Vice Society ransomware gang has fortified its position as one of the most feared hacking groups of 2022. Several reports suggest that the group has been feeding hacking collectives millions of dollars and has impaired companies with acute financial damage.
The group was recently held responsible for four new attacks, attributing it to the global cybercrime index, which recently credited 2022 as the worst year for cybersecurity. For the uninitiated, the Vice Society ransomware gang is a profit-based hacking collective that specializes in penetration, exfiltration, and extortion that initially debuted in the summer of 2021.
Vice Society ransomware gang targets four new victims
According to reports, every 39 seconds, there is a new cyberattack on the web, with email being held responsible for 94% of all malware attacks. There are several reasons for hacking and other forms of cybercrime, one being the increasing reliance on technology and the internet.
As more and more personal and sensitive information is stored online, cybercriminals have more opportunities to gain access to this information and disrupt activities. In addition, the proliferation of connected devices as part of the Internet of Things (IoT) has created new vulnerabilities that hackers can exploit.
Another reason for the increased hacking is the relative ease with which many attacks can be carried out. Many tools and resources available online can be used by even relatively unskilled individuals to launch cyberattacks.
Making most of the apparent vulnerabilities, Vice Society, targeted four new victims that have been recently revealed.
The Vice Society gang targeted the Kujalleq Municipality’s website and scraped data, RedPacket Security reported. At the time of writing, it was still unclear what data has been compromised, but the attack definitely takes a toll on the organization.
Kujalleq Municipality is a municipality on the southern tip of Greenland, operational since 1 January 2009. The municipality’s administrative center is in Qaqortoq (formerly called Julianehåb) and comprises former municipalities in southern Greenland, each named after the most populous community.
Jammal Trust Bank
Another victim is the Beirut-based Jammal Trust Bank, a Shiite-owned Lebanese bank founded in 1963 that was forced to close in 2019 due to US sanctions for “assisting in the funding” of the Iran-backed Shiite Hezbollah movement in Lebanon.
Jammal Trust Bank has 25 branches in Lebanon and also holds offices in Nigeria, the Ivory Coast, and the United Kingdom. In this particular attack, the threat actor attacked the bank’s website, however, it is unclear what information was extracted due to the bank’s liquidation on 29/08/2019.
IKEA Morocco and Kuwait
IKEA Morocco and Kuwait were the next targets on the list, and reports suggest that Vice Society is targeting the official IKEA website. In November 2022, the Swedish furniture giant IKEA confirmed that attack and said that the it had caused an operational disturbance.
The company has been investigating the attack, and unlike other victims on the list, IKEA seems to have overcome the attack, with the Morocco and Kuwait-based websites functional now.
The last victim on the list is Publicare, a leading Switzerland-based medical equipment supplier and service provider for incontinence, stoma, tracheostomy care, and wound therapy in the country.
Like most of these recent attacks, Publicare also faced an attack by Vice Society, and at the time of writing, the website was inaccessible and displayed an “under construction” message, due to “updates and maintenance”.
Vice Society ransomware gang, a major threat to society
According to sources, Vice Society actors do not employ a ransomware variation with a distinct provenance. Instead, the criminals have used Hello Kitty/Five Hands and Zeppelin ransomware, although they may use other variations in the future.
The group specializes in a cyberattack and is profound in using malware that encrypts the files on an infected computer, making them inaccessible until a ransom is paid to the attackers. It typically spreads through phishing emails or by being downloaded from compromised websites.
When a computer is infected with Vice Society Ransomware, the attackers will typically demand payment in exchange for a decryption key that will allow the victim to regain access to their files.
It is important to note that paying the ransom does not guarantee that the attackers will provide the decryption key or that the victim will be able to recover their files.
In addition, paying the ransom may encourage the attackers to continue their activities, potentially leading to more victims being targeted in the future.