SpartanWarriorz
Threat Background & History
Fortra is tracking activity from a scam kit authoring group known as SpartanWarriorz. These authors have been selling kits targeting over 300 global brands as far back as September 2022. They have targeted industries including financial institutions in North America and Europe, retail, delivery services, and social media platforms. Using the messaging service Telegram, they have been observed giving away a plethora of free phishing kits to increase their reputation within the phishing community.
Operations experienced some service disruption recently when the SpartanWarriorz Telegram channel was shut down on November 21st. The group created a new channel on the same day and has attempted to inform their past subscribers.
Profile picture for SpartanWarriorz on Telegram.
Service Breakdown
SpartanWarriorz primarily has used the platform Telegram to advertise their phishing kits. Their Telegram channel currently has over 5,300 subscribers, managed by two moderators. Across their platform they have offered services including:
- Phishing Kits and Pages
- Access to Compromised Websites
- Published Phishing Lures
- Email Spamming Services
Example phishing kit advertised by SpartanWarriorz on Telegram.
Customary advertising file within a SpartanWarriorz phish kit.
SpartanWarriorz has advertised over 300 kits on Telegram that are available for sale or have been given away. In addition to the kits offered, SpartanWarriorz advertises mailer tools that allow threat actors to send out phishing campaigns using pre-authored lure emails available from the seller. The group also offers access to web server shells through their Telegram platform. These shells have been installed on compromised servers and can be used to carry out phishing attacks.
A Telegram post advertising a plethora of SpartanWarriorz phish kits.
SpartanWarriorz kits allow users to input a Telegram API token and chat ID to exfiltrate stolen credentials, including OTP codes. Additionally, kits include extensive antibot lists that block specific IP addresses and ranges, user agents, and known web crawlers from accessing the phishing pages within the kit. This code sends all blocked visitors to Google.com or a fake 404 error page. Other configuration settings frequently seen include options to require victims to sign in twice or complete a CAPTCHA.
Predictions for Governance, Risk, and Compliance (GRC) in 2025 for MSPs
Posted in Commentary with tags Compliance Scorecard on December 13, 2024 by itnerdHere’s some 2025 Technology Predictions from Tim Golden, CEO of Compliance Scorecard, on trends in the governance, risk and compliance industry as it relates to MSPs.
Intensified Regulatory Enforcement and Fines
Regulatory bodies are expected to increase enforcement of cybersecurity laws, such as CMMC and FTC 3.14, with a focus on stricter audits and leveraging mechanisms like whistleblowing. This will intensify scrutiny on compliance practices across the board.
MSPs will face heightened risk of fines and legal actions if they fail to meet these regulatory demands, making proactive compliance a business-critical priority.
Increased Legal Accountability and Liability
In 2025, evolving legal frameworks will place greater responsibility on MSPs for their clients’ cybersecurity, holding them liable for security breaches and compliance lapses. This heightened accountability is set to redefine service contracts and risk management strategies. MSPs without a thorough understanding of legal obligations may find themselves vulnerable to lawsuits and significant financial losses, emphasizing the need for legal expertise in their operations.
Resource Constraints Hindering Compliance Efforts
The ongoing shortage of skilled cybersecurity professionals will exacerbate staffing challenges for MSPs, leaving teams stretched thin and under-resourced. This could hamper their ability to meet compliance demands effectively. Resource limitations may result in compliance gaps and heightened vulnerability to security breaches, making workforce development a pressing need for MSPs in 2025.
Over-Reliance on Tools Without Adequate Processes and Personnel
MSPs will increasingly depend on tools to address compliance and cybersecurity challenges, often at the expense of establishing strong processes and trained personnel. This approach could prove counterproductive. Tools without robust processes and skilled management may lead to misconfigurations, overlooked risks, and a false sense of security, underscoring the importance of a balanced strategy involving people, processes, and technology.
1 Comment »