SOCRadar® Cyber Intelligence Inc. | Dark Peep #12: The Ransomware Group That Never Was


Mar 08, 2024
6 Mins Read

Dark Peep #12: The Ransomware Group That Never Was

Welcome to Dark Peep #12, where we dive into the latest cyber escapades reminiscent of tales from the Wild West. This edition is packed with stories of virtual showdowns and digital outlaws making their mark in the vast online frontier.

Strap yourself in as we spotlight the notorious BreachForums. It’s where information is the currency, and reputations are built and dismantled in the blink of an eye. But the main spectacle of this issue is the enigmatic Mogilevich—a group that swaggered onto the digital stage, promising chaos and delivering… well, let’s just say they ended up more infamous for their exit than their exploits.

An illustration of SOCRadar Dark Web Team (Created by OpenAI’s DALL-E), Dark Peep #12

An illustration of SOCRadar Dark Web Team (Created by OpenAI’s DALL-E)

Mogilevich’s journey from a feared newcomer to a footnote in cyber lore is a stark reminder: the internet is still a place where anything goes, and notoriety can be as volatile as a tumbleweed in a tornado.

So grab your sliced apple and secure your Wi-Fi because Dark Peep #12 will show you that the internet is the most unpredictable series ever streamed. Welcome to the show!

Impending Doom for BreachForums?

USDoD's warning to other threat actors.

USDoD’s warning to other threat actors.

USDoD, a threat actor on BreachForums, warned about the site’s future starkly. Citing unusual activity similar to that before the takedowns of RaidForums and BreachForums’ first version, he predicts a major international law enforcement operation could dismantle BreachForums by mid-year. He notes a pattern of federal actions in the early months and advises caution, hinting at an inevitable crackdown. “Keep your eyes open. Something is coming,” he advises, signaling a tense period ahead for the forum’s users.

Anonymous Sudan Adopts New DDoS Service: infraShutdown

Announcement of InfraShutdown and Anonymous Sudan

Announcement of InfraShutdown and Anonymous Sudan

Anonymous Sudan just got their hands on a new toy: a DDoS-for-hire service named InfraShutdown. They announced this change on February 24 and have indicated that InfraShutdown has been used in all their recent attacks. But wait, there’s more! Fancy launching your own cyber fireworks? They are offering InfraShutdown as a rental service to others.

And for their next trick, they’ve opened a Telegram donation page. Yep, the hacktivists are passing around the digital hat.

FBI Roleplay? LockBitSupp’s Unusual Encounter on Hacker Forum

Threat post on hacker forum

Threat post on hacker forum

In a curious turn of events on BreachForums, LockBitSupp, the admin behind the notorious LockBit ransomware, received threats from someone claiming to be the FBI. Far from the usual forum drama, this wasn’t about USDoD’s gloomy forecasts but more like a bizarre case of cyber cosplay gone too far.

Mogilevich: The Ransomware Group That Never Was

Mogilevich's confession

Mogilevich’s confession

Mogilevich hit the cyber scene like a storm, grabbing headlines by claiming big industry names as victims. Their secret sauce? A spicy mix of human excitement and the viral power of X (Twitter). But just when everyone was tuning in for their next move, Mogilevich threw a curveball – “We’re scammers.”

This episode flips the script on cyber drama, reminding everyone that in the world of online whispers and warnings, taking rumors at face value is like believing every fish story.

Blackout Ransomware Targets Canadian and French Organizations

Blackout’s dark web platform

Blackout’s dark web platform

Blackout ransomware has targeted a Canadian metallurgical company and a French healthcare provider, marking its entry into the cyber threat scene. Unlike the recent Mogilevich group, which turned out to be a scam, Blackout is playing a different, more damaging game. The group claims to have encrypted over 100 servers and workstations at a French medical institution and exfiltrated data of more than 900,000 patients, including personal and medical information.

Russian Telegram Groups Get Zapped

An illustration of the banning of a Telegram channel linked to Russian threat actors.

An illustration of the banning of a Telegram channel linked to Russian threat actors.

When Telegram showed the door to Killnet 2.0, Anonymous Russia, and CombatOsint, they shrugged it off with a smirk. Apparently, the outcry from liberal circles and international media was behind the purge. Yet, these groups aren’t losing sleep over it. They hinted at having a plan B, ready to regroup and reconnect with their audience faster than you can say “reboot.” It’s a classic case of digital resilience – a testament to the cat-and-mouse game in the cyber realm.

Conclusion: Riding Off into the Cyber Sunset

In the rugged landscape of the digital Wild West, where outlaws roam freely and threats lurk in the shadows, organizations need a trusted ally to navigate the treacherous terrain. Enter SOCRadar, the stalwart sheriff of Dark Peep #12. With its unparalleled Dark & Deep Web Monitoring solution, SOCRadar empowers organizations to tame the outer reaches of cyberspace, identifying and mitigating threats with the precision of a gunslinger’s aim.

In this era of digital showdowns and cyber escapades, SOCRadar stands as a beacon of security, ensuring that organizations can ride off into the sunset knowing that their digital frontiers are safeguarded against even the most cunning adversaries.

SOCRadar Dark Web News

SOCRadar Dark Web News