Developing: Someone claiming to be an “affiliate plus” for AlphV claims they were responsible for the Change Healthcare attack but that AlphV stole the payment Change Healthcare had made and suspended the affiliate’s account.
The affiliate’s claims appeared on Ramp Forum and have been circulating since then. The post can be seen below, via @vx-underground:
A recent cryptocurrency scam has highlighted a need for fraud awareness. The new scam - called “pig butchering” - includes a sophisticated new twist that combines a romance scam with an investment spin. According to the Federal Bureau of Investigation (FBI), the term “pig butchering” refers to a time-tested, heavily scripted, and contact intensive process to fatten up the prey before slaughter.
Years-old domains, compromised JS libraries and worldwide-localized content among tactics of this sophisticated attacker.
Recently, we identified a new BEC group leveraging blind third-party impersonation tactics to swindle companies around the world. The group, which we call Crimson Kingsnake, impersonates real attorneys, law firms, and debt recovery services to deceive accounting professionals into quickly paying bogus invoices.
Yesterday, August 8, 2022, Twilio shared that they’d been compromised by a targeted phishing attack. Around the same time as Twilio was attacked, we saw an attack with very similar characteristics also targeting Cloudflare’s employees. While individual employees did fall for the phishing messages, we were able to thwart the attack through our own use of Cloudflare One products, and physical security keys issued to every employee that are required to access all our applications.