Databreach Today -
Critical Infrastructure Security , Cybercrime , Cybercrime as-a-service
Babuk Ransomware Spinoff Seeks Recruits for More Opportunistically Driven Cybercrime Mathew J. Schwartz (euroinfosec) • September 9, 2021 Overview of the RAMP cybercrime forum, which has announced the launch of Groove (Source: Advanced Intelligence)
If a ransomware operation says it’s gone or otherwise appears to be defunct, can it ever be said to have truly died?
See Also: Top 50 Security Threats
The short answer, barring everyone in the operation involved getting arrested, would appear to be no. That’s because the thriving ransomware ecosystem involves not only administrators and developers who run specific operations, but also affiliates who take the ransomware and infect victims, and then share in the proceeds.
When one ransomware operation goes quiet, affiliates seek new ones. Furthermore, some affiliates have become so highly skilled that they’re chafing against what has