#RansomwareAffiliates

Ransomware Groups, Targeting Preferences, and the Access Economy

by

February 20, 2024 at 10:40AM Ransomware attacks are often initiated by criminals exploiting easily accessible targets, rather than choosing them. Infostealer malware, particularly through Telegram channels, contributes to the proliferation of ransomware attacks. Additionally, initial access brokers sell corporate IT access, which is taken advantage of by ransomware groups and affiliates to carry out attacks, … Read more

BlackCat ransomware uses new ‘Munchkin’ Linux VM in stealthy attacks

by

October 19, 2023 at 05:46PM BlackCat/ALPHV ransomware is using a new tool called ‘Munchkin’ to deploy encryptors on network devices stealthily. The tool runs on virtual machines and allows threat actors to dump passwords, spread on the network, build encryptor payloads, and execute programs on computers. Munchkin makes the ransomware operation more attractive to cybercriminals. … Read more