Press ESC to close

‘CyberVolk’ Hacktivists use Ransomware in support of Russian interests

Category Details
Threat Actors CyberVolk (formerly Gloriamist India, leader known as Hacker-K, potentially of Indian origin).
Campaign Overview Hacktivist group targeting state and public entities in countries opposing Russian interests, deploying ransomware and info-stealing malware.
Target Regions Japan, France, U.K.
Targeted Sectors Critical infrastructure facilities, scientific institutions, government entities.
Malware Reference CyberVolk’s ransomware derived from AzzaSec’s leaked source code, includes info-stealing malware.
Tools Used Ransomware (derived from AzzaSec), info-stealing malware, DDoS attacks, HexaLocker, Parano, LockBit, Chaos.
Vulnerabilities Exploited No specific vulnerabilities mentioned in the text.
TTPs – DDoS attacks
– Ransomware deployment
– Info-stealing via Discord
– Cryptocurrency wallet data exfiltration
Attribution Hacktivist group possibly based in India, aligned with pro-Russian and anti-Israel hacktivist movements.
Recommendations – Monitor for ransomware attacks targeting critical sectors.
– Block Discord traffic to prevent data exfiltration.
– Use behavioral analysis to detect unusual ransomware activity.
Source The Record

Read full article: https://therecord.media/cybervolk-india-hacktivists-russia-ransomware

Disclaimer: The above summary has been generated by an AI language model

Source: The Record

Published on: November 26, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *