The Rise of AI Scams: GXC Team’s New Tool for BEC and Wire Fraud

GXC Team
Image: Resecurity

Resecurity has uncovered a group known as the “GXC Team” that has emerged as a prominent player, notorious for their innovative and sophisticated schemes. Led by the elusive “googleXcoder,” this faction specializes in crafting tools for online banking theft, ecommerce deception, and internet scams, posing a significant threat to the digital landscape.

GXC Team’s recent foray into AI-driven tools signifies a monumental shift in cybercrime tactics. Their latest creation, the “Business Invoice Swapper,” is an AI-powered tool designed to manipulate compromised emails for wire fraud and Business E-Mail Compromise (BEC). This tool highlights the group’s dedication to harnessing cutting-edge technology for illicit purposes.

The Business Invoice Swapper operates by scrutinizing compromised emails through POP3/IMAP4 protocols and identifying messages related to invoices or payments. It then alters the banking information in these invoices, redirecting funds to accounts controlled by the criminals. This sophisticated method targets a key vulnerability in business processes, where employees may overlook the authenticity of seemingly familiar invoices.

Image: Resecurity

Most intriguingly, the tool’s primary victims have been identified across the UK and various EU countries, including Spain, France, Poland, Italy, Germany, and Switzerland. Its multi-language capability allows for automatic scanning of messages in different languages, demonstrating the group’s strategic focus on a diverse victim pool.

GXC Team’s repertoire extends beyond the Business Invoice Swapper. They have created a range of tools for online fraud, including phishing and smishing kits, targeting major financial institutions, government services, postal services, cryptocurrency platforms, and international online marketplaces. Their phishing kits are known for their sophistication, capable of intercepting One-Time Passwords (OTP) and facilitating wire fraud.

The evolution of the GXC Team’s tools reflects a broader trend in cybercrime. By integrating AI, they have enhanced their capabilities for automated operations, targeted social engineering, and bypassing cybersecurity measures. This progression underscores the need for constant vigilance and advanced security strategies in the digital domain.

The GXC Team’s activities represent a formidable challenge in the fight against cybercrime. Their ability to adapt and innovate, leveraging AI and other technologies, makes them a significant threat to organizations and individuals alike. As they continue to evolve, so must our strategies to detect, prevent, and combat these cybercriminals.