Kaspersky, the cybersecurity agency initially primarily based in Russia, has uncovered a troubling pattern the place cybercriminal teams are teaming as much as maximize earnings by deploying two forms of malicious assaults in succession. This collaborative technique entails spreading information-stealing malware first, adopted by a ransomware assault—making certain cybercriminals obtain double the ransom.
The newest discovery got here from an investigation in Colombia, the place a enterprise was focused by a cybercriminal group utilizing RustyStealer, a sort of malware designed to reap delicate information like login credentials, private information, and different essential data. As soon as the attackers efficiently extracted this information, they handed off the compromised community to a different group that deployed a comparatively new pressure of ransomware referred to as Ymir.
Ymir ransomware is especially harmful as a result of it stays stealthy, bypassing most anti-malware methods and steadily encrypting information over time. At current, no decryption key exists for this ransomware, making it an much more potent risk for victims.
Whereas researchers are nonetheless working to determine a transparent connection between using RustyStealer and the deployment of Ymir ransomware, the incident underscores a rising pattern on the earth of cybercrime—collaboration amongst hacking teams. In lots of circumstances, cybercriminals are identified to share vulnerabilities and instruments that may assist their companions infiltrate goal networks extra successfully.
The same sample was noticed within the case of the BlackCat (ALPHV) ransomware group. In 2024, BlackCat focused healthcare supplier Change Healthcare, demanding a $22 million ransom in cryptocurrency. The FBI took down the ALPHV group’s infrastructure in March 2024, disrupting their operations. Nonetheless, shortly after, a brand new ransomware group named Ransom Hub emerged, claiming ties to the now-defunct BlackCat. Ransom Hub proceeded to demand a brand new ransom, threatening to leak delicate information from Change Healthcare.
In each cases, the cybercriminals labored collectively in a coordinated assault—first stealing precious data after which demanding ransom a number of instances for a similar information. This technique illustrates how teams within the cybercrime world are more and more collaborating to extend their earnings, capitalizing on their capability to compromise a goal’s community in numerous methods.
Consultants warn that this pattern may change into extra frequent, as cybercriminal organizations proceed to refine their techniques and pool assets to create a double-threat that’s tougher to defend towards.
Advert
Source link
#Hacking #Teams #Collaborate #Double #Ransom #Scheme
