Threat Actors “Luna Moth” Exposed By Cybersecurity Company

The Incident Response team at cybersecurity company Sygnia tracked a newer data extortion group called “Luna Moth’, which has been breaching companies’ info via fake subscription renewal phishing emails and threatening victims to make files publicly available unless they pay a ransom.

Chris Olson, CEO of The Media Trust had this comment:

  “Based on Sygnia’s report, Luna Moth actors are not using the most sophisticated phishing techniques available today – they reach out to victims through Gmail accounts, and use mass email campaigns rather than a targeted spear phishing approach. Aside from that, they do not even format their emails to mimic the brands they are impersonating. In spite of this, they have successfully compromised numerous organizations with ransomware in recent months.

Ultimately, this story reveals the need for increased cyber training and awareness of social engineering techniques, from email-based phishing attacks to malicious advertising (malvertising) and redirects. This year, both the cost and frequency of ransomware attacks are higher than ever – if organizations are not prepared to avoid basic phishing techniques, they will not be prepared to defend their users or revenue against more advanced cyber adversaries.”

Dr. Darren Williams, CEO and Founder, BlackFog adds this comment:

     “False subscription emails are the latest phishing trend and a great way to lure people into installing payloads for ransomware onto devices. We are seeing specific focus on sectors with the weakest security and investments such as Education, Government and Manufacturing with a 33%, 25% and 24% increase in attacks during June  (”

This highlights the fact that training and other means to stop phishing need to be done at companies to ensure that users don’t open up a Pandora’s box of problems via clicking on an email.

Leave a Reply

%d bloggers like this: