โIn a world where cyber threats transcend borders, collaboration is our most powerful defense.โ - Dmitry Volkov, CEO of Group-IB. ๐จ
Group-IB is proud to join the Cybercrime Atlas community at the World Economic Forum's Centre for Cybersecurity! Together with global stakeholders, we aim to disrupt cybercriminal infrastructure, foster collaboration, and enhance global cybersecurity. As part of this initiative, our experts contribute to mapping the cybercrime landscape and supporting investigations to continue our mission to Fight Against Cybercrime.
Learn more about Group-IBโs role in the Cybercrime Atlas
#Cybersecurity #WEF #GroupIB #FightAgainstCybercrime
Group-IB is proud to join the Cybercrime Atlas community at the World Economic Forum's Centre for Cybersecurity! Together with global stakeholders, we aim to disrupt cybercriminal infrastructure, foster collaboration, and enhance global cybersecurity. As part of this initiative, our experts contribute to mapping the cybercrime landscape and supporting investigations to continue our mission to Fight Against Cybercrime.
Learn more about Group-IBโs role in the Cybercrime Atlas
#Cybersecurity #WEF #GroupIB #FightAgainstCybercrime
๐7๐ฅ1
๐ Leading-edge technologies. ๐ A team of committed cyber defenders. ๐ A โGLOCALโ strategy leading the global fight against cybercrime.
A significant vision that feels too far to achieve is Group-IBโs todayโs reality. We donโt just claim to lead the fightโwe actively drive it forward.
โ Trusted by top law enforcement agencies for investigations, cybercrime operations, and threat retaliation.
๐ Mission-critical Digital Crime Resistance Centers (11 hubs and growing) deliver localized, targeted and timely intelligence to combat active and plausible threats.
๐ Empowering the broader community through cybersecurity skill-honing events, research-sharing, career guidance, and more.
With its GLOCAL vision, partnerships, and expertise, Group-IB leads global collaboration for a safer digital world. Learn more here
#Cybersecurity #LawEnforcement #GLOCAL #FightAgainstCybercrime
A significant vision that feels too far to achieve is Group-IBโs todayโs reality. We donโt just claim to lead the fightโwe actively drive it forward.
โ Trusted by top law enforcement agencies for investigations, cybercrime operations, and threat retaliation.
๐ Mission-critical Digital Crime Resistance Centers (11 hubs and growing) deliver localized, targeted and timely intelligence to combat active and plausible threats.
๐ Empowering the broader community through cybersecurity skill-honing events, research-sharing, career guidance, and more.
With its GLOCAL vision, partnerships, and expertise, Group-IB leads global collaboration for a safer digital world. Learn more here
#Cybersecurity #LawEnforcement #GLOCAL #FightAgainstCybercrime
๐ฅ5๐3
Our latest blog dives deep into arbitrage betting (surebets)โa technique that guarantees profits by leveraging odds discrepancies across bookmakers. Highlights include:
โ The $3.9 billion annual loss in state tax revenue due to illegal betting platforms.
โ How fraudsters exploit automation and bots to scale arbitrage bets.
โ Advanced techniques to detect and prevent fraud, including real-time anomaly detection and multi-factor authentication.
Understand the technology, risks, and solutions shaping the iGaming industry. Explore the Surebet Playbook now!
#Surebets #ArbitrageBetting #FraudDetection #iGamingTech
โ The $3.9 billion annual loss in state tax revenue due to illegal betting platforms.
โ How fraudsters exploit automation and bots to scale arbitrage bets.
โ Advanced techniques to detect and prevent fraud, including real-time anomaly detection and multi-factor authentication.
Understand the technology, risks, and solutions shaping the iGaming industry. Explore the Surebet Playbook now!
#Surebets #ArbitrageBetting #FraudDetection #iGamingTech
๐5๐ฅ2
๐จ Inside the World of Lynx Ransomware-as-a-Service ๐จ
Lynx RaaS is taking ransomware operations to a new level with a highly structured affiliate model, cross-platform ransomware arsenal, and advanced encryption techniques.
๐ Discover how this criminal ecosystem operates, from customizable encryption modes to double extortion tactics. Gain insights into their affiliate panel, recruitment strategy, and the evolving threat landscape.
๐ Read the full blog to stay informed and protect your organization
#CyberSecurity #ThreatIntelligence #LynxRaaS #FightAgainstCybercrime
Lynx RaaS is taking ransomware operations to a new level with a highly structured affiliate model, cross-platform ransomware arsenal, and advanced encryption techniques.
