Ransomware Roundup
By Dominic Alvieri
9/9/22
We all know DDoS attacks are illegal. The rules seemed to have changed, entrust me.
Earlier this week several ransomware gangs leak sites including LV, Everest and Ragnar Locker appeared to be under the same "high load" stress that caused LockBit and ALPHV Black Cat ransomware to make some adjustments.
Everest v Brazil?
The Everest Ransomware Team leak site has been unavailable since leaking access to the Brazilian Government and still offline as of this article. It is still offline now.
 |
| photo courtesy @darktracer_int Twitter |
Ragnar v Air Portugal?
Ragnar Locker has been wrestling with TAP Air Portugal regaining site control after an alleged DDoS attack. Raagnar Locker teased Air Portugal and the site neatly went unavailable again. The site is currently back online as of 7:45pm EST but no new posts or leaks were added.
Ragnar Locker has been offline again since after their post.
 |
| Alleged TAP Air Portugal customer leak. |
Going Backwards, the LockBit Tattoo
LockBit is back in the news besides the obsessive post rate to offer $1,000 to anyone who gets a LockBit tattoo.
ALPHV Black Cat ransomware has removed the Italian Energy Agency, GSE-Gestore Servizi Energetici from its leak site. When a ransomware group flashed a victim like ALPHV did with Unisys several weeks back for an hour or so that is a message or a taunt. WHen a post is deleted after nearly a week that usually indicates a payment. Black Cat like most ransomware groupsd does not do charity work.
The only other reasonable reason for removal could be the fear of NATO action due to the cyber attacks on Albania and Montenegro. Creos of Luxembourg remains on their leak site so that theory doesn't hold up well either.
Vice Society
New Logo, Same Lowlife Double Extortion Group.
 |
| New Vice Society alternate logo. You're welcome. |
Vice Society has just claimed the Los Angeles School District via Jeremy Kirk at 7:50pm EST while I am still waiting for a response this is from Vice.
The last 6 posts for Vice Society are:
The Los Angeles School District, California
Elmbrook School, Wisconsin
Moon Area School Distric, Pennsylvania
The Francis King School of English, United Kingdom
Lampton School, United Kingdom
BSV Hospice
Vice Society is believed to be an English speaking group.
Vice Society has also added a timer on most of their new posts.
Yanluowang is thought to be a Chinese group.
Is Cl0P Brazilian? Cl0P is thought to be Russian but for some reason Brazil and Portuguese keeps coming up. More to come.
Cl0P
Cl0P added a captcha again to help against those high loads after an attack on a British water utility.
Dominic Alvieri, @AlvieriD Twitter
No comments:
Post a Comment