carryy
VERIFIED high risk
RU
Overview
carryy appears to be a credential‑dump broker who aggregates large email/password collections from brute‑force campaigns and malware theft, then distributes them via publicly accessible Dropbox links. The actor demonstrates the ability to harvest and package hundreds of thousands of credentials quickly, targeting primarily technology‑sector accounts.
Targeted Sectors
Full Actor Profile Requires Access
Access complete TTP mapping, IOC correlations, linked incidents, infrastructure analysis, and AI-generated threat assessment. Sign in or create a free account to continue.