A group of cyber criminals operating under the name Muddled Libra has been operating since late 2022, according to cybersecurity company Unit 42.
Rather than a conventional, centrally organised group, Muddled Libra is a loose alliance of individuals who share interests and communicate via social media platforms.
These individuals, or personas, come together in teams, each with its own specialities, techniques and objectives. The teams are dynamic, with Unit 42 tracking at least seven groups, and individuals can move between teams.
The loose structure makes it difficult to track, but the group is distinctive in the variety of techniques used, with each team specialising in a particular type of theft or extortion.
These include stealing intellectual property, using ransomware, stealing individuals’ credentials and mass data harvesting.
