Fxmsp Hackers Made $1.5M Selling Access To Corporate Networks

New details have emerged on the activity of the infamous Fxmsp hacker that last year was advertising access to the networks of three cybersecurity vendors. Researchers tracking Fxmsp’s ventures on underground forums counted the network intrusions associated with this actor and revealed the presumed identity of the attacker.

Researchers at Group-IB examined Fxmsp’s exposure in the public areas of the forums where they were advertising their business, assessing that the actor breached networks of at least 135 companies in 44 countries. Among the targets are small and medium-sized enterprises (SME), government organizations, banks, and Fortune 500 companies. Group-IB’s conservative estimate is that in 3+ years (since 2016) Fxmsp made at least $1.5 million from selling network access.

Experts Comments

June 25, 2020
Niamh Muldoon
Senior Director of Trust and Security, EMEA
OneLogin
The staggering amount of money that the Fxmsp hacker made selling access to corporate networks speaks to the problem that security professionals are fighting against; Namely the incredible amount of money involved. That the corporate networks in question were compromised in the first place speaks to highlights the massively benefits of access control, and how access control protects organizations and individuals Information Assets, including customer data, employee PII data, financial data,.....Read More
The staggering amount of money that the Fxmsp hacker made selling access to corporate networks speaks to the problem that security professionals are fighting against; Namely the incredible amount of money involved. That the corporate networks in question were compromised in the first place speaks to highlights the massively benefits of access control, and how access control protects organizations and individuals Information Assets, including customer data, employee PII data, financial data, health related data. All these data types also have regulatory and compliance requirements that need to be met. Access Control mechanisms including multi-factor authentication support with both from a compliance and risk perspective.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.