BTC $55865.7639
ETH $3222.4858
BNB $400.6682
SOL $110.6842
XRP $0.5548
ADA $0.6230
AVAX $39.2767
DOGE $0.0896
TRX $0.1404
wstETH $3751.1765
LINK $19.0474
DOT $8.0594
WETH $3236.9354
MATIC $1.0625
UNI $10.5983
WBTC $55965.3668
IMX $3.3901
ICP $13.0143
BCH $300.6764
LTC $74.8911
CAKE $3.2355
FIL $8.1517
ETC $28.1561
RNDR $7.4096
KAS $0.1718
DAI $0.9979
HBAR $0.1117
ATOM $11.3293
VET $0.0491
INJ $36.5642
TON $2.1072
OKB $51.3395
LDO $3.5443
FDUSD $1.0015
STX $3.0723
ARB $1.9162
NEAR $4.0168
XMR $131.7677
TIA $17.0755
XLM $0.1186
GRT $0.2823
ENS $22.2643
THETA $2.1117
MKR $2155.4331
WEMIX $2.1023
APEX $2.4575
BEAM $0.0357
BTC $55865.7639
ETH $3222.4858
BNB $400.6682
SOL $110.6842
XRP $0.5548
ADA $0.6230
AVAX $39.2767
DOGE $0.0896
TRX $0.1404
wstETH $3751.1765
LINK $19.0474
DOT $8.0594
WETH $3236.9354
MATIC $1.0625
UNI $10.5983
WBTC $55965.3668
IMX $3.3901
ICP $13.0143
BCH $300.6764
LTC $74.8911
CAKE $3.2355
FIL $8.1517
ETC $28.1561
RNDR $7.4096
KAS $0.1718
DAI $0.9979
HBAR $0.1117
ATOM $11.3293
VET $0.0491
INJ $36.5642
TON $2.1072
OKB $51.3395
LDO $3.5443
FDUSD $1.0015
STX $3.0723
ARB $1.9162
NEAR $4.0168
XMR $131.7677
TIA $17.0755
XLM $0.1186
GRT $0.2823
ENS $22.2643
THETA $2.1117
MKR $2155.4331
WEMIX $2.1023
APEX $2.4575
BEAM $0.0357
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • The most dangerous hacker groups in 2022


    Let's summarize and find out who was notorious this year!

    Over the past year, the groups have broken up and re-formed, but one thing is certain - they continue to exist.

    Despite all efforts, the ransomware problem continues to grow, with a recent report from cybersecurity company Zscaler showing an 80% increase in ransomware attacks compared to last year. Key trends included dual ransomware, supply chain attacks, ransomware-as-a-service (RaaS), group rebranding, and geopolitically motivated attacks.

    For example, this year the well-known extortionist group Conti broke up, but its members have only moved forward, forming new gangs.

    Lockbit

    LockBit has been around since 2019 and is based on the RaaS model. The largest group, accounting for more than 4 out of 10 ransomware victims, according to GuidePoint Security. The LockBit hackers are believed to be linked to Russia.

    The LockBit 3.0 ransomware version was released in June and has already spread to 41 countries, according to Intel 471. The main targets are professional services, consulting and manufacturing, consumer and industrial goods, and real estate.

    In addition, LockBit has launched its own Bug Bounty program, offering up to $1 million to find vulnerabilities in its malware, leak sites, Tor network, or messaging service.

    Black Basta

    The Black Basta group first appeared this spring and attacked at least 20 companies in the first 2 weeks. The band is speculated to be made up of former members of Conti and REvil.

    Black Basta is currently running a campaign using QakBot malware, a banking trojan used to steal victims' financial data, including browser information, keystrokes, and credentials.

    Black Basta is believed to have hit about 50 organizations in the US in the last quarter, including the American Dental Association (ADA) and Canadian food retailer Sobeys. More than half of the group's targets were from the US.

    Hive

    Hive, the third most active ransomware group this year, focuses on the industrial sector as well as healthcare, energy and agriculture organizations. According to the FBI, hackers attacked 1,300 companies around the world, especially in the healthcare sector, and received about $100 million in ransom.

    In recent weeks, the group has claimed responsibility for an attack on Indian energy company Tata Power, posting the firm's data online, as well as several US colleges.

    Hive is believed to work with other ransomware groups and has its own customer support and sales teams. The group is also engaged in triple extortion.

    ALPHV/BlackCat

    ALPHV/BlackCat is one of the most sophisticated and flexible ransomware families based on the Rust programming language that has been around for about a year now. The group is believed to be made up of ex-members of the REvil Gang and are affiliated with BlackMatter (DarkSide).

    The group also operates on a RaaS model, exploiting known vulnerabilities or unprotected credentials and then conducting DDoS attacks to force the victim to pay a ransom. BlackCat hackers expose stolen data through their own search engine.

    The group's targets are critical infrastructure organizations, including airports, fuel pipeline operators and refineries, as well as the US Department of Defense.

    Ransom demands run into the millions, and even when the victim pays, the group does not always provide the promised decryption tools.

    Bian Lian

    A relatively new player that targets organizations in Australia, North America and the UK. The group is rapidly launching new command and control (C&C) servers onto the network, indicating that the hackers are planning to significantly increase activity.

    Like many other ransomware, BianLian is based on the Go language, which makes it highly flexible and cross-platform. According to Redacted, the group is made up of relatively inexperienced cybercriminals, as they are not familiar with the practical business aspects of ransomware and the logistics associated with it. The group's wide range of victims indicates that it is motivated by money rather than any political ideas.

    Other new groups

    The world of ransomware is constantly changing and several groups have changed their name: DarkSide is now BlackMatter, DoppelPaymer has become Grief, and Rook has changed its name to Pandora. In addition, new groups have appeared over the past year - Mindware, Cheers, RansomHouse and DarkAngels. We will probably hear about them next year.

    Author DeepWeb
    200 hundred bucks for US military secret biometrics
    Web Application Pentesting: Stages, Methods, and Impact on Cybersecurity

    Comments 0

    Add comment