploaded the data to its cloud storage and posted a link in the public domain. .