Latest news with #GroupIB
Zawya
2 days ago
- Business
- Zawya
Group-IB sounds the alarm on rising cyber threats in META region
Dubai, UAE: Group-IB, a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime, has released its latest META Intelligence Insights Report (May 2025) offering a detailed snapshot of the region's evolving threat report highlights an alarming rise in stolen credentials and payment data, with Kenya, Turkey, and Egypt among the most affected countries. As cybercriminal activity grows more aggressive and sophisticated, Group-IB is calling on organisations across the Middle East, Turkey, and Africa (META) to adopt stronger digital hygiene practices to protect against the surge in credential theft, banking fraud, and malware-driven breaches. Key findings from the Group-IB May 2025 Report: Top Malware Families: RedLine (23.4%), LummaC2 (22.9%), and Raccoon (19.4%) were the leading tools behind stolen data. Most Affected Countries: Kenya (23.1%), Turkey (21.7%), and Egypt (12.4%) recorded the highest volumes of compromised accounts. Bank Card Breaches: The GCC region led in compromised card data (47.1%), followed by South Africa and Egypt. With the threat landscape evolving rapidly, Group-IB urges individuals, businesses, and institutions across the META region to take immediate, informed action to secure their digital environments. Proactive education, the right technologies, and timely intelligence are essential tools in staying one step ahead of cybercriminals. Read the full May 2025 META Intelligence Insights Report here. ABOUT GROUP-IB Established in 2003, Group-IB is a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime globally. Headquartered in Singapore, and with Digital Crime Resistance Centres in the Middle East and Africa, Europe, Central Asia, and the Asia-Pacific, Group-IB analyses and neutralises regional and country-specific cyber threats via its Unified Risk Platform, offering unparalleled defence through its industry-leading Threat Intelligence, Fraud Protection, Digital Risk Protection, Managed Extended Detection and Response (XDR), Business Email Protection, and External Attack Surface Management solutions, catering to government, retail, healthcare, gaming, financial sectors, and beyond. Group-IB collaborates with international law enforcement agencies like INTERPOL, EUROPOL, and AFRIPOL to fortify cybersecurity worldwide, and has been awarded by advisory agencies including Aite-Novarica, Gartner, Forrester, Frost & Sullivan, and KuppingerCole.
Forbes
2 days ago
- Forbes
Is The Truth Behind The 16 Billion Passwords Leak Finally Revealed?
An exclusive new analysis of the 16 billion passwords leak database. When I reported on the leak of approximately 16 billion credentials, including passwords, that involved prominent names in the consumer tech sector, such as Apple, Facebook, and Google, I knew it was a significant story. Still, I never expected it to go viral in the way that it did. That article currently has more than 2 million views from all around the world. As I said from the get-go, the findings, from CyberNews researchers, concerned a leak, or more accurately leaks, rather than a breach of any centralized database. This didn't stop others from reporting the latter, and the story blew up out of all proportion. In an attempt to keep on top of the situation, I updated the original article as soon as new information was forthcoming, including the fact that numerous cybersecurity professionals had contested the claim that the data was new, rather than a compilation or aggregation of already leaked, compromised old credential datasets. Now, Group‑IB's Threat Intelligence & Attribution team has exclusively shared with me the results of an in-depth analysis of samples claiming to contain 16 billion compromised credentials, and this is what it revealed. The 16 Billion Passwords Leak Analyzed Semyon Botalov, a cyber intelligence analyst with Group‑IB's Threat Intelligence & Attribution team, has exclusively shared the results of an in-depth analysis of samples from what it says are the leaked datasets, with me through email conversations. Botalov said Group-IB obtained samples from a repository described as containing 16 billion compromised Apple, Google, and Facebook credentials, and was part of the team that undertook a comprehensive review to verify data provenance, freshness, and potential impact of the information contained within. The investigation began by gathering every accessible sample and filename mentioned in publicly shared screenshots and chat logs, Botalov told me, and then matching these partially redacted credentials against the Group-IB stealer log archive, totalling 17 billion records in all, that stretches from 2020 to 2025. This was achieved through the use of hashed and fuzzy-matching techniques. The first-seen timestamp for each credential pair was established, in order to pinpoint the earliest potential compromise date, and then cross-referenced with the folder names and directory structures of already known of public combolists and Telegram dumps. Finally, dark-web listings were sought that purported to be selling, or otherwise distributing, the 16 billion passwords dataset. The analysis has confirmed, Botalov said, that the dataset is 'an