In a surprising twist in the world of cybersecurity, the infamous RansomedVC hacker group, known for its audacious cyberattacks, has taken an unexpected turn. The announcement of the RansomedVC pen testing service is not something a hacking group of this caliber to venture into legitimate security assessment services is not seen commonly.
Traditionally specializing in data extortion, the group’s latest move involves offering penetration testing services, promising “Guaranteed Results” for their clients.
RansomedVC Pen Testing Service
RansomedVC has gained notoriety for its criminal activities, targeting high-profile organizations like Sony and resorting to data extortion.
Their modus operandi typically involves infiltrating networks, extracting sensitive data, and then threatening to publish or sell it unless a hefty ransom is paid. This approach has been motivated by their pursuit of financial gains.
Penetration testing, commonly known as pen testing, is a meticulous process that involves simulating a cyber-attack to assess the security of a computer system, network, or application. The objective is to find vulnerabilities that could potentially be exploited by malicious actors.
These weaknesses may range from software flaws to misconfigurations and weak user credentials.
A Departure from Conventional Practices
The provision of pen testing services is typically the domain of legitimate organizations and independent pen testers with a commitment to enhancing cybersecurity.
RansomedVC pen testing service marks a significant departure from their traditional illicit activities, confounding experts in the field.
The exact reason for this shift to pen testing is still unclear. However, many individual hackers have been offering this service on Linkedin, Twitter and other social media platforms. But a legitimate ransomware group offering these services seems a little unconventional.
The hacker group surfaced as an underground forum in August 2023, focusing on brokering data leaks, network access, vulnerabilities, and other illicit offerings. Administered by individuals using aliases like “Admin” and “Yuna,” the forum implemented a reputation-scoring system, akin to other cybercriminal communities in the dark web. Members were ranked based on the value of the information they shared, creating an ecosystem of trust and collaboration.
Experts speculate that the architects behind RansomedVC aimed to cultivate a thriving cybercriminal community, attracting skilled participants specializing in unauthorized access. Furthermore, it is believed that the hacker group’s leaders may have harbored intentions to integrate forum members into their operations, potentially utilizing them as affiliates or initial access brokers in their illicit endeavors.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
