Security News > 2023 > December > Cyber sleuths reveal how they infiltrate the biggest ransomware gangs

Cyber sleuths reveal how they infiltrate the biggest ransomware gangs
2023-12-22 15:55

Regardless, many are skeptical of the ransomware group's explanation that a "Hardware fault" was to blame, and rumors that police infiltrated the ring are still wafting throughout the industry.

It's generally understood, by the good guys and the bad, that the cybercrime underworld is teeming with researchers trying to unearth secrets from ransomware groups and as a result, it's becoming a vastly more difficult feat to infiltrate them.

RaaS managers will quiz potential affiliates on the ransomware landscape generally, and how other groups operate, discussing unconventional tactics, techniques, and procedures, the researchers say.

The Qilin operation also revealed a lucrative payment structure, as well as an inside look at how affiliates build their custom ransomware payload using the group's builder.

Researchers who can't ever fully earn the trust of criminals by becoming one of them will never secure the long-term access to a RaaS group that's required to understand how it operates on a deep level.

"Such information helps understand the specific capabilities of gangs' builders, how malicious actors make payments to group owners, what manuals RaaS owners provide to affiliates, and track malicious infrastructure," its threat intel team says.


News URL

https://go.theregister.com/feed/www.theregister.com/2023/12/22/how_to_infiltrate_ransomware_gangs/