๐ Discover how this criminal ecosystem operates, from customizable encryption modes to double extortion tactics. Gain insights into their affiliate panel, recruitment strategy, and the evolving threat landscape.
๐ Read the full blog to stay informed and protect your organization
#CyberSecurity #ThreatIntelligence #LynxRaaS #FightAgainstCybercrime
๐ฅ11
๐จ The Dark Side of Automation: How AI is Fueling Card Testing Attacks ๐จ
As AI-powered automation transforms industries, cybercriminals are weaponizing these tools for large-scale fraud. Card testing attacks are on the rise, with bots and AI agents exploiting stolen credit card details to validate and monetize compromised data.
Key Insights:
๐นHow fraudsters obtain stolen credit card information from the dark web and use bot programs to test them on e-commerce websites
๐นThe role of AI agents in enabling global fraud operations.
๐นReal-world case studies and detection strategies to combat these threats.
Stay ahead of the curve and learn how businesses can protect themselves from evolving cyber threats and safeguard their customers. ๐ Read the full blog to understand the risks and solutions
#CyberSecurity #GroupIB #DigitalFraud #FightAgainstCybercrime
As AI-powered automation transforms industries, cybercriminals are weaponizing these tools for large-scale fraud. Card testing attacks are on the rise, with bots and AI agents exploiting stolen credit card details to validate and monetize compromised data.
Key Insights:
๐นHow fraudsters obtain stolen credit card information from the dark web and use bot programs to test them on e-commerce websites
๐นThe role of AI agents in enabling global fraud operations.
๐นReal-world case studies and detection strategies to combat these threats.
Stay ahead of the curve and learn how businesses can protect themselves from evolving cyber threats and safeguard their customers. ๐ Read the full blog to understand the risks and solutions
#CyberSecurity #GroupIB #DigitalFraud #FightAgainstCybercrime
๐4๐ฅ4
Conventional sandboxes often leave analysts struggling with fragmented data. How did we change that?
Group-IBโs Malware Reports library is a free, no-sign-up-required tool that simplifies and deepens the understanding of suspicious files on your endpoints.
In our latest blog post, we explore five practical ways Malware Reports can transform your workflow, whether you're a SOC analyst, threat hunter, or reverse engineer. Read more
#Cybersecurity #MalwareAnalysis #ThreatHunting #FightAgainstCybercrime
Group-IBโs Malware Reports library is a free, no-sign-up-required tool that simplifies and deepens the understanding of suspicious files on your endpoints.
In our latest blog post, we explore five practical ways Malware Reports can transform your workflow, whether you're a SOC analyst, threat hunter, or reverse engineer. Read more
#Cybersecurity #MalwareAnalysis #ThreatHunting #FightAgainstCybercrime
๐ฅ7๐ฅฑ3๐1๐1
Our free malware analysis tool helps you hunt for threats more effectively. If you've ever struggled to connect the dots between isolated alerts, this is for you. Cybersecurity expert Gary Ruddell breaks down how you can use the tool in your workflow.
What you'll learn:
1๏ธโฃHow to uncover hidden malware connections
2๏ธโฃHow to speed up investigations with behavioral insights
3๏ธโฃHow to build custom detection rules
Click to watch the full video
๐ Subscribe to our YouTube channel for more updates: https://www.youtube.com/@GroupIBGlobal
#Cybersecurity #InfoSec #MalwareAnalysis
What you'll learn:
1๏ธโฃHow to uncover hidden malware connections
2๏ธโฃHow to speed up investigations with behavioral insights
3๏ธโฃHow to build custom detection rules
Click to watch the full video
๐ Subscribe to our YouTube channel for more updates: https://www.youtube.com/@GroupIBGlobal
#Cybersecurity #InfoSec #MalwareAnalysis
๐9โค2๐2
๐ RansomHub Never Sleeps: The Rise of a New Ransomware Powerhouse
RansomHub has quickly positioned itself as one of the most prolific ransomware groups of 2024. In Part 1 of our latest investigation, Group-IBโs DFIR and Threat Intelligence teams analyze how RansomHub:
๐น Exploited the takedown of LockBit & ALPHV to recruit affiliates.
๐น Leveraged RaaS to scale operations across Windows, Linux, ESXi, and FreeBSD.
๐น Weaponized vulnerabilities like CVE-2024-3400 for initial access.
๐น Introduced an SFTP ransomware variant to evade traditional defenses.
