Security News > 2023 > July > Ransomware Affiliates, Triple Extortion, and the Dark Web Ecosystem
Ransomware has been an acute concern for organizations for more than a decade, but one of the more recent trends we see is that groups are now setting up infrastructure, but outsourcing actual infection to "Affiliates" who effectively act as contractors to the Ransomware as a Service group and split the profits at the end of a successful attacks.
A ransomware group encrypts a company's data, but first exfiltrates data, which is posted on ransomware blogs on a certain date if the victim doesn't pay.
In 2023, we've already seen more than 2,000 data leaks on ransomware blogs in the first six months of the year, making it likely 2023 will be a record year for ransomware data disclosure.
The rise of triple extortion ransomware also directly coincides with another significant change in the threat landscape: the rise of infostealer malware.
Ransomware affiliates can easily shop for ransomware via specialized forums, then look for initial access via infected device logs posted to public Telegram channels or listed for sale on Russian or Genesis Markets.
Ransomware groups can also use stealer logs as part of triple extortion attacks.
News URL
Related news
- Ransomware hits web hosting servers via vulnerable CyberPanel instances (source)
- Dark web crypto laundering kingpin sentenced to 12.5 years in prison (source)
- What Is the Dark Web? (source)
- What It Costs to Hire a Hacker on the Dark Web (source)
- Russia sentences Hydra dark web market leader to life in prison (source)
- Russia gives life sentence to Hydra dark web kingpin after seizing a ton of drugs (source)
- Scumbag gets 30 years in the clink for running CSAM dark-web chatrooms, abusing kids (source)