RansomHouse: Bug bounty hunters gone rogue?

2022-05-24 10:48

A new cybercrime outfit that calls itself RansomHouse is attempting to carve out a niche of the cyber extortion market for itself by hitting organizations, stealing their data, and offering to delete it and provide a full report on how and what vulnerabilities were exploited in the process - all for a fee, of course.

"The thing is that, at least according to what they claim, RansomHouse's sole purpose is not to act as another ransomware group, but rather to act as a pentesting/bug bounty group that forces their services on whoever does not take organizational security seriously enough," Cyberint researchers told Help Net Security.

"The no-encryption approach is a technique we have seen on the rise lately, although its effect is not always what the threat groups might hope for," the researchers told Help Net Security.

Though RansomHouse claims not to encrypt targets' data, on their "Naming and shaming" site they explicitly say that they used encrypted the data of each of the victims.

The researchers believe the discrepancy might be down to the group being still in "The stage where they are adopting their threat group's identity, thus trying few techniques each victim."

By analyzing the contents of the group's Telegram channels, the researchers believe the group might have a blue and red team background and might even be disgruntled bug bounty hunters.

News URL

https://www.helpnetsecurity.com/2022/05/24/ransomhouse-data-extortion/

#bounty #bugbounty

News URL

Related news