Ransomware gang with ties to Colonial Pipeline hack reportedly recruiting talent under guise of real tech company
A criminal organization believed to have produced the software used in the Colonial Pipeline hack earlier this year has "set up a fake company to recruit potential employees," The Wall Street Journal reports, according to researchers at Microsoft and intelligence firm Recorded Future.
The phony cybersecurity organization is reportedly using the name Bastion Secure, and is thought to be run by "well-known hacking group" Fin7, Recorded Future and Microsoft told the Journal. They're believed to have attacked "hundreds of businesses, stolen more than 20 million customer records and written the software used in a hack that disrupted gasoline delivery in parts of the Southeastern U.S," the Journal explains, per federal prosecutors and researchers.
This latest impersonation attempt "represents a new development by purveyors of ransomware to grow and spread a scourge" that has disrupted hundreds of businesses, across sectors, writes the Journal. Ransomware groups are "increasingly operating like criminal startups," using illegally-earned millions to fund their grift.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
The professional-looking Bastion Secure website lists routine jobs for any security agency — programmers, administrators, etc. And despite its fraudulence, the company made offers to some prospective recruits, per researchers. One potential new hire spotted red flags in the operation not long after, telling Recorded Future that nobody at Bastion would meet face-to-face or talk via voice call.
In fact, a phone call to a number listed on Bastion Secure's site was answered by a Russian-speaking man with what appeared to be no knowledge of the organization, writes the Journal. "I'm just a person. I have nothing to do with any cybersecurity company," he exclaimed before hanging up. Read more at The Wall Street Journal.
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
Brigid Kennedy worked at The Week from 2021 to 2023 as a staff writer, junior editor and then story editor, with an interest in U.S. politics, the economy and the music industry.
-
Judge rejects Elon Musk's $56B pay package again
Speed Read Judge Kathaleen McCormick upheld her rejection of the Tesla CEO's unprecedented compensation deal
By Peter Weber, The Week US Published
-
DOJ seeks breakup of Google, Chrome
Speed Read The Justice Department aims to force Google to sell off Chrome and make other changes to rectify its illegal search monopoly
By Peter Weber, The Week US Published
-
Racist texts tell Black people in US to prepare for slavery
Speed Read Recipients in at least a dozen states have been told to prepare to 'pick cotton' on slave plantations
By Peter Weber, The Week US Published
-
Australia proposes social media ban before age 16
Speed Read Australia proposes social media ban before age 16
By Peter Weber, The Week US Published
-
FTC bans fake online product reviews
Speed Read The agency will enforce fines of up to $51,744 per violation
By Peter Weber, The Week US Published
-
States sue TikTok over children's mental health
Speed Read The lawsuit was filed by 13 states and Washington, D.C.
By Rafi Schwartz, The Week US Published
-
Amazon ending 'Just Walk Out' grocery checkout
Speed Read In its place, the company will let customers scan while they shop with Amazon Dash Cart
By Peter Weber, The Week US Published
-
Justice Department bites Apple with iPhone suit
Speed Read The lawsuit alleges that the tech company monopolized the smartphone industry
By Rafi Schwartz, The Week US Published