A Russian-linked phishing-as-a-service group, operating under the moniker 'Diesel Vortex,' conducted a months-long phishing campaign that ensnared freight and logistics companies across the U.S. and Europe, successfully pilfering more than 1,600 login credentials. The operation, which ran from at least September 2025 through February, focused on widely used platforms by brokers, carriers, and supply chain operators. A joint investigation by cybersecurity researchers Have I Been Squatted and Ctrl-Alt-Intel revealed that 1,649 unique credentials were compromised, extracted from 3,474 stolen login pairs. The report indicated that users of platforms such as DAT Truckstop, Penske Logistics, Electronic Funds Source (EFS), and Timocom were among the impacted parties. Researchers characterized 'Diesel Vortex' not as a solitary hacker but as a structured phishing-as-a-service operation. The group established dedicated phishing infrastructure tailored for logistics load boards, fleet portals, and fuel card systems, employing targeted email and voice phishing techniques to intercept credentials and multi-factor authentication codes in real time.