RansomedVC ransomware group, responsible for a string of high-profile ransomware attacks, has abruptly announced its dissolution. The group, known for its sophisticated hacking tactics and exploitation of the European Union’s GDPR laws, has decided to sell its entire infrastructure.
RansomedVC, which first emerged in August 2023, targeted entities from major corporations to government bodies and educational institutions. Their modus operandi involved infiltrating networks, exfiltrating sensitive data, and subsequently threatening victims with publication of the stolen information unless a substantial ransom was paid. Notably, they also exploited the threat of reporting victims to GDPR authorities, potentially resulting in severe penalties.
The group’s most prominent alleged victims included well known names such as Sony Corporation and the Colonial Pipeline, victims of the group’s extortion tactics in September and October 2023, respectively.
Now RansomedVC has taken an unexpected and unprecedented step by putting their entire toolkit up for sale. The sale includes a staggering array of assets, such as various domains and forums, a ransomware builder with promised 100% undetectability by antivirus software, access to affiliate groups, social media accounts, Telegram channels, VPN access to multiple companies with a jaw-dropping revenue of $3 billion, databases worth over $10 million each, and more.
While announcing the sale on Telegram, groupadmin mentioned “personal reasons” for the decision but categorically stated that these reasons would not be disclosed to journalists or the public. On their dark web blog, the group’s admin stated they do not wish to be monitored by federal agencies.
One could only speculate the reasons for the group’s sudden sale. It could be pressure from law enforcement agencies or even the possibility of a new and more sophisticated cyber operation in the making.
The latest victim of RansomedVC is Colonial Pipeline