AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Qtox chat rooms3/2/2023 To conduct this investigation, one of our security researchers answered a ransomware affiliate ad on a popular hacker forum, posing as an experienced cybercriminal. What follows is the story of how we answered the partnership posting and what we found during our interview with an affiliate group of the REvil and Ragnar Locker ransomware cartels. There, we met the threat actors who were allegedly responsible for running a ransomware affiliate operation for more than 10 years. To our surprise, we were invited to a private qTox chat room for a ‘job interview’ with people who claimed to be associated with an infamous ransomware group. To glean valuable insights into the ransomware operators’ perspective, we decided to pose as a Russian cybercriminal and answered the ad in question. And as we found out during this investigation, such visits can result in unexpected consequences for everyone involved.īack in June 2020, while gathering intelligence on a popular hacker forum, we stumbled upon a peculiar recruitment ad seemingly posted by a ransomware group. Security researchers - us at CyberNews included - also routinely visit hacker forums for threat intelligence. But cybercriminals are not the only ones there. So much so, in fact, that ransomware groups are now trying to solve their 'labor shortages' by recruiting new members on hacker forums, which are frequented by veteran and up and coming cybercriminals alike. During an undercover interview, a CyberNews researcher tricked ransomware operators affiliated with Ragnar Locker into revealing their ransom payout structure, cash out schemes, and target acquisition strategies.įrom a relatively rare threat just a few years ago to one of the biggest moneymakers for cybercriminals today - the meteoric rise of ransomware has cast a shadow of anxiety across businesses of all sizes.Īnd with the introduction of ransomware-as-a-service, the barrier of entry for getting in on the action has been lowered even further.
0 Comments
Read More
Leave a Reply. |