Jeff Burt reports:
A group with links to high-profile ransomware crews Conti and Diavol is working as an internet access broker (IAB) for a Russia-linked cybercriminal gang, according to Google’s Threat Analysis Group (TAG).
Exotic Lily gains access to vulnerable corporate networks then sells that access to the highest bidder among threat groups, which then run ransomware and other attacks against the victim. The group launches large-scale phishing campaigns, at one point sending as many as 5,000 emails a day to up to 650 targeted organizations around the world.
Read more at The Register.