Diesel Vortex: Exploring connections to Russian LLCs

**Executive summary:** This OSINT investigation identifies "Diesel Vortex," a financially motivated phishing-as-a-service operation (branded Global Profit / MC Profit Always) that harvested over 1,600 credentials from logistics-sector targets, documents Armenian-speaking operator coordination via Telegram logs, details phishing kit infrastructure and IOCs, and pivots on a domain RDAP email to link the infrastructure to several Russian-registered logistics and warehousing LLCs—supporting correlation between the phishing operation and entities in the same sector while explicitly noting correlation does not equal proven attribution.