aggregation of historic stealer‑log data rather than a freshly sourced mega‑breach,' which confirms the thoughts of many security professionals. Key Findings Of The 16 Billion Passwords Leak Analysis The bullet point list of findings from Botalov and the other Group-IB analysts, was as follows: The latest updated CyberNews report, dated June 26, states that 'the data that most likely comes from various infostealers is recent, not merely recycled from old breaches,' while conceding that the 16 billion records count 'includes duplicates, as is common in these types of compilations.' I have approached both CyberNews, and the researcher behind the original leak findings, for a statement regarding the new analysis from Group-IB and Semyon Botalov. As I have said before, while you may not want to change all your account passwords as a result of this leak, new or old, I would certainly recommend it for those credentials that you have reused across multiple services.
Khaleej Times
6 days ago
- Business
- Khaleej Times
Cyber Threats in 2025: How Key Stakeholders in the Middle East Can Stay One Step Ahead
In an era marked by fast-paced digitisation and AI-driven innovation, the region's strategic sectors - finance, government, telecom have become prime targets for an increasingly sophisticated breed of cybercriminals. From deepfake-powered scams to state-backed espionage, the threats are no longer at the door - they're already inside the system. In a recent video interview, Dmitry Volkov, CEO of Group-IB, shared exclusive insights on the findings of the firm's High-Tech Crime Trends Report 2025, a comprehensive guide that's fast-becoming essential reading for CISOs and other decision makers in the region. "Cybercrime today is not just evolving, it's adapting to the way we work, live, and build," says Volkov. "Threat actors are using artificial intelligence, targeting regional economic powerhouses, and exploiting our own digital infrastructure against us." According to Group-IB's latest findings, the most urgent threat sweeping across the Middle East is fraud in all its forms, especially AI-powered fraud, which includes deepfakes, voice cloning, and hyper-targeted phishing attacks. "What's particularly alarming is how attackers are now impersonating oil and gas firms rather than banks,' explains Volkov. 'They're adapting to the region's economic structure and exploiting public trust in iconic brands and institutions." Persistent Threats and the Rise of Hacktivism Advanced Persistent Threat (APT) groups, many of which are nation-state sponsored, are now targeting sectors that form the backbone of regional security. These attackers are no longer just stealing data, they're laying the groundwork for long-term disruption. "Some threat actors are leveraging politically motivated hacktivists to do their bidding - often unknowingly," Volkov adds. "We're seeing coordinated campaigns where hacktivism and espionage blur dangerously." For security leaders, the technical landscape is clear. Email remains a top entry point for attackers, with phishing campaigns evolving in complexity. Meanwhile, remote access tools like VPNs and firewalls meant to protect are now being exploited for lateral movement within networks. "CISOs must closely monitor both compromise credentials in dark web and internal access controls,' warns Volkov. 'It's no longer about building a wall - it's about monitoring every door and window, continuously." Building Cyber Resilience from the Inside Out So how can organizations stay ahead? According to Volkov, the key lies in building end-to-end cyber resilience from the cloud to the customer. "In sectors like finance and telecom, behavior-based threat detection is crucial," he says. "It's not enough to know something went wrong, you have to detect what's out of character before the damage is done." Moreover, with AI becoming central to business strategies, securing the full AI lifecycle - from data ingestion to model deployment - has emerged as a new boardroom priority. Group-IB's Three-Pronged Defense Strategy To address these evolving threats, Group-IB is helping businesses secure their environment across three key dimensions. First, beyond the perimeter, the company's Threat Intelligence solutions offer early warnings by monitoring dark web activity and tracking threat actors before they strike. "We don't wait for an attack to happen, we anticipate it," says Volkov. Second, at the perimeter, Group-IB's External Attack Surface Management simulates how hackers view a business, identifying and patching the most vulnerable entry points. "If you don't know what's exposed, you can't protect it," he explains. Finally, inside the network, the company's company's Managed Extended Detection and Response (XDR) solution consolidates detection and response across emails, endpoints, servers, and cloud infrastructure. This gives security teams full visibility and enables fast incident remediation. As Volkov puts it, "It's the difference between a breach becoming a headline - or a footnote." Why CISOs Need the 2025 Report "To make the right decisions, you need to understand the wrong moves others have made - before you repeat them," he advises. "This report helps leaders not just react, but predict, plan, and prepare."
