Introduction
Financial interests only.
We do not provide or work with affiliate programs, no collaborations either.
The requested payment must be made within a specified time frame, otherwise the price may be increased, we will begin to publish the data we have about your company and notify the company’s customers and suppliers.
Charitable, non-profit, and medical institutions are only hacked if they have reputation gaps known from open sources or discovered in company data. However, this is only data extraction; live support systems are not affected.
Data is always destroyed after payment; we do not attack the same company twice.
Interesting fact: once, the total amount of claims against a breached company exceeded its entire capitalization. We know how to create trouble, though it is in our mutual interest to avoid it.
To make the data leak more valuable, the most important information is published in a separate folder for each company called “parsed” and is also published on darkweb forums.
Activities and Tactics
Information pending cataloguing.
Notable Campaigns
Information pending cataloguing.
Tactics, Techniques, and Procedures (TTPs)
Information pending cataloguing.
Notable Indicators of Compromise (IOCs)
No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.
Malware and Tools
- DarkWatchman:
Attribution and Evidence
Information pending cataloguing.
References
References pending cataloguing.