{"id":6406,"date":"2021-07-08T14:44:25","date_gmt":"2021-07-08T14:44:25","guid":{"rendered":"http:\/\/TheNextWeb=1359800"},"modified":"2021-07-08T14:44:25","modified_gmt":"2021-07-08T14:44:25","slug":"most-wanted-the-top-5-online-crime-gangs-running-ransomware","status":"publish","type":"post","link":"https:\/\/www.londonchiropracter.com\/?p=6406","title":{"rendered":"Most wanted: The top 5 online crime gangs running ransomware"},"content":{"rendered":"\n

On the internet, nobody knows you\u2019re a dog!<\/em><\/p>\n

These words from Peter Steiner\u2019s famous cartoon<\/a> could easily be applied to the recent ransomware attack<\/a> on Florida-based software supplier Kaseya.<\/p>\n

Kaseya provides software services to thousands of clients around the world. It\u2019s estimated between 800 and 1,500 medium to small businesses<\/a> may be impacted by the attack, with the hackers demanding US$50 million (lower than the previously reported US$70 million<\/a>) in exchange for restoring access to data being held for ransom.<\/p>\n

\n

Hackers behind this attack, REvil #ransomware<\/a>-as-a-service (RaaS) group, swiftly lowered the asking price to $50 million, suggesting a willingness to negotiate their demands in return for a lesser amount.<\/p>\n

\u2014 The Hacker News (@TheHackersNews) July 6, 2021<\/a><\/p>\n<\/blockquote>\n

The global ransomware attack has been labeled<\/a> the biggest on record. Russian cybercriminal organization REvil is the alleged culprit.<\/p>\n

Despite its notoriety, nobody really knows what REvil is, what it\u2019s capable of, or why it does what it does \u2014 apart from the immediate benefit of huge sums of money. Also, ransomware attacks often involve vast distributed networks, so it\u2019s not even certain the individuals involved would know each other<\/a>.<\/p>\n

Ransomware attacks are growing exponentially<\/a> in size and ransom demand \u2014 changing the way we operate online. Understanding who these groups are and what they want is critical to take them down.<\/p>\n

Here, we list the top five most dangerous criminal organizations currently online. As far as we know, these rogue groups aren\u2019t backed or sponsored by any state<\/a>.<\/p>\n

DarkSide<\/h2>\n

DarkSide is the group behind the Colonial Pipeline<\/a> ransom attack in May, which shut down the US Colonial Pipeline\u2019s fuel distribution network, triggering gasoline shortage concerns.<\/p>\n

The group seemingly first emerged in August last year. It targets large companies<\/a> that will suffer from any disruption to their services \u2014 a key factor, as they\u2019re then more likely to pay a ransom. Such companies are also more likely to have cyber insurance<\/a> which, for criminals, means easy money-making.<\/p>\n

DarkSide\u2019s business model is to offer a ransomware service<\/a>. In other words, it carries out ransomware attacks on behalf of other, hidden perpetrator\/s so they can lessen their liability. The executor and perpetrator then share profits.<\/p>\n

Groups that offer cybercrime-as-a-service also provide online forum communications to support others who may want to improve their cybercrime skills.<\/p>\n

This might involve teaching someone how to combine distributed denial-of-service (DDoS) and ransomware<\/a> attacks, to put extra pressure on negotiations. The ransomware would prevent a business from working on past and current orders, while a DDoS attack would block any new orders.<\/p>\n

REvil<\/h2>\n

The ransomware-as-a-service group REvil is currently making headlines due to the ongoing Kaseya incident, as well as another recent attack on global meat processing company JBS<\/a>. This group has been particularly active in 2020-2021.<\/p>\n

\n

<\/i><\/a>REvil\u2019s HappyBlog web site showing US$70m ransom demand. Author provided<\/figcaption>