GhostSec & Stormous Launched Twin Ransomware Attacks
A hacking group has evolved with a new ransomware variant known as GhostLocker 2.0.
This group, in collaboration with the Stormous ransomware operators, has initiated double extortion ransomware attacks targeting various businesses globally.
The joint efforts of GhostSec and Stormous have led to the creation of a new ransomware-as-a-service program named STMX_GhostLocker, offering diverse options for their affiliates.
Global Impact of Ransomware Attacks
The victimology of these attacks spans across multiple countries, including Cuba, Argentina, Poland, China, and many others.
Malware analysis can be fast and simple. Just let us show you the way to:
- Interact with malware safely
- Set up virtual machine in Linux and all Windows OS versions
- Work in a team
- Get detailed reports with maximum data
If you want to test all these features now with completely free access to the sandbox: ..
These cybercriminal activities have affected victims in different business sectors, as disclosed by the groups in their Telegram channels.
Notably, GhostSec has been actively targeting Israel’s industrial systems and critical infrastructure, with reported attacks on organizations like the Ministry of Defense in Israel.
Using the GhostLocker and StormousX ransomware malware, Talos discovered that the GhostSec and Stormous gangs were collaborating on several double extortion assaults.
Evolution of GhostLocker Ransomware
GhostSec introduced an upgraded version of their ransomware called GhostLocker 2.0, showcasing continuous development efforts with plans for further iterations like GhostLocker V3.
The ransom note strategy has evolved to include instructions for victims…