Operational Brief:
Threat cluster: Diesel Vortex
Attribution indicators: Russian domain infrastructure, Armenian-language operator comms

Discovery: Exposed .git repository
Primary impact:
• 1,600+ compromised credentials
• Freight diversion & double-brokering
• Structured phishing-as-a-service (“MC Profit Always”)
Investigated by Have I Been Squatted, Ctrl-Alt-Int3l.
Infrastructure disruption supported by Google Threat Intelligence Group, Cloudflare, GitLab, Ping Identity.

Detection priorities:
– Credential stuffing monitoring
– Load board anomaly detection
– Broker identity validation
– Git exposure scanning

Source: https://therecord.media/phishing-operation-russia-armenia-targeting-us-european-cargo

Follow for tactical threat briefings.
Share detection insights below.

#Infosec #ThreatIntel #PhishingInfrastructure #CargoFraud #SupplyChainSecurity #CredentialAbuse #FraudOps #CyberCrime #BlueTeam #SOC #DigitalForensics

Airline Phishing Infrastructure Expands in 2026
PreCrime Labs identified:
• 11,600+ suspicious airline-themed domains
• 1,799 domains in 4 months
• 36 AI-LLM branded domains harvesting traveler data
• High-value private jet fraud infrastructure
• Recruitment-based credential harvesting
Brands observed in impersonation campaigns:
LATAM Airlines, Avianca, British Airways, Lufthansa, Qatar Airways

Key technical risks:
• Vendor-jacking → BEC
• AI-assisted context harvesting
• SEO poisoning with airline keywords
• Crypto-payment themed fraud
• Defense & logistics-themed impersonation

Is aviation now one of the highest ROI phishing verticals?

Engage below.
Follow @technadu for actionable threat intelligence.

#Infosec #ThreatIntel #PhishingInfrastructure #BrandProtection #BEC #FraudOps #OSINT #AviationCyber #DomainMonitoring #CyberRisk

Campaign type: Crypto-themed advance fee fraud
Observed tactics:
• Survey-based initial trust anchor
• High-value BTC lure (0.943 / 1.824 BTC)
• Fake transaction approval states
• OTP-style authentication mimicry
• Reverse social engineering via chat
• Bitcoin QR payment endpoint
• Recently registered infrastructure

Psychological chain:
Trust seeding → Reward inflation → Procedural legitimacy → Time pressure → Micro-payment extraction.

Notable observations:
– Structured flow architecture
– Domain churn
– UX mimicking real crypto processors
– Potential bot-filtering via poll entry

This demonstrates how scam operators now invest in full user journey design.

Source: https://malwr-analysis.com/2026/02/22/crypto-compensation-scam-fake-btc-payout-lure-abusing-survey-payment-flows/

What telemetry would you prioritize for early detection?
Engage below.
Follow TechNadu for technical cybersecurity reporting.

#ThreatIntelligence #CryptoFraud #PhishingInfrastructure #ScamAnalysis #OSINT #BlueTeam #FraudOps #DigitalForensics #CyberDefense