๐น Used Filezilla and PCHunter for stealthy exfiltration and security bypass.
With over 600 victims across healthcare, finance, and government, RansomHub is evolving fast. And this is just the beginning. Stay tuned for Episode 2. ๐ Read Episode 1
#RansomHub #CyberSecurity #FightAgainstCybercrime
RansomHub has quickly positioned itself as one of the most prolific ransomware groups of 2024. In Part 1 of our latest investigation, Group-IBโs DFIR and Threat Intelligence teams analyze how RansomHub:
๐น Exploited the takedown of LockBit & ALPHV to recruit affiliates.
๐น Leveraged RaaS to scale operations across Windows, Linux, ESXi, and FreeBSD.
๐น Weaponized vulnerabilities like CVE-2024-3400 for initial access.
๐น Introduced an SFTP ransomware variant to evade traditional defenses.
๐น Used Filezilla and PCHunter for stealthy exfiltration and security bypass.
With over 600 victims across healthcare, finance, and government, RansomHub is evolving fast. And this is just the beginning. Stay tuned for Episode 2. ๐ Read Episode 1
#RansomHub #CyberSecurity #FightAgainstCybercrime
๐ฅ7๐1
๐ Fingerprint Heists: How Cybercriminals Exploit Browser Fingerprinting
Cybercriminals are taking online fraud to the next levelโstealing browser fingerprints to bypass security measures and impersonate users. A new investigation reveals how ScreamedJungle is injecting malicious scripts into compromised Magento sites to collect fingerprints and evade detection.
Key insights from the research:
๐น Advanced fingerprinting techniquesโFraudsters extract unique browser characteristics without consent.
๐น Compromised e-commerce sitesโInjected BabloSoft scripts harvest user data at scale.
๐น Bypassing fraud protectionโAttackers exploit stolen fingerprints to mimic legitimate users.
๐น MITRE ATT&CK tacticsโMapping the techniques used to conduct these attacks.
๐ Read the full technical analysis to understand how threat actors operate and how to defend against it
#FraudPrevention #ThreatIntelligence #Cybersecurity #FightAgainstCybercrime
Cybercriminals are taking online fraud to the next levelโstealing browser fingerprints to bypass security measures and impersonate users. A new investigation reveals how ScreamedJungle is injecting malicious scripts into compromised Magento sites to collect fingerprints and evade detection.
Key insights from the research:
๐น Advanced fingerprinting techniquesโFraudsters extract unique browser characteristics without consent.
๐น Compromised e-commerce sitesโInjected BabloSoft scripts harvest user data at scale.
๐น Bypassing fraud protectionโAttackers exploit stolen fingerprints to mimic legitimate users.
๐น MITRE ATT&CK tacticsโMapping the techniques used to conduct these attacks.
๐ Read the full technical analysis to understand how threat actors operate and how to defend against it
#FraudPrevention #ThreatIntelligence #Cybersecurity #FightAgainstCybercrime
๐9๐ฅ3๐1
Media is too big
VIEW IN TELEGRAM
โ ๏ธCybercrime isnโt just growingโitโs adapting.
Ransomware fuels data breaches. Stolen data powers Initial Access Brokers. AI-driven phishing makes social engineering even more deceptive. And as geopolitical tensions rise, cyber warfare is becoming a tool of state power.
Our 2025 High-Tech Crime Trends Report uncovers how these threats are interconnectedโand what it takes to break the cycle.
Cybercriminals are evolving. Are you? Read the full report
#HTCT2025 #cybersecurity #FightAgainstCybercrime
Ransomware fuels data breaches. Stolen data powers Initial Access Brokers. AI-driven phishing makes social engineering even more deceptive. And as geopolitical tensions rise, cyber warfare is becoming a tool of state power.
Our 2025 High-Tech Crime Trends Report uncovers how these threats are interconnectedโand what it takes to break the cycle.
Cybercriminals are evolving. Are you? Read the full report
#HTCT2025 #cybersecurity #FightAgainstCybercrime
๐8โค1
In a joint operation by Royal Thai Police & Singapore Police Force, with crucial intelligence from Group-IB, authorities have arrested a cybercriminal behind 90+ data breaches worldwide, including 65 across APAC. Since 2020, he targeted companies using SQL injections and vulnerable RDP servers, exfiltrating data to blackmail victims.
Group-IB has been tracking this threat actor since 2020, uncovering his multiple aliases: ALTDOS, DESORDEN, GHOSTR, and 0mid16B. His tactics evolved over time, leaking stolen data across dark web forums.
