RagnarLocker joins increasingly threatening ransomware syndicate

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Welcome to our Community
Wanting to join the rest of our members? Feel free to sign up today.
Sign up

PCHF IT Feeds

PCHF Tech News
PCHF Bot
Jan 10, 2015
52,091
26
pchelpforum.net
The ransomware syndicate created by the operators of the Maze ransomware has added another group to its ranks.

Ransomware operations that target business networks will often steal a victim's unencrypted files before encrypting the rest of their network. Cybercriminals do this so that they can use these files as leverage in case victims fail to pay its ransoms. If the ransom isn't paid, then the unencrypted files will be leaked online via a data leak site.

Last year, the Maze ransomware group launched a data leak site of its own called Maze News which it uses to shame victims into paying by publicly releasing their stolen data. However, the group took things a step further recently when it decided to create a ransomware syndicate with other ransomware operators to exchange tactics, intelligence and extort victims through its data leak platform.

Ransomware syndicate


The operators of the LockBit ransomware were the first group to join Maze's ransomware syndicate but now another competing ransomware group named RagnarLocker has joined as well. In a post on Twitter, Ransom Leaks provided further details on the newest member of the 'cartel', saying:

“The MazeRansomware cartel is real. In addition to LockBit, they are providing infrastructure for RagnarLocker's leaks. Ragnar previously claimed Brunner breach. Now it is listed on Maze's leak site with attribution to RagnarLocker”

While LockBit does not operate its own data leak site, RagnarLocker does which means the group has less to gain by joining the syndicate. However, RagnarLocker could still be benefiting from the arrangement by being associated with the Maze gang and by sharing tactics and intelligence with it and LockBit.

At this time, it is still unknown how the Maze gang benefits from its ransomware syndicate but the group could be collecting a portion of the profits from the stolen data auctioned off on its Maze News site. Also, there is power in numbers in addition to the benefits of sharing intelligence and exchanging tactics with other cybercriminals.


Via BleepingComputer

iMZX1OXldMI


Continue reading...