- Cisco Talos observed a surge in GhostSec, a hacking group’s malicious activities since this past year.
- GhostSec has evolved with a new GhostLocker 2.0 ransomware, a Golang variant of the GhostLocker ransomware.
- The GhostSec and Stormous ransomware groups are jointly conducting double extortion ransomware attacks on various business verticals in multiple countries.
- GhostLocker and Stormous ransomware have started a new ransomware-as-a-service (RaaS) program STMX_GhostLocker, providing various options for their affiliates.
- Talos also discovered two new tools in GhostSec arsenal, the “GhostSec Deep Scan tool” and “GhostPresser,” both likely being used in the attacks against websites.
You must log in or register to comment.