Ransomware Organization Uses Nonexistent Company to Recruit Talent

Microsoft and intelligence firm Recorded Future researchers say that the criminal network that supposedly created the software used in the Colonial Pipeline ransomware attack is passing itself off as a business in an attempt to bring in new talent, reports the Wall Street Journal.

The hacking group known as Fin7 is believed to have been responsible for hacking hundreds of businesses, stealing over 20 million customer records, and writing the software used to hold the gas pipeline hostage earlier this year. Fin7 is estimated to have caused over $3 billion in damages over the years, according to federal prosecutors.

The fake cybersecurity company they have created, Bastion Secure, lists several job openings that appear to be legitimate on the surface; there are openings for system administrators, programmers, and individuals that excel at finding bugs within software systems.

For now, recruiting seems to be focused mostly on Russian speakers, but it marks the beginning of a new era of cybersecurity issues, with hackers openly recruiting instead of trawling in online forums.

“You can find more qualified people when you search more broadly,” said Andrei Barysevich, the head of Gemini Advisory, a division of Recorded Future. “There’s a lot of embedded law-enforcement agents on the dark web.”

ProShares Gives Leveraged Investment in the Cybersecurity Industry

The ProShares Ultra Nasdaq Cybersecurity ETF (UCYB) is a leveraged ETF that tracks twice the daily returns of the Nasdaq CTA Cybersecurity Index, the same index tracked by the First Trust Nasdaq Cybersecurity ETF (CIBR).

In fact, UCYB holds CIBR, then uses swaps contracts on that ETF to obtain leveraged exposure.

UCYB’s underlying benchmark tracks companies that build, implement, and manage security protocols for public and private networks. To be included, companies must have a minimum market cap of $250 million. Within the index, no singular security can carry more than 6% weight. Lower-volume securities have even tighter weighting restrictions.

UCYB’s benchmark tracks companies such as CrowdStrike Holdings (CRWD), Accenture Plc (ACN), and Cisco Systems (CSCO).

As a leveraged fund, UCYB carries different, greater risks than non-leveraged funds, and should be actively monitored.

UCYB carries an expense ratio of 0.98% with a contractual waiver that ends on September 30, 2022.

For more news, information, and strategy, visit the Nasdaq Portfolio Solutions Channel.

Nasdaq Resources & Reports