CyberVolk | A Deep Dive into the Hacktivists, Tools and Ransomware Fueling Pro-Russian Cyber Attacks (www.sentinelone.com)
from Joker@sh.itjust.works to cybersecurity@infosec.pub on 25 Nov 11:28
https://sh.itjust.works/post/28594720

Executive Summary

> - CyberVolk/GLORIAMIST is a hacktivist collective originating in India with pro-Russia leanings. Between June and October 2024, CyberVolk claimed responsibility for multiple ransomware attacks. > - The main objective of CyberVolk and related groups is to leverage geopolitical issues to launch and justify attacks on public and government entities, primarily in the service of Russian government interests. > - SentinelLabs has observed a shared codebase used by CyberVolk, AzzaSec and DoubleFace’s ransomware. Additionally, CyberVolk has promoted other ransomware families like HexaLocker and Parano. These groups and the tools they leverage are all closely intertwined. > - These hacktivist groups are extremely dynamic and volatile. In-fighting, threats, and inflated political-posturing are common, leading to fragmentation and the rapid re-shaping of the hacktivist threat landscape.

#cybersecurity

threaded - newest