BTC $107516.3811
ETH $2432.1742
XRP $2.1926
BNB $647.2914
SOL $146.7033
TRX $0.2740
DOGE $0.1632
stETH $2430.9662
ADA $0.5626
WBTC $107381.9720
HYPE $37.0061
wstETH $2924.7617
BCH $497.1504
SUI $2.7235
LINK $13.1625
USDS $0.9998
LEO $9.0615
WBT $46.0960
ONDO $0.7527
AVAX $17.6618
XLM $0.2382
TON $2.8501
BTCB $107410.9410
WETH $2429.0611
LTC $85.5207
weETH $2600.3168
BSC-USD $0.9993
HBAR $0.1478
XMR $313.8758
BGB $4.6857
USDE $1.0010
CHEEL $5.2927
DOT $3.3520
PI $0.5337
UNI $6.9580
PEPE $0.0000
AAVE $256.5767
DAI $0.9996
APT $4.7897
OKB $50.1521
TAO $326.8974
CBBTC $107449.8467
NEAR $2.1064
ICP $4.7528
CRO $0.0808
ETC $16.1982
JITOSOL $176.8912
BTC $107516.3811
ETH $2432.1742
XRP $2.1926
BNB $647.2914
SOL $146.7033
TRX $0.2740
DOGE $0.1632
stETH $2430.9662
ADA $0.5626
WBTC $107381.9720
HYPE $37.0061
wstETH $2924.7617
BCH $497.1504
SUI $2.7235
LINK $13.1625
USDS $0.9998
LEO $9.0615
WBT $46.0960
ONDO $0.7527
AVAX $17.6618
XLM $0.2382
TON $2.8501
BTCB $107410.9410
WETH $2429.0611
LTC $85.5207
weETH $2600.3168
BSC-USD $0.9993
HBAR $0.1478
XMR $313.8758
BGB $4.6857
USDE $1.0010
CHEEL $5.2927
DOT $3.3520
PI $0.5337
UNI $6.9580
PEPE $0.0000
AAVE $256.5767
DAI $0.9996
APT $4.7897
OKB $50.1521
TAO $326.8974
CBBTC $107449.8467
NEAR $2.1064
ICP $4.7528
CRO $0.0808
ETC $16.1982
JITOSOL $176.8912
  • Catalog
  • Forum
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Cyber Boomerang Law: The Lorenz extortion group was a victim of its own leak

    Every person who made contact with the hackers over a two-year period had their information publicly available.

    The Lorenz ransomware group unintentionally released the information of everyone who attempted to contact it over the previous two years via an online form on a dark website. Names, email addresses, and query subjects are all included in this data.

    An anonymous security researcher by the name of Htmalgae found the issue. He published the extracted data on GitHub after documenting the backend code leak.

    The Lorenz team made a mistake when configuring the Apache2 web server, which is what led to the incident.

    "A mistake was made in the configuration of the Apache2 web server by someone from Lorenz. The login form was exposed as a result, according to Htmalgae. This leak is probably among the easiest ones I've ever discovered. During my daily scan of ransomware websites, I came across a broken Lorenz contact form. All I had to do was copy the file's address from the source code of the page.

    Additionally, Htmalgae made it clear that although Lorenz temporarily disabled access to their contact form, the root issue "remain[ed] unresolved." Users can still send requests to the website, even though hackers no longer receive them.

    Even the possibility of a leak could damage the group's reputation among cybercriminals and result in arrests.

    In 2021, Lorenz first came to the attention of the experts. According to one theory, their ransomware is a variant of the.sZ40 strain, which was identified in October 2020. This strain in turn has something to do with the 2017 ThunderCrypt initiative.

    Hackers frequently employ a technique called "double ransom." The devices themselves are encrypted after files have been compromised. This strategy prevents the victim from using backup copies to restore information and avert negotiations with the criminals.

    The organization is also referred to as an IAB (initial access broker). Simply put, it allows other cybercriminals to purchase access to the corporate networks of the companies that have been attacked.

    The threat level posed by Lorenz is rated as "high" by Cybereason, highlighting the destructiveness of their behavior. The hackers allegedly employ extremely sophisticated techniques when attacking each company, using a "special approach."

    Despite its activity, Lorenz did not rank among the top extortion organizations in 2023. Only 16 victims were listed on their website in 10 months.

    Author reign3d
    The HelloKitty ransomware's creators published the malware's source code online
    Cloud provider Blackbaud will pay $49.5 million for its security negligence

    Comments 0

    Add comment