RansomedVC, a ransomware-as-a-service (RaaS) group, has conducted extortion operations since August 2023. The group recently announced its plans to shut down and sell off parts of its infrastructure. Ransomware customers will likely migrate to other RaaS vendors, and the shutdown will have a minimal effect on the overall threat landscape.
- The group primarily targeted European entities but also claimed responsibility for recent attacks against Sony and the Washington DC Board of Elections. The group listed over 40 unique organizations on its leak site and demanded ransom payments as high as $1 million each.
- RansomedVC operators announced their plans to cease operations on October 30 via the organization’s Telegram channel. They also announced that RansomedVC’s two leak websites, dark web forum, various social media accounts, custom ransomware builder, and malware source code are now for sale. The group is also selling its claimed VPN access to 11 victims and 37 databases.
- A November 8 post on the RansomedVC Telegram channel revealed that authorities likely arrested six of the organization’s operators. The group subsequently fired the rest of its 98 affiliate members.
Read More:
https://www.securityweek.com/ransomware-group-ransomedvc-closes-shop/