Phishing Social Engineering

Initial Access Broker Group Relies on Social Engineering

Google’s Threat Analysis Group (TAG) describes a cybercriminal group it calls “EXOTIC LILY” that acts as an initial access broker for numerous financially motivated threat actors, including FIN12 and the Conti ransomware gang. EXOTIC LILY uses phishing attacks to gain access to organizations’ networks, then sells this access to other gangs for further exploitation.

originally published on

Related posts

Wartime Suffering as Phishbait


Spear Phishing Campaign Targets the US Military


QR Codes in the Time of Cybercrime