Blog

Key Findings Gemini analysts observed a criminal actor advertise in the dark web a new tool called “Email Appender” that can implant malware-infected or tailored phishing emails directly into a target mailbox. By implanting the email, Email Appender bypasses email security platforms that inspect messages en route to their destination mail server. The software poses […]

Key Findings As COVID-19 travel restrictions are lifted, countries are opening their borders to tourists. The sale of travel services, both legal and illegal, is starting to increase, which opens more opportunities for cybercriminals to monetize stolen payment cards. The airline industry alone loses nearly $1 billion per year due to the fraudulent online purchase […]

Key Findings The Joker’s Stash dark web marketplace, known for advertising and uploading major breaches containing millions of compromised cards, has uploaded its latest breach, titled “BLAZINGSUN.” Gemini Advisory determined that the compromised point of purchase (CPP) was Dickey’s Barbecue Pit, a US-based restaurant franchise. Dickey’s operates on a franchise model, which often allows each […]

Key Findings Gemini Advisory’s analysts uncovered a September 14, 2020 post on a Russian-language dark web forum by a ransomware team operating under the moniker “LockBit,” in which they advertised starting their own blog under the same name. This entry into the “big leagues” by LockBit was accompanied by a blog post with two databases […]

Key Findings While cybercrime has dramatically increased in the past several years, Card Not Present (CNP) fraud, in particular, has become far more prolific. Regulatory technologies (regtechs) use consortium data harvested from merchant payment networks to authenticate card data and user identity through digital fingerprints to combat CNP fraud. Cybercriminals use anti-fingerprinting tools to bypass […]

Key Findings Over the last few years, the threat of ransomware attacks has made headlines not only for security practitioners, but also across the mainstream media. Ransomware attacks have been growing more widespread due to a high and increasing yield potential. While attack frequency and scale increase, individual and corporate victims often underreport attacks for […]