Ransomware Gangs & Data Leaks |

Ransomware Gangs & Data Leaks

Ransomware Gangs & Data Leaks.

Cyber-extortion "Ransomware" is a thriving trillion-dollar industry run by organized crime syndicates from different countries.

They are Black Hat hackers and programmers, creating software with the intention of infecting computers and the entire internal infrastructure of big businesses to hospitals.

Many of these Ransomware groups are using affiliate programs, meaning they don't need to do the dirty work themselves, they get paid by the affiliates, once they get paid a ransom.

Their normal procedure is to seek out a target, find a vulnerability to exploit, use phishing or social engineering to get some poor smuck to give them access to the system.

Exfiltrate Data.
Encrypt the systems files.
Extort the target and negotiate a ransom fee.

So what happens if you do not pay them?

Usually, they will start releasing a portion of the stolen data on their DarkWeb site or in some cases release the data on the open Internet. Fact is that some groups have started to use P2P - File sharing via torrents, making the damage even greater to businesses that choose not to pay.

Here we will list some groups that makes use of P2P:

CL0P - Russian/Ukrainian group:

None of the businesses listed here, need to worry about the P2P file sharing. The Magnet links provided on their Dark Web site has 2 peers and 0 seeders, meaning not even the METADATA gets downloaded. If someone has downloaded these torrents, while they were working, the leaks will most likely be either sold or published for free download on forums like Breached.

The group no-longer offer DarkWeb downloads.

Listed below are some of their victims that leaked via torrents:

However the listed below has 0 seeders, so their data isn't spread via P2P anymore. Most of them are US-based, but a couple of French, German and one Brazilian.