Zawya
18-06-2025
- Business
- Zawya
Group-IB supports INTERPOL in 32 arrests and protection of over 216,000 victims across APAC
Dubai, UAE – Group-IB, a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime, and a global cybersecurity leader with regional operations based in Dubai, has announced its support for Operation Secure, a major law enforcement initiative led by INTERPOL across the Asia-Pacific region. The operation resulted in the arrest of 32 suspects and the dismantling of vast criminal infrastructures responsible for infostealer malware campaigns targeting individuals and businesses worldwide. Conducted between January and April 2025, Operation Secure was coordinated by INTERPOL under the Asia & South Pacific Joint Operations Against Cybercrime (ASPJOC) framework. It brought together law enforcement agencies from 26 countries and private cybersecurity firms including Group-IB, Kaspersky, and Trend Micro. Group-IB played a central role in providing threat intelligence on infostealer malware such as Lumma, Risepro, and META Stealer. This malware is used by cybercriminals to steal sensitive information, including login credentials, cookies, payment details, and crypto wallet data, often serving as the initial vector for more damaging attacks such as financial fraud and ransomware. Through the collective efforts of law enforcement and cybersecurity partners, more than 20,000 malicious IPs and domains were taken offline, effectively neutralizing 79% of the identified malicious infrastructure. In addition, 41 servers were seized, and more than 100 GB of stolen data was recovered, including compromised credentials linked to over 216,000 victims, all of whom have since been notified to take protective actions. The operation also led to 32 arrests, including 18 individuals in Vietnam, and another 14 across Sri Lanka and Nauru. In Vietnam, authorities seized over VND$300 million in cash, multiple SIM cards, and business registration documents connected to illicit cyber activity. In Hong Kong, investigators discovered 117 command-and-control servers hosted across 89 different ISPs, underlining the global spread of the threat infrastructure. Neal Jetton, INTERPOL's Director of Cybercrime, emphasized the significance of cross-border collaboration, stating: 'INTERPOL continues to support practical, collaborative action against global cyber threats. Operation Secure has once again shown the power of intelligence sharing in disrupting malicious infrastructure and preventing large-scale harm to both individuals and businesses.' Dmitry Volkov, CEO of Group-IB, echoed the importance of public-private cooperation: 'The compromised credentials and sensitive data acquired by cybercriminals through infostealer malware often serve as initial vectors for financial fraud and ransomware attacks. By sharing actionable intelligence with INTERPOL and local law enforcement agencies, we are helping to dismantle the infrastructure behind these attacks and protecting both organizations and individuals globally.' Group-IB's collaboration with INTERPOL extends beyond the Asia-Pacific region. The company also supported Operation Red Card, a major international crackdown on cybercrime across Africa that led to the arrest of over 300 cybercriminals and the disruption of criminal networks behind scams targeting thousands of victims. As an official INTERPOL Gateway Partner and an active contributor to global investigations, Group-IB works closely with international law enforcement bodies including INTERPOL, EUROPOL, and AFRIPOL to build a safer cyberspace. The company is also a member of EUROPOL's European Cybercrime Centre (EC3) Advisory Group on Internet Security, which strengthens cooperation between Europol and trusted private-sector partners. Group-IB remains committed to supporting intelligence-led operations that help dismantle cybercriminal infrastructure and protect individuals and businesses worldwide. ABOUT GROUP-IB Established in 2003, Group-IB is a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime globally. Headquartered in Singapore, and with Digital Crime Resistance Centers in the Americas, Europe, Middle East and Africa, Central