Ransomware operators are joining forces – here’s what you need to know
Ransomware operators have joined forces and they are now exchanging tactics, intelligence and extorting victims through a shared data leak platform.
Back in November, the operators of the Maze ransomware released the unencrypted data of a victim after they refused to pay its ransom. Shortly after, the group launched a site called “Maze News” which it uses to shame unpaid victims by publicly releasing their stolen data.
Other cybercriminals quickly followed suit and now thirteen active ransomware operations have begun to leak stolen data if their ransoms are not paid.
Maze News
As reported by BleepingComputer, the Maze group has now created their own cartel comprised of other ransomware operators with the aim of sharing resources and extorting their victims.
The cyber intelligence firm KeLa told the news outlet that the group has added information and files for an international architectural firm to its Maze News site. However, this data was not obtained by the Maze ransomware group buy by another ransomware operation which targets enterprise businesses called LockBit.
BleepingComputer decided to reach out to the operators of the Maze ransomware to learn more about this new collaboration. The group then confirmed that they are indeed working together with LockBit to share their experience and data leak platform, saying:
“In a few days another group will emerge on our news website, we all see in this cooperation the way leading to mutual beneficial outcome, for both actor groups and companies. Even more, they use not only our platform to post the data of companies, but also our experience and reputation, building the beneficial and solid future. We treat other groups as our partners, not as our competitors. Organizational questions is behind every successful business.”
The Maze gang also revealed that another group will soon be joining its ransomware cartel soon. Ransomware was already a serious threat to businesses and the fact that these groups are now working together means that we will likely see them develop even more sophisticated attacks going forward.
Via BleepingComputer
Ransomware operators have joined forces and they are now exchanging tactics, intelligence and extorting victims through a shared data leak platform. Back in November, the operators of the Maze ransomware released the unencrypted data of a victim after they refused to pay its ransom. Shortly after, the group launched a…
