I've recently came across to a small Bulgarian-themed ransomware group known as Ransomed VC that appears to be targeting and increasing the targeting of Bulgarian-based Web sites and demanding ransom in exchange for not disclosing the information that they obtained using a compromise of their infrastructure.
The group appears to be cooperating with another group known as Everest Ransomware Group.
Related details:
admin[.]ransomed.vc
hxxp://t.me/RansomedSupport
hxxp://k63fo4qmdnl4cbt54sso3g6s5ycw7gf7i6nvxl3wcf3u6la2mlawt5qd.onion/
hxxp://f6amq3izzsgtna4vw24rpyhy3ofwazlgex2zqdssavevvkklmtudxjad.onion/
TOX: 192D52C7C18F3D2693ED2453E64C53EC0CCF0255AB2291F019B65BA84442B313C410DE132E59
hxxp://twitter.com/RansomedVC
hxxp://t.me/USISAutoLookupBot
Related domains known to have been involved in the campaign include:
hxxp://breached.wiki - 172.232.4.89
hxxp://breached.fun - 162.255.119.114
No comments:
Post a Comment