Pawn Storm in 2019: A Year of Scanning and Credential Phishing on High-Profile Targets

Pawn Storm is a group that has shown ample resources and multifold strategies in its operations. The group has targeted many organisations, harvested considerable information, and attempted to influence mainstream media and public opinion.

Due to Pawn Storm’s notoriety, its attack methods have been well-documented. The threat actors behind Pawn Storm have used sophisticated social engineering lures, data-stealing malware, several zero-days, and even a private exploit kit.

This report aims to shed light on some of Pawn Storm’s attacks that did not use malware in the initial stages. It presents new data on the group’s credential phishing, direct probing of webmail and Microsoft Exchange Autodiscover servers, and large-scale scanning activities to search for vulnerable servers. Among the group’s prominent targets were members of defense companies, embassies, governments, and the military.


    Subscribe for more insights

    By completing and submitting this form, you understand and agree to WisdomInterface processing your acquired contact information as described in our privacy policy.

    No spam, we promise. You can update your email preference or unsubscribe at any time and we'll never share your details without your permission.