Russian ransomware gangs launch recruitment drive

Russian ransomware gangs launch recruitment drive

Russian ransomware gangs launch recruitment drive

According to new research, pentesters are in high demand on a Russian-language hacking forum.

Several Russian hacking groups appear to be looking to recruit penetration testers, according to new research published by Cato Networks’ Cyber ​​Threats Research Lab (CTRL).

Several members of the RAMP (Russian Anonymous Marketplace) hacking forum have been offering positions as penetration testers in various ransomware affiliate programs, such as Rabbit Hole, Lynx, and Apos.

The data comes from the Cato CTRL SASE Threat Report Q3 2024which was created from an analysis of over 1.4 million network flows from 2,500 customers and careful monitoring of human intelligence on darknet markets.

“Ransomware is one of the most pervasive threats in the cybersecurity landscape. “It affects everyone – businesses and consumers – and threat actors are constantly trying to find new ways to make their ransomware attacks more effective,” said Etay Maor, chief security strategist at Cato Networks, in a statement.

“In it Cato CTRL SASE Threat Report Q3 2024We highlight a tendency for ransomware gangs to recruit penetration testers. “We believe this is to test if their ransomware works for future attacks.”

Cato researchers also found multiple cases of ransomware being offered for sale on the forum. One post, mainly in Russian, offers the source code of a locker for $45,000, while another post, this time in English, sells the Makop ransomware for a price negotiable via direct message.

The ransomware includes custom ransom notes and wallpapers, a user manual, custom key generation, and extensive build notes.

Shadow AI is a problem

Cato also found that the use of shadow AI applications, which employees use without authorization or supervision, is a serious security threat. Ten apps in particular were of concern: Bodygram, Craiyon, Otter.ai, Writesonic, Poe, HIX.AI, Fireflies.ai, PeekYou, Character.AI and Luma AI.

“Shadow AI is a major threat that will emerge in 2024,” Maor said.

“Organizations should be aware of the unauthorized use of AI applications and the dangers of allowing employees to inadvertently expose sensitive information.”

Leave a Reply

Your email address will not be published. Required fields are marked *