Saturday, July 20, 2024
HomeCyber Security BlogsThe Tale of a Ransomware Cartel

The Tale of a Ransomware Cartel

Recent research revealed that a Cartel of four gang allegedly has been distributing and posting the collected data across the leak website. The suspected four gangs that were thought to be working in a cartel include Wizard Spider, Viking Spider, Twisted Spider, and LockBit.

What was discovered?

There are many pointers that points towards the existence of the Cartel.

  • Multiple gangs are coordinating using cartel leak website. They may be sharing tactics and C2 infrastructure.
  • The report stated that one ransom gang steals a data and passes it to another gang to post it publicly.
  • Multiple gangs have added automation to their ransomware to be able to infect their victims without human contact.
  • The ransomware gangs together made hundreds of millions of dollars from ransomware and extortion operation.

The Linking among the gangs-

There were two main connections among the gangs-

  • Shared data leak sites
  • Shared Infrastructure

The Twist in the Story-

In November 2020, Twisted spider made a announcement about the closing of their operations. They also claimed that no such cartel ever existed!

The coalition mentioned above were missing a very important element which qualifies a partnership into a cartel. This element is profit sharing; Researchers did not find any profit sharing when they were tracking the crypto currency accounts. These factors point towards the conclusion that the association was not a cartel but a simple collaboration among different groups.

The Second Twist-

Some researchers have the opinion that Twisted spider has been under constant attention of law enforcement and other government entities. This fact has pressured them to make false statement about its retirement from the cyber crime world. They believe that they are still operative, but keeping themselves under cover an not displaying publicly any kind of collaboration.


It has not been clear if there was any actual cartel. But nevertheless, a collaboration between ransomware group is very dangerous due to the sharing of financial resources and attack infrastructure.



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments

Izzi Казино онлайн казино казино x мобильді нұсқасы on Instagram and Facebook Video Download Made Easy with
Temporada 2022-2023 on CamPhish
2017 Grammy Outfits on Meesho Supplier Panel: Register Now!
React JS Training in Bangalore on Best Online Learning Platforms in India
DigiSec Technologies | Digital Marketing agency in Melbourne on Buy your favourite Mobile on EMI
亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us