Categories: Market

Ransomeware and Top 5 Online Gangs

Ransomware attacks are increasing in all countries. The level of activity of gangs is becoming more and more sophisticated because they not only attack domestic organizations and companies, but also blatantly rage around the world. REvil’s recent global ransomware attack on Florida-based software provider Kaseya is a case in point.

Ransomware attacks are growing exponentially in size and demand for ransom. Understanding who these groups are and what they want is critical to bringing them down.

Here are the top 5 online gangs today.

Today’s Top Online Gang

Today’s Leading Online Gang – DarkSide

DarkSide is the group behind the May ransom attack on the Colonial Pipeline that crippled the Colonial Pipeline’s fuel distribution network, raising concerns about gasoline shortages.

DarkSide, which was released in August 2020, openly admitted that its malware was used by employees in the case of the Colonial Pipeline attack. The group is transformed into a modern internet Robin Hood – making money with the rich and even donating to charity.

Ransomware platforms, like the one used in the Colonial Pipeline attack, often operate in a double or triple extortion routine, charging for both the decryption key to unlock the company’s files and servers and a ransom to destroy something stolen Data.

The organization is part of a long-known criminal group in the cybersecurity world from Russia and the countries of the former Soviet Union, as well as from North Korea, China, Syria and Iran.

Today’s Leading Online Gang – REvil

Ransomware group REvil is currently attracting attention due to the ongoing Kaseya incident as well as another recent attack on global meat processing company JBS. This group was particularly active in the 2020-2021 period.

In April, REvil stole specs on unreleased Apple products from Quanta Computer, a Taiwanese company that assembles Apple laptops. A ransom of $ 50 million was requested to prevent the stolen data from being published. It is not yet known whether this amount has been paid or not.

Today’s Top Online Gang – Clop

Clop ransomware was developed in 2019 by a group of financial firms responsible for raising half a billion dollars.

The unmistakable way of running the Clop Group is “double blackmail”. It targets organizations with a ransom in exchange for a decryption key that will restore the organization’s access to stolen data. However, the targets would then have to pay an additional ransom in order not to make the data public.

Historical examples show that companies that pay a one-time ransom are more likely to pay it back in the future. So hackers tend to target the same organization and ask for more money each time.

This could mean teaching someone how to combine Distributed Denial of Service (DDoS) attacks and ransomware to put pressure on the negotiations. Ransomware would prevent a company from working with past and current orders, while a DDoS attack would block all new orders.

Today’s Leading Online Gang – The Syrian Electronic Army

The Syrian Electronic Army has carried out online attacks to promote political propaganda since 2011. With this motive, they were called the warring group.

Although the group has ties to Bashar al-Assad’s regime, it is more comprised of online citizens trying to become a media outlet for the Syrian military.

Their technique is to spread fake news through reputable sources. In 2013, a single tweet they sent from the official account of the world’s leading news agency, the Associated Press, had the effect of wiping billions of dollars from the stock market.

Today’s Top Online Gang – FIN7

FIN7, another group based in Russia, is arguably the most successful online crime organization of all time. The group has been active since 2012 and mainly operates as a company.

FIN7 specializes in attacking companies in order to gain access to financial data or PoS infrastructure. The group operates with sophisticated social engineering online phishing campaigns. For example, before sending malicious documents, they can exchange dozens of normal messages with their victims to ward them off.

In most of the cases, the attacks use malicious documents with macros to install malware on the victim’s computer and scheduled tasks to keep it working continuously. Then it receives the modules and executes them in system memory. In particular, we saw modules for crawling, downloading additional malware, taking screenshots, and storing another instance of the same malware in the registry (if the first was detected). Of course, cyber criminals can create additional modules at any time.

In early 2017, FIN7 was accused of being behind an attack on companies that had made records available to the US Securities and Exchange Commission. This confidential information was mined and used for ransom money, which was then invested in the stock market.

Join our Facebook group and Telegram group Coincu News to chat with more than 10,000 other people and exchange information about the crypto currency market.

Important NOTE: All content on the website is for informational purposes only and does not constitute investment advice. Your money, the choice is yours.

CoinX

Recent Posts

Crypto PAC Fairshake Continues to Boost 2026 Election With Support from a16z

a16z and Coinbase have pledged substantial funds to crypto PAC Fairshake, aiming to support crypto-friendly…

40 mins ago

Bitcoin, Ethereum, And Solana Lead Crypto Market, But Not For Long With New AI Altcoin With 30,000% Potential, Expert Says

Bitcoin (BTC), Ethereum (ETH), and Solana (SOL) dominate the crypto market, but experts warn that…

4 hours ago

Dogecoin Price Prediction: Will DOGE Ever Hit $0.7 Again? Why ETFSwap (ETFS) Is The Best Alternative For 100x Gains

Discover the future as the Dogecoin price aims for a $0.7 comeback and discover why…

7 hours ago

Step into BlockDAG’s Presale Frenzy This November: Secure a Massive 100% Bonus with BDAG100!

November is the perfect time for BlockDAG's huge presale. Use BDAG100 to double your purchase.…

9 hours ago

This website uses cookies.