fintech[_security] researcher MisterX analyzes cash trojans and money mule activity in a new article on his blog _misterxcrypt.
Using the Telegram Tracker module in the StealthMole OSINT platform, MisterX was able to map a network of money mules, as well as uncovering over 100 money mule websites and several Telegram channels used for coordinating cash pickups.
MisterX discovered that the subjects of his research had adopted techniques used by other cybercrime groups such asLapsus$, which resulted in the targets handing over more than just financial data and cash—the mule accounts were used to exfiltrate personally identifiable information as well.
The researchers warned that mule account managers often make use of theQktoxic ransomware to gather and extort their victims.