Malware News RansomHub Never Sleeps Episode 1: The evolution of modern ransomware

Gandalf_The_Grey

Gandalf_The_Grey

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,606
Content source
https://www.group-ib.com/blog/ransomhub-never-sleeps-episode-1/
Discover how ransomware has evolved into a sophisticated cyber threat, with groups like RansomHub leading the charge. Learn more about their adaptability, TTPs, and the rise of Ransomware-as-a-service in this first-of-three-part trilogy.
Click to expand...
Key discoveries in the blog
  • RansomHub’s operators strategically advertised the group’s partnership program on RAMP forum on February 2, 2024.
  • RansomHub’s operators took advantage of the impact of law enforcement operations on LockBit and ALPHV to release a partnership program and recruit affiliates of these groups.
  • The threat actors likely acquired the ransomware and web application source code from the Knight (aka Cyclops) group.
  • The ransomware works on different operating systems and architectures including x86, x64 and ARM as well as Windows, ESXi, Linux and FreeBSD.
  • The group started to use PCHunter to stop and bypass endpoint security solutions.
  • RansomHub used Filezilla as an exfiltration tool.
  • RansomHub’s affiliates have disclosed around 44 healthcare companies including hospitals and clinics.
  • Affiliates may eventually threaten and report cyber incidents to regulators such as PDPL (Personal Data Protection Law).
Click to expand...
 
  • Like
Reactions: Jonny Quest, Andy Ful, simmerskool and 2 others

Similar threads

enaph
    • +Reputation
    • Like
Security News Bologna FC Hit by Ransomware Attack, Confidential Data Stolen
Replies
0
Views
252
Security News
enaph
enaph
vtqhtr413
    • Wow
    • Like
Security News Frontier says 750,000 Social Security numbers accessed during April cyberattack
Replies
1
Views
1,638
Security News
Andy Ful
Andy Ful
Gandalf_The_Grey
    • Like
Security News Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
Replies
0
Views
946
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top