Wizard Spider hackers hire cold callers to scare ransomware victims into paying up

Researchers have exposed the inner workings of Wizard Spider, a hacking group that pours its illicit proceeds back into the criminal enterprise.

On Wednesday, PRODAFT published the results of an investigation into Wizard Spider, believed to either be or be associated with the Grim Spider and Lunar Spider hacking groups.

According to the cybersecurity firm, Wizard Spider, likely Russian in origin, runs an infrastructure made up of a “complex set of sub-teams and groups, [..] has huge numbers of compromised devices at its command and employs a highly distributed professional workflow to maintain security and a high operational tempo.”

Today’s more sophisticated cybercriminal operations, whether purely for profit or working for state interests — as with many advanced persistent threat (APT) groups — often operate business-style models. This includes hiring top talent and creating a financial framework to deposit, transfer, and launder proceeds.

In Wizard Spider’s case, this also means pouring some of its profits back into development with investments in tools and software, and paying for new hires. The report suggests that the group commands “hundreds of millions of dollars in assets.”

“The group’s extraordinary profitability allows its leaders to

Read More: https://www.zdnet.com/article/wizard-spider-hacking-group-hires-cold-callers-to-scare-ransomware-victims-into-paying-up/#ftag=RSSbaffb68