This landmark arrest is a victory for cybersecurity! Read the full story here
#Cybersecurity #LawEnforcement #FightAgainstCybercrime
Group-IB has been tracking this threat actor since 2020, uncovering his multiple aliases: ALTDOS, DESORDEN, GHOSTR, and 0mid16B. His tactics evolved over time, leaking stolen data across dark web forums.
This landmark arrest is a victory for cybersecurity! Read the full story here
#Cybersecurity #LawEnforcement #FightAgainstCybercrime
๐ฅ9๐4
Cost of building and maintaining a top-notch cybersecurity stack and team? At least a few thousand. Cost of NOT having one? Millionsโlost to cyberattacks, and a constant threat of your customers, data, and operations being jeopardized.
Not having robust security isnโt an option. But even with the best tech, are you truly secure? Noโunless you address your biggest hidden cybersecurity cost: your employees.
Insider threatsโwhether intentional or accidentalโare a top concern for organizations today.
The real solution is building a strong security culture. With cybersecurity being a top-cited challenge for leaders today, building a strong security culture is just as essential as technological defenses.
But how should you best approach it? Our cybersecurity experts break it down for you.
#CyberSecurity #InsiderThreats #SecurityCulture
Not having robust security isnโt an option. But even with the best tech, are you truly secure? Noโunless you address your biggest hidden cybersecurity cost: your employees.
Insider threatsโwhether intentional or accidentalโare a top concern for organizations today.
The real solution is building a strong security culture. With cybersecurity being a top-cited challenge for leaders today, building a strong security culture is just as essential as technological defenses.
But how should you best approach it? Our cybersecurity experts break it down for you.
#CyberSecurity #InsiderThreats #SecurityCulture
๐3
Trust No One โ Is It The Right Approach to Network Security?
As organizations have gone perimeter-less, serverless and (consequently security-less), Zero Trust approach is gaining momentum.
No, itโs not cynicismโitโs a proven strategy. With 60%+ of companies already adopting Zero Trust, it is highly effective in protecting business-critical assets and people.
But..
Zero Trust isnโt a one-size-fits-all solution or a plug-and-play framework. It requires continuous monitoring, real-time anomaly detection, and proactive security enforcement.
Implementing it might make businesses question if:
โ It is the right fit for your organization?
โ What are the integration challenges?
โ It will lead to endless false positives?
โ It can work with existing infrastructure and be scaled over time?
Get your questions answered in our latest blog, where Group-IB experts share insights to begin your Zero Trust journey
#ZeroTrust #Cybersecurity #NetworkSecurity #FightAgainstCybercrime
As organizations have gone perimeter-less, serverless and (consequently security-less), Zero Trust approach is gaining momentum.
No, itโs not cynicismโitโs a proven strategy. With 60%+ of companies already adopting Zero Trust, it is highly effective in protecting business-critical assets and people.
But..
Zero Trust isnโt a one-size-fits-all solution or a plug-and-play framework. It requires continuous monitoring, real-time anomaly detection, and proactive security enforcement.
Implementing it might make businesses question if:
โ It is the right fit for your organization?
โ What are the integration challenges?
โ It will lead to endless false positives?
โ It can work with existing infrastructure and be scaled over time?
Get your questions answered in our latest blog, where Group-IB experts share insights to begin your Zero Trust journey
#ZeroTrust #Cybersecurity #NetworkSecurity #FightAgainstCybercrime
๐1
๐จSIM Swapping Fraud: How Fraudsters Bypass Security Measures๐จ
Despite advanced telecom and government safeguards, SIM swapping fraud continues to evolve. Fraudsters exploit human vulnerabilities through phishing and social engineering, deceiving individuals to bypass security layers and take control of phone numbers.
With access to a compromised SIM, they can intercept 2FA codes, hijack accounts, and commit identity theft.
๐ Our latest analysis at Group-IB explores how these attacks happen and what can be done to prevent them.
#SIMSwapping #FraudDetection #CyberSecurity #SocialEngineering #Phishing
Despite advanced telecom and government safeguards, SIM swapping fraud continues to evolve. Fraudsters exploit human vulnerabilities through phishing and social engineering, deceiving individuals to bypass security layers and take control of phone numbers.
With access to a compromised SIM, they can intercept 2FA codes, hijack accounts, and commit identity theft.
