Neo‑Nazi Gang “The Com” Leverages Cyberattacks to Fund Violence and Sex‑Exploitation
What Happened – Intelligence reports identify a neo‑Nazi‑aligned criminal collective known as “The Com” that conducts ransomware, credential‑theft, and other cyber‑crimes. Proceeds are funneled to finance extremist violence, hate‑motivated attacks, and large‑scale sex‑exploitation operations.
Why It Matters for TPRM –
- Threat actors with extremist ideologies are more likely to target supply‑chain partners to amplify impact.
- Financial gains from cyber‑crime can be redirected to physical violence, raising reputational and legal exposure for any third‑party linked to the group.
- Ongoing monitoring of threat‑intel feeds is essential to detect early indicators of affiliation or compromise.
Who Is Affected – All industries that rely on third‑party services, especially SaaS providers, cloud hosts, and MSPs that could be targeted for ransomware or credential theft.
Recommended Actions – Review contracts for clauses addressing extremist‑related activities, validate that vendors perform threat‑intel monitoring, and enforce strict access‑control and credential‑management practices.
Technical Notes – The group employs phishing lures, custom malware loaders, and credential‑dumping tools; no specific CVE is cited. Data exfiltrated includes login credentials and internal communications, which can be weaponized for further attacks. Source: Dark Reading