Russian ransomware gangs launch recruitment campaign

Russian ransomware gangs launch recruitment campaign

Russian ransomware gangs launch recruitment campaign

Pen testers are in high demand on a Russian-language hacking forum, according to a new study.

Several Russian hacker groups appear to be looking to recruit penetration testers, according to a new study published by Cato Networks’ Cyber ​​Threat Research Lab (CTRL).

Several members of the hacking forum RAMP – Russian Anonymous Marketplace – have offered positions to penetration testers in various ransomware affiliate programs such as Rabbit Hole, Lynx, and Apos.

The data comes from the Cato CTRL SASE Threat Report Q3 2024which was built from an analysis of more than 1.4 million network flows from 2,500 customers and careful monitoring of darknet markets by human intelligence.

“Ransomware is one of the most pervasive threats across the cybersecurity landscape. This affects everyone – businesses and consumers – and bad actors are constantly trying to find new ways to make their ransomware attacks more effective,” said Etay Maor, chief security strategist at Cato Networks, in a press release.

“In the Cato CTRL SASE Threat Report Q3 2024we highlight a trend of ransomware gangs recruiting pen testers. We believe this is to test whether their ransomware works for future attacks.

Cato researchers also discovered several cases of ransomware offered for sale on the forum. One post, largely in Russian, offers the locker’s source code for US$45,000, while another post, this time in English, sells Makop ransomware for a negotiable price via direct message.

The ransomware offers custom ransom notes and wallpapers, user manual, custom key generation, and detailed build notes.

Shadow AI is a problem

Cato also found that the use of shadow AI applications, which employees use without authorization or oversight, poses a serious security threat. Ten apps in particular were of concern: Bodygram, Craiyon, Otter.ai, Writesonic, Poe, HIX.AI, Fireflies.ai, PeekYou, Character.AI, and Luma AI.

“Ghost AI is a major threat emerging in 2024,” Maor said.

“Organizations need to be aware of unauthorized use of AI applications and the dangers of letting employees inadvertently expose sensitive information. »

ASD Annual Cyber ​​Threat Report Reveals Decline in Reported Cybercrimes

ASD Annual Cyber ​​Threat Report Reveals Decline in Reported Cybercrimes

In defense of AI hallucinations

In defense of AI hallucinations

Leave a Reply

Your email address will not be published. Required fields are marked *