Microsoft Threat Intelligence Team has made it official that Vice Society, a hacking group, is behind multiple ransomware attacks that were being targeted at education, government and retail sectors. It was also found in the research that the said group of cyber criminals avoids deployment of ransomware sometimes and carried out extortion with stolen data.
The Windows OS delivering giant claims that the said group of cyber attackers has been code named by its team as Moniker DEV-0832 and has a history of dumping payloads related to quantum locker, Zeppelin, BlackCat and Hive Ransomware.
Another company serving the field of cybersecurity named SEKOIA also observed a similar concept behind the operations of Vice Society and released an update on this note in July 2022. It claims that the said group of hackers do not involve in double extortion tactics and instead focus on deploying ransomware binaries that are being bought the dark web.
Sometimes, the crime group spreads the file encrypting malware through publicly known vulnerabilities and, in most cases, it drops the malware payloads via phishing emails.
Victim names are not being disclosed for reasons, but are related to mostly education sector says report compiled and released by the MS Office software producing tech giant.
NOTE- In case a company falls prey to ransomware, it is better to avoid paying a ransom. As there is no guaranty that the criminals will return the decryption key for sure and there is a high probability that they can strike the same target twice or thrice in a year to mint easy money.