HYAS Insight Uncovers and Mitigates Russian-Based Cyberattack

Russian-Based Adversary Infrastructure AS200593 In this blog, we review a recent case study and detail how HYAS Insight, an advanced threat intelligence and investigation platform, was used to leverage WHOIS information and passive DNS data to enhance the monitoring, tracking, and mitigation strategies against the sophisticated cyber threat, AS200593. AS200593 is a Russian-based system tied to malicious indicators of compromise (IoCs), targeting global organizations. The financial services industry always makes for a tantalizing target for phishing attacks, and in this case, a threat actor was using AS200593 to host and operate phishing domains, employing tools like `livechat.exe` to compromise victim machines. Bulletproof Hosting Services: A Haven for Criminals The emergence of bulletproof hosting services presents a formidable challenge in cybersecurity. These services often operate without risk of law enforcement and provide a secure haven for cybercriminals to conduct operations