In face of so many new ransomware brands, and still remaining RaaS operations such as Medusa, Qilin, and DragonForce, prioritizing is not an easy task to accomplish. However, despite the amount of groups conducting attacks for extortion, the TTPs do not change that much; unless we are talking about Cl0p, Akira and other groups that pose a high risk.
Therefore, to prevent your company from falling prey to opportunists looking for such low-hanging companies to attack, Group-IB’s Threat Intelligence Team decided to write a very straightforward report on TTPs of The Gentlemen; whose TTPs overlap with techniques of other financially motivated threat actors conducting intrusions for extortion. The information shared in this blog comes from intrusion analysis and underground private sources monitored by Group-IB’s Threat Intelligence Team. Thus, the information has a high confidence level.
Read more…
Source: Group IB
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- UK: Staff details stolen in poultry factory cyber attack
August 28, 2024
Staff at a poultry factory in Norfolk have had their personal details stolen in a cyber attack. Banham Poultry, based in Attleborough, said criminals had remotely accessed its system in the early hours of 18 August. In an email sent to staff, seen by the BBC, the company said information such as National Insurance numbers, copies ...
- Interpol busts Black Axe global crime network, arrest over 300
August 28, 2024
The International Criminal Police Organisation (INTERPOL) Police units had in a coordinated action in 21 countries between April and July 2024 arrested over 300 people with links to Nigerian criminal group Black Axe and other affiliated groups. In a statement, Interpol said operation “Operation Jackal III” led to hundreds of arrests, the seizure of assets worth ...
- Hunters International ransomware gang threatens to leak US Marshals data
August 27, 2024
The Hunters International ransomware group is threatening to leak what it claims to be 386 GB of data from the U.S. Marshals Service (USMS), more than a year after the federal law enforcement agency suffered a major ransomware attack. The gang claims the data, comprising more than 327,000 files, includes “Top Secret” documents, gang files, information ...
- Unveiling Mobile App Vulnerabilities: How Popular Apps Leak Sensitive Data
August 27, 2024
In an increasingly digital world, the importance of mobile security cannot be overstated. With millions of apps available on Google’s Play Store and Apple’s App Store, users trust developers to safeguard their personal information. Unfortunately, this trust is often misplaced. A key step in preventing unauthorized access to user data is encryption, especially when it comes ...
- SMS scammers use toll fees as a lure
August 27, 2024
In April 2024, the FBI warned about a new type of smishing scam. Smishing is the term we use for phishing attacks sent via text message. This particular smishing scam tries to trick users into clicking a link by telling them they owe a “small amount” in toll fees. The scammers send a text claiming that ...
- Cyber attacks on law firms jumped by 77% over the past year
August 27, 2024
The number of successful cyber attacks against UK law firms rose by 77% in the past year to 954, up from 538 the year before, according to a new study of the threat. Chartered accountants Lubbock Fine said that the wave is driven by criminals seeing law firms as prime targets for ransomware attacks or blackmail. This ...