๐ Our latest analysis at Group-IB explores how these attacks happen and what can be done to prevent them.
#SIMSwapping #FraudDetection #CyberSecurity #SocialEngineering #Phishing
๐1๐ฅ1๐1
Cybercriminals have come up with a clever idea to trick users into running malware on their own systemsโno exploits, just deception. The ClickFix technique disguises fake reCAPTCHA pages and "Fix It" pop-ups to auto-copy malicious PowerShell scripts straight to your clipboard. One wrong move, and infostealers like Lumma, Vidar, CStealer, AMOS, and DarkGate are on your system.
Whatโs happening?
๐นFake bot verifications copy malicious commands without your knowledge
๐นVictims unknowingly paste and execute malware in their Run dialog
๐นCybercriminals & APT groups are using ClickFix for large-scale hacking campaigns
Group-IBโs latest research uncovers real-world attack chains, technical breakdowns, and must-know defense strategies.
๐Read the full blog here
#ClickFix #ThreatIntelligence #APT #InfoStealer
Whatโs happening?
๐นFake bot verifications copy malicious commands without your knowledge
๐นVictims unknowingly paste and execute malware in their Run dialog
๐นCybercriminals & APT groups are using ClickFix for large-scale hacking campaigns
Group-IBโs latest research uncovers real-world attack chains, technical breakdowns, and must-know defense strategies.
๐Read the full blog here
#ClickFix #ThreatIntelligence #APT #InfoStealer
๐ฅ12๐2๐1
Group-IB is proud to be recognized by the Singapore Police Force for our contributions in combating cyber threats across the Asia-Pacific (APAC) region. This accolade highlights our pivotal role in providing critical investigation data that led to the arrest of DESORDEN in February 2025, responsible for over 90 global data leaks.
The award also recognized the Group-IB Investigation teamโs knowledge-sharing efforts by delivering key insights at the ASEAN Cybercrime Conference 2024, reinforcing collective cybersecurity defenses in the region. Read More
#CyberSecurity #GroupIB #APAC #CyberThreats #SingaporePolice #FightAgainstCybercrime
The award also recognized the Group-IB Investigation teamโs knowledge-sharing efforts by delivering key insights at the ASEAN Cybercrime Conference 2024, reinforcing collective cybersecurity defenses in the region. Read More
#CyberSecurity #GroupIB #APAC #CyberThreats #SingaporePolice #FightAgainstCybercrime
๐ฅ15๐3๐1
The Cybercriminal with Four Faces: How Group-IB Tracked ALTDOS, DESORDEN, GHOSTR & 0mid16B
For over four years, a cybercriminal hid behind multiple aliases, orchestrating more than 90 data breaches and extorting victims across Asia and beyond. From ALTDOS to DESORDEN, GHOSTR, and finally 0mid16B, he adapted his tactics, evaded detection, and exploited stolen data. Group-IBโs investigators uncovered the patterns linking his identities.
These findings, along with further investigative intelligence from Group-IB, helped the Royal Thai Police and the Singapore Police Force to track, identify, and ultimately arrest the cybercriminal. ๐Read the full report.
#Cybersecurity #ThreatIntelligence #CyberInvestigation #FightAgainstCybercrime
For over four years, a cybercriminal hid behind multiple aliases, orchestrating more than 90 data breaches and extorting victims across Asia and beyond. From ALTDOS to DESORDEN, GHOSTR, and finally 0mid16B, he adapted his tactics, evaded detection, and exploited stolen data. Group-IBโs investigators uncovered the patterns linking his identities.
These findings, along with further investigative intelligence from Group-IB, helped the Royal Thai Police and the Singapore Police Force to track, identify, and ultimately arrest the cybercriminal. ๐Read the full report.
#Cybersecurity #ThreatIntelligence #CyberInvestigation #FightAgainstCybercrime
๐ฅ6๐4โค1๐1
Group-IB contributed to INTERPOL-led Operation Red Card, a major international effort to dismantle cybercriminal networks across Africa.
