Think, Talk, Hack

Qilin’s RaaS Program Advertised on Dark Web Along with Compromised Company Details

In March 2023, Group-IB’s Threat Intelligence team accessed the Qilin ransomware (Agenda ransomware) group and discovered that it is a Ransomware-as-a-Service affiliate program using Rust-based ransomware to target victims. Qilin ransomware employs personalized attack strategies, including modifying file extensions and terminating targeted processes, to optimize the impact of their attacks on individual victims. The Rust […]

root

Romanian Authorities Arrested Two REvil Ransomware RaaS Family Affiliates

Seven users were recently being suspected of using ransomware services on the Internet were arrested, and out of that seven users, five detainees are assumed of having links with the REvil group. However, among the five detainees, one is a Ukrainian imposed by the United States with ransomware attacks that include the Kaseya attacks which […]

root

RaaS – Hackers Selling Buran Ransomware in Russian Forum That Encrypt All Version of Windows OS & Windows Server

Researchers uncovered a new ransomware family named “Buran” ransomware that works as a Ransomware-as-a-Service(RaaS) model and actively selling in a well-known Russian forum. Ransomware authors advertising in well known Russian underground forums and the Buran Ransomware compatible with all versions of the Windows OS and Windows server. Unlike other RaaS based ransomware such as GandCrab that earned […]

root

NemeS1S RaaS Is PadCrypt Ransomware’s Affiliate System

A portal hidden on the Dark Web is responsible for the small deluge of recent PadCrypt ransomware versions that have been spotted almost on a monthly basis in the past year. Besides infosec experts tracking ransomware evolution, very few people know that PadCrypt is one of the most active and well-maintained ransomware variants encountered in […]

root

New RaaS Portal Preparing to Spread Unlock26 Ransomware

A new b -as-a-Service (RaaS) portal named Dot-Ransomware is behind the Unlock26 ransomware discovered this past week. First spotted two days ago, this ransomware operation is quite unique as it features a very minimal and direct style, with little-to-no instructions and simple-designed ransom notes and ransom payment portal. Based on two messages left on the […]

root