Fake Security Company is Openly Recruiting Hackers
Now Bastion Secure a fake security company is openly recruiting hackers which belongs to FIN7, according to “Microsoft” and according to an investigation by Gemini Advisory a division of the intelligence firm “Recorded Future” they created a website called bastionsecure.com and it is complete with job openings, testimonials, contact phone numbers, and addresses.
FIN7 a Russian group believed to be behind the catastrophic Colonial Pipeline attack back on May 7, 2021, in one of the largest refined fuel pipelines in the United States. Where the Colonial Pipeline experienced a cyber attack that shut down fuel delivery between the Gulf Coast and the East Coast.
CNBC’s Eamon Javers tells us about the business of ransomware “they’re so desperate for new workers that they’ve come out of the shadows. Normally these hacker gangs recruit on the dark web and in criminal forums but, this group is out on the open web they’re looking for talented people and of course, they’re doing it under that false name and that’s nothing new. Criminals and spies have been using front companies almost as long as there have been criminals and spies but, it’s that need for new hires that are so alarming to cyber security professionals because it means that business is good and the bad guys think it’s going to stay good”.
John Hultquist Vice President of Mandiant Inc says “there’s a talent crunch going on right now in this ransomware space because they’re making so much money, they are sort of constantly redoubling their efforts and transforming their business and they’ve got to get a lot more people in to do all this work that there are hundreds of millions of dollars on the line.
This fake company Bastion Secure is a real criminal gang known as FIN7 the group that conducted the Colonial Pipeline cyber-attack this summer and it caused fuel shortages up and down the east coast. Groups like this one are increasingly offering pay and benefits that are competitive even with what’s offered in the legitimate cyber security industry. They look a lot like real good jobs, so these guys are offering vacations, they’re offering time off, on the weekends they’re offering you regular pay, increments, and promotions”.
As a preventive measure, search engine giant Google added the “www.bastionsecure.com” domain name to its blacklisting service Safe Browsing. Those who try to access the website receive a “Deceptive site ahead” warning.
To know How to protect yourself from hackers. Learn More