Threat Research Blog

Vendetta Brothers, Inc. – A Window Into the Business of the Cybercriminal Underground

FireEye iSIGHT Intelligence has been tracking a pair of cybercriminals that we refer to as the “Vendetta Brothers.” This enterprising duo uses various strategies to compromise point-of-sale systems, steal payment card information and sell it on
their underground marketplace “Vendetta World.”

The Vendetta Brothers – who we believe operate from Spain and Eastern Europe – have been observed using everything from phishing to installing physical skimmers to steal payment card data, and their targets have mostly been located in the U.S. and Nordic countries.

Our latest report shines light on the Vendetta Brothers’ tactics, techniques and procedures, which involve the use of practices more commonly seen
in legitimate business, including outsourcing, partnerships, diversifying their market, and insulating liability.

We expect to see other cybercriminal groups using these more advanced techniques as a way of scaling their operations and increasing profits, all while mitigating risk and potentially frustrating investigators.

Download the report to learn more about the Vendetta Brothers.