Asia, and the Asia-Pacific, Group-IB analyses and neutralizes regional and country-specific cyber threats via its Unified Risk Platform, offering unparalleled defense through its industry-leading Threat Intelligence, Fraud Protection, Digital Risk Protection, Managed Extended Detection and Response (XDR), Business Email Protection, and External Attack Surface Management solutions, catering to government, retail, healthcare, gaming, financial sectors, and beyond. Group-IB collaborates with international law enforcement agencies like INTERPOL, EUROPOL, and AFRIPOL to fortify cybersecurity worldwide, and has been awarded by advisory agencies including Aite-Novarica, Gartner, Forrester, Frost & Sullivan, and KuppingerCole. For more information, visit us at or connect with us on LinkedIn, X, Facebook, and Instagram. FOR MEDIA INQUIRIES Group-IB Public Relations PR@
Zawya
02-06-2025
- Business
- Zawya
Group-IB has participated in 1,550 global cybersecurity cases
Cairo - Dmitry Volkov the Founder and CEO of Group-IB highlighted the significant evolution of cyberattacks in recent years, stating that their impact now extends beyond financial losses to include reputation and trust, which are essential for the success of organizations. 'In the past, the cost of a cyberattack was measured in small financial amounts. Today, the situation is entirely different; the cost encompasses both money and reputation. For instance, if a bank suffers a cyberattack and customers start discussing on social media that the bank does not adequately secure their data, this can severely damage the bank's image. Customers might revert to waiting in line at branches rather than using digital applications, posing a major challenge for the bank.' He added, 'To become an expert and a technical witness in this field, one must undergo tough and challenging experiences. We call this 'going through the mill,' which is a necessary experience to gain true knowledge. At Group-IB, we believe our credibility stems from our ability to train and qualify human resources, not just from providing technical services.' 'Fraud is everywhere. We stop it.' He continued, 'We use the term 'fraud' to describe a variety of deceptive practices, including scam calls, phishing websites, and more. It's a global issue, and unfortunately, every time we look at the various schemes showing fraudulent activity, we find they are on the rise.' Volkov noted that the company is committed to localizing technology in every market it operates in, explaining, 'We have high competencies and numerous specialized experts from strong security and technical backgrounds. This is an integral part of what we do in our centers worldwide, including France. We begin by localizing technology and then establish partnerships with many local institutes. We already have partnerships that enable us to offer recognized certifications and training courses.' He added, 'Our training programs are among the best in this field because we have been working in this sector for over 22 years, and that's all we do. Even the technologies we use globally are developed in-house. We are, in fact, the only company that fully develops its technologies with its own teams.' Volkov explained that the company employs a significant number of staff with security backgrounds, stating, 'These employees combine security and technical expertise, and they are the ones developing our products. Even the tools used by security agencies globally are developed by us. This gives our technologies credibility and strength.' He continued, 'We contribute by providing information and analysis regarding the complex strategies of cyberattacks. For example, Group-IB has participated in 1,550 global cybersecurity cases, a number that reflects our volume of work and impact. We don't just offer consulting services; we work with law enforcement and participate in investigations.' Volkov emphasized the importance of cybersecurity, stating, 'If you don't invest in cybersecurity, you won't have a digital economy.' He explained, 'People now realize that cybersecurity is not just a cost center but is critical to developing a successful digital economy.'
