New threat group CRYSTALRAY seen using variety of off-the-shelf tools to steal credentials

Sysdig researchers have been following the group since February

John Leonard
clock • 2 min read
Image:

The Sysdig Threat Research Team (TRT) has released a report on a new threat actor dubbed "CRYSTALRAY", which has been observed using several open-source penetration testing tools to exfiltrate and sell credentials, install cryptominers and maintain a presence on the victim's networks via backdoors.

Since February, when Sysdig first reported on a group using SSH-Snake to traverse networks, CRYSTALRAY has expanded its operations to over 1,500 victims, using mass scanning, exploits for multiple ...

John Leonard
John Leonard

Ransomware operators exploit simple flaw in VMware ESXi to launch attacks

Microsoft offers advice on avoiding another CrowdStrike-style outage

