English-Language Cybercrime Hub “The COM” Orchestrates Varied Global Attacks – Cyber Press

Over the past ten years, the English-speaking cybercriminal community known as “The COM” has evolved from a niche subculture focused on trading rare social media usernames (so-called “OG handles”) into an agile service-driven underground economy orchestrating a vast range of global attacks.
Early communities like Dark0de and RaidForums laid the foundation, fostering skills in data breaches, malware development, and reputation-based trading.
As forums like OGUsers popularized social engineering and SIM-swapping, the COM adapted to market realities and became a launchpad for a new generation of “callers,” “texters,” and sophisticated credential brokers.​
The demise of high-profile forums, driven by law enforcement takedowns such as the 2022 seizure of RaidForums and targeted actions against OGUsers, forced a Migration Effect.
This blended the social manipulation skills honed by OG traders with the technical pedigree of breach-focused hackers. Today’s COM is decentralized and adaptive, thriving in invite-only channels, Telegram groups, and private Discord servers, making it resilient against disruption.​
The COM’s operational backbone is the human element. Attackers deploy advanced social engineering, vishing, phishing, SIM swapping, and insider recruitment to compromise credentials and gain privileged access.
Groups like Lapsus$, ShinyHunters, and Scattered Spider (UNC3944) exemplify this, using a mix of psychological manipulation and automated intrusion to bypass technical safeguards and target everything from individual crypto wallets to multinational corporations.​
Notably, Lapsus$ leveraged social engineering not only for access but also for public spectacle, live-streaming breaches, and openly taunting both companies and law enforcement.
ShinyHunters industrialized data exfiltration, monetizing large data sets and selling access through as-a-service models.
Meanwhile, Scattered Spider and their affiliates pioneered hybrid attack vectors, mixing voice phishing with persistent access to internal networks, setting the stage for multi-step ransomware, extortion, and data-dumping campaigns.​
Today, the COM cybercrime hub operates more as a professionalized supply chain than as a loose federation. Dedicated roles callers (voice phishers), phishing kit developers, SIM swappers, initial access brokers, ransomware affiliates, and money launderers work in a modular, on-demand fashion, mirroring legitimate business ecosystems.
This specialization enables rapid scaling, risk outsourcing, and innovation while also making traditional indicators of compromise nearly obsolete. Infrastructure is short-lived, and attackers frequently leverage trusted cloud hosting and encrypted communication, hampering detection.​
Importantly, English-speaking COM specialists now collaborate with Russian-speaking cybercrime syndicates on platforms such as Exploit.in, sharing resources and techniques within a converged threat environment.
This east-west fusion grants access to advanced malware and robust laundering networks, upping the ante for defenders worldwide.​
As the line between technical and social vectors blurs, the primary security weakness is the “human perimeter.” Organizations must pivot to identity-centric defenses, robust helpdesk protections, phishing-resistant multi-factor authentication, and continuous monitoring for insider threats.
The COM’s orchestration of varied global attacks demonstrates that cybercrime is both a business and a performance targeting not just systems, but people, and the only effective defense is a blend of resilience, awareness, and adaptive response.
Find this Story Interesting! Follow us on Google News , LinkedIn and X to Get More Instant Updates


Exclusive Cyber Security News platform that provide in-depth analysis about Cyber Attacks, Malware infection, Data breaches, Vulnerabilities, New researches & other Cyber stories.
Contact Us: [email protected]
© Copyright 2024 – Cyber Press

source
This is a newsfeed from leading technology publications. No additional editorial review has been performed before posting.

Continue Your AI Leadership Journey

Turn insight into action with CDO TIMES.

CDO TIMES helps executives move from AI awareness to AI execution through practical frameworks, tools, executive research, and advisory support.

Explore the Frameworks

Continue with Enterprise AI 2030, HI + AI = ECI, AI Governance, and executive playbooks.

Explore Enterprise AI 2030 →

Use the Free Tools

Assess readiness, estimate AI ROI, model AI costs, and prioritize AI initiatives.

Open Executive Tools →

Read the Book

Explore the HI + AI = ECI leadership model in The AI-Ready Leader.

Order The AI-Ready Leader →

Go deeper with CDO TIMES Pro.

Unlock premium research, executive playbooks, templates, advanced tools, and member-only briefings.

Join CDO TIMES Pro

Need executive help?

Explore advisory, workshops, fractional CIO/CDO/CISO/CAIO support, and AI operating model design.

Explore Advisory →

Attend executive events

Join leadership forums, executive dinners, webinars, and strategic AI briefings.

View Events →

Build AI capability

Use CDO TIMES Academy for executive learning, AI leadership development, and implementation training.

Explore Academy →

Leave a Reply