Ransom Cartel is a ransomware-as-a-service (RaaS) operation that first emerged around December 2021. The group's activities gained significant attention due to its highly aggressive double extortion tactics, which include not only encrypting data and threatening to publish stolen information on a leak site, but also threatening to send sensitive data to victims' partners, competitors, and news outlets to maximize reputational damage. Ransom Cartel exhibits notable code similarities and technical overlaps with the REvil ransomware, leading to speculation that its operators had access to earlier REvil source code after REvil's disappearance. While the group shares characteristics with other ransomware groups, its specific and aggressive public shaming strategy helps distinguish it. The operation was reportedly founded by Maksim Silnikau, a Belarusian-Ukrainian national.

URLs nuevas detectadas en IntelTracker