Key Outcomes:
โ๏ธ306 suspects arrested for banking fraud, mobile malware attacks, investment fraud and other social engineering scams
โ๏ธ5,000+ victims targeted by cybercriminals
โ๏ธ 1,842 devices seized, used to defraud individuals & businesses
โ๏ธ$305,000 stolen through social engineering scams uncovered in Rwanda
โ๏ธ26 vehicles, 16 houses & 39 plots of land seized from fraudsters in Nigeria
This operation demonstrates the impact of cooperation between law enforcement and the private sector in tackling cybercrime. ๐Read the full story
#CyberSecurity #LawEnforcement #OperationRedCard #FightAgainstCybercrime
Key Outcomes:
โ๏ธ306 suspects arrested for banking fraud, mobile malware attacks, investment fraud and other social engineering scams
โ๏ธ5,000+ victims targeted by cybercriminals
โ๏ธ 1,842 devices seized, used to defraud individuals & businesses
โ๏ธ$305,000 stolen through social engineering scams uncovered in Rwanda
โ๏ธ26 vehicles, 16 houses & 39 plots of land seized from fraudsters in Nigeria
This operation demonstrates the impact of cooperation between law enforcement and the private sector in tackling cybercrime. ๐Read the full story
#CyberSecurity #LawEnforcement #OperationRedCard #FightAgainstCybercrime
๐ฅ10๐3
Scam-as-a-service (SaaS) is reshaping cyber fraud in Central Asia. Classiscam operations leverage Telegram bots, phishing panels, and automated credential harvesting to scale attacks with minimal effort.
Our latest research reveals:
โ๏ธHow Telegram bots automate phishing site creation
โ๏ธClassiscamโs role-based fraud hierarchy (Fake Support, Data Input, Operators)
โ๏ธTargeting patterns against online marketplaces & financial institutions
โ๏ธKey IoCs & proactive defense strategies
๐ Read the full report here
#Phishing #FraudIntelligence #CyberSecurity #FightAgainstCybercrime
Our latest research reveals:
โ๏ธHow Telegram bots automate phishing site creation
โ๏ธClassiscamโs role-based fraud hierarchy (Fake Support, Data Input, Operators)
โ๏ธTargeting patterns against online marketplaces & financial institutions
โ๏ธKey IoCs & proactive defense strategies
๐ Read the full report here
#Phishing #FraudIntelligence #CyberSecurity #FightAgainstCybercrime
โค9๐ฅ2๐1
Cyber threats across Latin America (LATAM) show a concerning rise!
Cybercriminals have deceived countless victimsโusing elaborate scams to impersonate well-established brands and exploit users' trust.
In 2024 alone, Group-IB identified at least 97 fraudulent domains targeting four major brands. The level of sophistication among scammers even surprised our own experts.
Want to see these operations in action? Group-IB experts reveal trade secrets from the dark side in the latest blog
#CyberSecurity #LATAM #CyberThreats #FightAgainstCybercrime
Cybercriminals have deceived countless victimsโusing elaborate scams to impersonate well-established brands and exploit users' trust.
In 2024 alone, Group-IB identified at least 97 fraudulent domains targeting four major brands. The level of sophistication among scammers even surprised our own experts.
Want to see these operations in action? Group-IB experts reveal trade secrets from the dark side in the latest blog
#CyberSecurity #LATAM #CyberThreats #FightAgainstCybercrime
โค6๐ฅ1
๐จ Hunters International: The Next Evolution of Cyber Extortion?
Emerging in October 2023, Hunters International took over Hive ransomware's legacy, operating across Windows, Linux, FreeBSD, SunOS, and ESXi. But their game is changingโGroup-IBโs latest research reveals their planned rebrand as World Leaks, adopting an extortion-only model featuring OSINT-driven coercion, their proprietary "Storage Software," and silent encryption (no ransom notes since v6.0).
Key Findings:
โข Transitioning from ransomware to pure data extortion
โข Infrastructure overlaps with Lynx/INC Ransom
โข Evolving tactics to bypass payment bans and law enforcement
Their stealthy approach and affiliate structure make them a growing threat, particularly for healthcare and real estate sectors. Read the full analysis here
#Cybersecurity #Ransomware #FightAgainstCybercrime
Emerging in October 2023, Hunters International took over Hive ransomware's legacy, operating across Windows, Linux, FreeBSD, SunOS, and ESXi. But their game is changingโGroup-IBโs latest research reveals their planned rebrand as World Leaks, adopting an extortion-only model featuring OSINT-driven coercion, their proprietary "Storage Software," and silent encryption (no ransom notes since v6.0).
Key Findings:
โข Transitioning from ransomware to pure data extortion
โข Infrastructure overlaps with Lynx/INC Ransom
โข Evolving tactics to bypass payment bans and law enforcement
Their stealthy approach and affiliate structure make them a growing threat, particularly for healthcare and real estate sectors. Read the full analysis here
#Cybersecurity #Ransomware #FightAgainstCybercrime
โค4๐1๐ฅ1๐1