Cicada3301, a ransomware-as-a-service group, had its affiliate program infiltrated by Group-IB researchers, who subsequently publicized details about the gang’s operations and inner workings. Active since June 2024, the group has attacked 30 victims, primarily in the U.S and U.K. The ransomware shares similarities with the defunct ALPHV/BlackCat ransomware group. Group-IB’s report also highlights Cicada3301’s sophisticated affiliate program, including detailed attack customization and support services.
5 charged in “Scattered Spider,” one of the most profitable phishing scams ever
Phishing attacks occurring from September 2021 to April 2023 targeted employees at various companies. The attackers sent deceiving text messages posing as the victims’ IT
