Diesel Vortex: Exploring connections to Russian LLCs

This report details Diesel Vortex, a financially motivated cybercrime group running a phishing-as-a-service platform that harvested over 1,600 credentials from Western logistics and transportation firms; recovered source code and Telegram logs reveal Armenian-speaking operators coordinating credential harvesting, call spoofing, anti-detect and double-brokering workflows, and infrastructure analysis links a phishing domain to a Russian-registered email address tied to several logistics-related LLCs—evidence supports correlation but not definitive attribution.