[threat-actors] Add RansomVC

2023-11-03 19:02:12 +01:00 · 2023-11-03 19:02:12 +01:00 · 1343cdb35a
parent ea227222ea
commit 1343cdb35a
1 changed files with 20 additions and 0 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -12325,6 +12325,26 @@
      },
      "uuid": "3c2f534a-a898-4af6-b3e8-f2740c473de0",
      "value": "SiegedSec"
+    },
+    {
+      "description": "Ransomed.VC burst onto the scene with a well-orchestrated PR campaign, encompassing a clearnet site and multiple communication channels including Telegram and Twitter/X profiles. Their operations are heavily inclined towards exploiting GDPR penalties as a method of extortion, threatening victims with potential legal repercussions in case of data leaks.",
+      "meta": {
+        "aliases": [
+          "Ransomed.vc"
+        ],
+        "refs": [
+          "https://therecord.media/colonial-pipeline-attributes-ransomware-claims-to-unrelated-third-party-breach",
+          "https://socradar.io/on-the-horizon-ransomed-vc-ransomware-group-spotted-in-the-wild/",
+          "https://www.sentinelone.com/blog/sep-2023-cybercrime-update-new-ransomware-threats-and-the-rising-menace-of-telegram/",
+          "https://socradar.io/unmasking-usdod-the-enigma-of-the-cyber-realm/",
+          "https://www.videogameschronicle.com/news/a-ransomware-group-claims-to-have-beached-all-sony-systems/",
+          "https://securityaffairs.com/151550/data-breach/ransomed-vc-sony-ntt-alleged-attacks.html",
+          "https://blog.talosintelligence.com/threat-source-newsletter-sept-28-2023/",
+          "https://www.resecurity.com/blog/article/ransomedvc-in-the-spotlight-what-we-know-about-the-ransomware-group-targeting-major-japanese-businesses"
+        ]
+      },
+      "uuid": "f939b51d-32f9-41d9-8549-f00b2db104c7",
+      "value": "RansomVC"
    }
  ],
  "version": 289