A criminal organization believed to have produced the software used in the Colonial Pipeline hack earlier this year has "set up a fake company to recruit potential employees," The Wall Street Journal reports, according to researchers at Microsoft and intelligence firm Recorded Future.
The phony cybersecurity organization is reportedly using the name Bastion Secure, and is thought to be run by "well-known hacking group" Fin7, Recorded Future and Microsoft told the Journal. They're believed to have attacked "hundreds of businesses, stolen more than 20 million customer records and written the software used in a hack that disrupted gasoline delivery in parts of the Southeastern U.S," the Journal explains, per federal prosecutors and researchers.
This latest impersonation attempt "represents a new development by purveyors of ransomware to grow and spread a scourge" that has disrupted hundreds of businesses, across sectors, writes the Journal. Ransomware groups are "increasingly operating like criminal startups," using illegally-earned millions to fund their grift.
The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
The professional-looking Bastion Secure website lists routine jobs for any security agency — programmers, administrators, etc. And despite its fraudulence, the company made offers to some prospective recruits, per researchers. One potential new hire spotted red flags in the operation not long after, telling Recorded Future that nobody at Bastion would meet face-to-face or talk via voice call.
In fact, a phone call to a number listed on Bastion Secure's site was answered by a Russian-speaking man with what appeared to be no knowledge of the organization, writes the Journal. "I'm just a person. I have nothing to do with any cybersecurity company," he exclaimed before hanging up. Read more at The Wall Street Journal.
-
Music reviews: Chance the Rapper, Cass McCombs, and Molly TuttleFeature "Star Line," "Interior Live Oak," and "So Long Little Miss Sunshine"
-
Film reviews: Eden and Honey Don't!Feature Seekers of a new utopia spiral into savagery and a queer private eye prowls a high-desert town
-
Critics' choice: Three chefs fulfilling their ambitionsFeature Kwame Onwuachi's grand second act, Travis Lett makes a comeback, and Jeff Watson's new Korean restaurant
-
Supreme Court allows social media age check lawSpeed Read The court refused to intervene in a decision that affirmed a Mississippi law requiring social media users to verify their ages
-
Nvidia hits $4 trillion milestoneSpeed Read The success of the chipmaker has been buoyed by demand for artificial intelligence
-
X CEO Yaccarino quits after two yearsSpeed Read Elon Musk hired Linda Yaccarino to run X in 2023
-
Musk chatbot Grok praises Hitler on XSpeed Read Grok made antisemitic comments and referred to itself as 'MechaHitler'
-
Disney, Universal sue AI firm over 'plagiarism'Speed Read The studios say that Midjourney copied characters from their most famous franchises
-
Amazon launches 1st Kuiper internet satellitesSpeed Read The battle of billionaires continues in space
-
Test flight of orbital rocket from Europe explodesSpeed Read Isar Aerospace conducted the first test flight of the Spectrum orbital rocket, which crashed after takeoff
-
Apple pledges $500B in US spending over 4 yearsSpeed Read This is a win for Trump, who has pushed to move manufacturing back to the US
