A new report shows that a Kazakhstani hacker built a million dollar fortune by breaching private networks and selling their data.
Researchers at threat intelligence company, Group-IB, said that the hacker, who operates under the pseudonym “Fxmsp,” began promoting their services across darknet. They posted data for sale on hacking-related forums, offering valuable resources stolen from private corporate networks. Some customers have taken to calling the hacker “The invisible god of networks.”
Millionaire profits for Fxmsp
According to the report, the magnitude of Fxmsp’s cybercriminal business is enormous. They reportedly accumulated $1.5 million in profits over three years by targeting 135 companies from 44 countries.
Fxmsp allegedly began promoting cryptojacking services through a Russian forum, selling corporate network data access. Their services allowed purchasers to mine cryptocurrencies using stolen computer power, though it is unknown whether these services were used to specifically mine Bitcoin (BTC).
The study revealed a number of instances where the hacker managed to expand their target capacity:
“During the time that he was active on [removed link], from early October 2017 to July 31, 2018, Fxmsp put access to 51 companies in 21 countries up for sale. The cybercriminal shared the price in only 30% of cases. By that time, after 9 months of activity, the minimum average price for all visible accesses that I’ve advertised was $ 268,000 (without including the sales I’ve made through private messages).”
Were they really acting alone?
Yelisey Boguslavskiy, AdvIntel’s director of security research, believes that Fxmsp was not acting alone, but rather as part of a cybercriminal team named “GPTitan”. This group is made up of numerous hackers who access various financial environments to steal high-profile network data.
An article published by BleepingComputer, citing an independent source, claimed that “the invisible god of networks” had expanded into a team with an undetermined number of members.
Alliances broken
Fxmsp is known to have worked with a sales manager operating under the pseudonym “Lampeduza”. Fxmsp disappeared from the forums in May 2019, effectively ending the relationship, however.
The report states that Fxmsp and Lampeduza may still be operating privately.
Cointelegraph recently reported that the total USD value of Bitcoin transferred on the dark web rose by 65% in Q1 2020, despite a decline in transactions during the same period in 2019.