This cooperation aims to attack more secure and profitable goals. The exhibition AdvIntel shows how this hidden community is developing multidimensional criminal alliance structures.
Access to corporate network data
Many times to be able to accomplish these attacks, ransomware teams work with many third-party cybercriminals, such as network breach experts and malware developers.
For network breach experts monetization is a major challenge and ransomware teams offer a monetization solution.
The researchers even discovered one hacker, with the code name -TMT-, which has been integrated into this hidden community to make money from illegal activities. The community says it has stolen credentials many corporate networks, which run at prices ranging from $ 3.000 to $ 5.000.
The hacker -TMT- also provided evidence of violations, according to the AdvIntel report. The team focuses mainly on corporate networks and uses infected RDPs and malware for the initial stages of the attack.
“According to AdvIntel's information sources, as of August 2019, -TMT- among other things developers ransomware works with REvil developers to support crypto lockers downloads. "
The collaboration between network intruders, Metasploit / Cobalt Strike specialists and ransomware developers is based on a solid foundation for launching high profile attacks.