image
Maza, a place online for fraudsters and extorters to connect to pull off their operations, has been breached by an unknown attacker, in just the latest in a series of attacks targeting elite Russian-language cybercrime forums. Members are worried that their data is being used by researchers and law enforcement to track down their true identities, a new report from Flashpoint said. These forums are where threat actors can go to access ransomware-as-a-service tools, launder stolen money and even get advice on how to improve their crimes, Flashpoint vice president Thomas Hofmann explained to Threatpost. “Maza is a place where one can connect to trustworthy threat actors, who have been active in the Russian-language underground anywhere between 10 to 20 years,” Hoffman said. “Ultimately, the forum serves the role of a board where one can establish initial contact with respected and trustworthy service providers.” Membership to Maza is by invitation only and comes with a fee, he added. Another Russian-language cybercrime forum called Verified was abruptly resurrected after sitting dormant for some time with unknown administrators and new domains, Flashpoint said. By Feb. 18t, the new forum’s new leadership started deanonymizing Verified’s former operators, raising suspicions among its user base. Another forum, Exploit, reportedly suffered a compromise this week, and a member of the forum warned other users to “be careful with registered emails across multiple forums,” Flashpoint…

Source