Security News > 2021 > November > Russian ransomware gangs start collaborating with Chinese hackers

These attempts to enlist Chinese threat actors are mainly seen on the RAMP hacking forum, which is encouraging Mandarin-speaking actors to participate in conversations, share tips, and collaborate on attacks.

The researchers suggest that the most probable cause is that Russian ransomware gangs seek to build alliances with Chinese actors to launch cyber-attacks against U.S. targets, trade vulnerabilities, or even recruit new talent for their Ransomware-as-a-Service operations.

In the prior version of RAMP, he had intimated that he would be inviting Chinese threat actors to the forum, which appears to now be taking place.

Russian hackers attempting to collaborate with Chinese threat actors is not limited to the RAMP hacking forum as Flashpoint has also seen similar collaboration on the XSS hacking forum.

Based on prior history related to RAMP admins, Flashpoint underlines that there's always the possibility of this being simply a smokescreen, with no real Chinese users having joined RAMP. Last month, a RAMP admin known as 'Orange' or 'boriselcin' and who ran the "Groove" site, published a post calling on threat actors to attack the USA. After the media covered this post, including BleepingComputer, the Groove actor claimed that the operation was fake from the beginning and was created to troll and manipulate the media and security researchers.

RAMP was set up last summer by a core member of the original Babuk ransomware gang, aiming to serve as a new place to leak valuable data stolen from cyberattacks and recruit ransomware affiliates.

News URL

https://www.bleepingcomputer.com/news/security/russian-ransomware-gangs-start-collaborating-with-chinese-hackers/