Readers will doubtless have heard the phrase “Ransomware as a Service” (aka RaaS). The ransomware part of that term gets a lot of coverage but what about the service? Ransomware services, one might assume, must be served from somewhere, but where does this happen? The Dark Web It’s a question surprisingly few people ask. As […]
If there was ever a summer where ransomware has played out like a pastiche of the Hollywood movie industry, 2023 serves as an unwelcome example. This might sound flippant but there are instructive parallels. As in movies, there are summer releases and at least one or two big hits everyone gets to hear about. The […]
A trend that often gets lost in the reporting of cybersecurity incidents is how important mainstream pen testing tools have become to cybercrime. This is also true in the ransomware sector where popular tools such as Cobalt Strike, Mimikatz, and PsExec are routinely abused for a multitude of tasks including reconnaissance, credential abuse, and post […]
Ever since ransomware actors took to stealing and leaking data rather than merely encrypting it, they’ve have had to overcome the problem of how to exploit their success in a way that scales efficiently. If you leak data from a few victims, the answer is fairly simple: Post sample data on a dark web site […]
Ransomware offers up few absolute certainties, but one that has become a given is that extortion payments are demanded in Bitcoin. It hasn’t always been so. In the very early days of ransomware from around 2006, extortionists had to rely on traditional channels to receive payments such as credit cards (believe it or not) and […]
Leaking private data to embarrass victims into paying a ransom is probably the least organizations should expect from ransomware criminals in 2023. Looking back over the last decade, it’s surprising criminals didn’t think of this tactic earlier. Encrypting files is hugely inconvenient but at least these can usually be restored with some effort. At some […]
