Loading...

Ransomfeed

Profilo, status e statistiche (dal 12-01-2020)

Dettaglio cyber gang

Profilo gang by OSINT sources: [source: 0]

The operators of the ALPHV/BlackCat ransomware began their activity in December 2021, making posts on Dark Web forums to promote their affiliate program, offering other actors the opportunity to engage in a 'new type of ransomware family' developed from scratch using the Rust programming language.

Some clear evidence indicates that the actors behind this new ransomware are not new to cybercrime, and there were links to other affiliate programs such as DarkSide, BlackMatter, and REvil. (After several attacks against large companies, these groups faced pressure and arrests, necessitating the termination of their operations).

As a security measure, the operators of ALPHV implemented the requirement for the execution of the ransomware payload by providing an 'access token,' which is supplied by the owners of the Ransomware-as-a-Service to the affiliate. This token is added to the victim's ransom note so that they can contact the threat actor responsible for encrypting the data.

ALPHV affiliates employ double and triple extortion techniques, meaning the publication of the company's name on leak sites, threats of data leakage, and lastly, threats of DDoS attacks against the organization.
Source: https://github.com/crocodyli/ThreatActors-TTPs

Alerts:


Statistiche
N. rivendicazioni 2024 2023 2022
710 53 416 241
URLs
Fonte onionUltimo titoloStatusUltimo scrapeVersione Tor
alphvmmm27o3abo3r2mlmjrpdmzle3rykajqc5xsj7j7ejksbpsa36ad.onion THIS WEBSITE HAS BEEN SEIZED 🔴 19-12-2023 3
alphvmmm27o3abo3r2mlmjrpdmzle3rykajqc5xsj7j7ejksbpsa36ad.onion THIS WEBSITE HAS BEEN SEIZED 🔴 19-12-2023 3
2cuqgeerjdba2rhdiviezodpu3lc4qz2sjf4qin6f7std2evleqlzjid.onion 🔴 01-05-2021 3
vqifktlreqpudvulhbzmc5gocbeawl67uvs2pttswemdorbnhaddohyd.onion   🔴 07-06-2023 3
alphvuzxyxv6ylumd2ngp46xzq3pw6zflomrghvxeuks6kklberrbmyd.onion THIS WEBSITE HAS BEEN SEIZED 🔴 09-03-2024 3
Note di riscatto

Questo script colleziona ogni rivendicazione criminale esattamente come esposta dalle fonti (modello "As Is"), in un database SQL per creare un feed permanente, che può anche essere seguito con tecnologia RSS.
Il motore è basato sul progetto ransomFeed, fork in GitHub.