The group has only one known victim to date, but may be looking to use the disclosure as a launchpad for its ransomware-as-a-service operation. The VPN credentials are hosted on a Tor storage server linked with ransomware group Groove, which was launched only recently. “We believe with high confidence the VPN SSL leak was likely accomplished to promote the new RAMP ransomware forum offering a ‘freebie’ for wannabe ransomware operators,” Vitali Kremez, VTO at Advanced Intel, told Bleeping Computer.
0 kommentar(er)
