‘Snatch’ Ransom Group Exposes Visitor IP Addresses

Credit to Author: BrianKrebs| Date: Wed, 27 Sep 2023 11:48:37 +0000

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams, Adobe Reader, Mozilla Thunderbird, and Discord.

Read more

Who’s Behind the 8Base Ransomware Website?

Credit to Author: BrianKrebs| Date: Tue, 19 Sep 2023 02:12:53 +0000

The victim shaming website operated by the cybercriminals behind 8Base — currently one of the more active ransomware groups — was until earlier today leaking quite a bit of information that the crime group probably did not intend to be made public. The leaked data suggests that at least some of website’s code was written by a 36-year-old programmer residing in the capital city of Moldova.

Read more