Shake Up Within Top Ransomware Operations
In big ransomware news, NoEscape and BlackCat/ALPHV ransomware operations Tor websites were suddenly shut down and inaccessible without warning.
Affiliates of NoEscape reported the ransomware operators pulled off an elaborate exit scam and stole several deposits and payouts from their operators. NoEscape has arbitrage complaints on every major hacking forum and is also banned on XSS and Exploit.
NoEscape has shut down one time before and did release their victim’s decryption keys upon exiting the market. Only time will tell if that will be the case this time around also.
The BlackCat/ALPHV ransomware operations went dark for 5 days last week with their infrastructure offline, including their data leak and negotiation sites. Earlier this week, the data leak site returned but it was clean of all data. A few of the negotiation URLs are working, but many are not. Which means there is not negotiations happening for most victims.
ALPHV is claiming it was simply a hardware failure, but many sources are speculating it was the target of a law enforcement operation.
Not one to let an opportunity pass by, the LockBit ransomware operation is said to be recruiting affiliates and developers from the BlackCat/ALPHV and NoEscape. LockBit is already the largest ransomware operation, but they are looking to get even larger, it seems!
Read More: