November 10, 2023 at 10:46AM
Ransomware group Ransomed.vc claims to have permanently shut down due to suspected arrests. The group had previously announced plans to sell the operation, offering a discount before the latest announcement of potential arrests. The group cited the welfare of its affiliates and their lack of opsec skills as reasons for the shutdown. The group’s leader has deleted their personal contact Telegram account. Ransomed.vc had gained attention for claiming responsibility for attacks on Sony and NTT Docomo, but doubts were cast on the legitimacy of their claims. It is possible that the group may reemerge under a new name.
Meeting notes:
– Ransomed.vc, a short-lived ransomware group, claims to have shut down after suspected arrests.
– The group initially announced plans to sell the operation to a trusted person but later offered a 20% discount, possibly due to attention from authorities.
– Ransomed.vc stated that six people affiliated with the group’s leader may have been arrested and all 98 affiliates are now fired.
– The group mentioned that they regret nothing and blamed their hiring policy for inexperienced individuals with poor opsec skills.
– The leader of Ransomed.vc has deleted their personal contact Telegram account.
– Ransomed.vc gained some attention after claiming responsibility for an attack on Sony, although another party later claimed the attack.
– Security researchers expressed doubt over Ransomed.vc’s claim for an attack on NTT Docomo, as someone else leaked the data first.
– Prior to the group’s planned sale, they engaged in erratic posting and even launched a smear campaign against a cybersecurity executive.
– There is a possibility that the individuals behind Ransomed.vc may reemerge under a new name and branding, which is common in the ransomware world.