A threat group dubbed Atlas Intelligence Group (AIG), aka Atlantis Cyber-Army, has recently come to light because of its cybercrime model that uses a unique approach.
AIG details
- The threat group was first spotted by Cyberint researchers who describe AIG as a threat actor selling an array of services via its main website.
- The services include access to stolen databases, exclusive data leaks, DDoS services, and initial access to enterprise networks via RDP clients and Web shells.
How is AIG operates?
The AIG threat group's operations are totally outsourced to unaffiliated cyber-mercenaries who are not involved in the operation directly.
- For example, when a user buys DDoS, data theft, or malicious spam services, the AIG first advertises and later hires independent contractors to carry out the verified tasks.
- This is in contrast to most threat groups which employ the same set of hackers throughout all of their attacks.
- They stand out since they are quite good at maintaining their anonymity and treat this operation as entrepreneurs rather than technical individuals.
Understanding the AIG business model
Cyberint claims that the AIG business model places a strong emphasis on security for its operations leaders.
- The leaders are isolated from individuals engaged in illegal hacking activity.
- In other words, every team has leaders and key members. AIG has one leader that controls everything and everyone.
Conclusion
AIG has been active in the cybercrime sector for some time and with experience has developed a business strategy that capitalizes on the increasing number of hacker-for-hire organizations. AIG’s approach and efficiency make them hard to detect and a constant source of threat to the world of cybersecurity.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_232596862.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/c03e_shutterstock_1254945598.jpg)
