Phishing operation with links to Russia, Armenia compromised Western cargo companies, researchers find

Researchers have uncovered and taken down the infrastructure of a phishing operation run by Russian cybercriminals targeting freight companies in the U.S. and Europe. 

Over a five-month period, the group, dubbed Diesel Vortex, stole more than 1,600 login credentials from accounts at logistics platforms, which allowed thieves to intercept and divert freight shipments and commit check fraud. 

The researchers with the domain protection platform Have I Been Squatted discovered an exposed .git directory, which revealed the ins and outs of the operation, including messages sent between the cybercriminals. 

Read more at The Record