A research into three cybercriminal groups that use leaked ransomware to attack Russian organizations
The BI.ZONE Cyber Threat Intelligence team takes a look at how malware leaks influence the Russian threat landscape. The experts also review the attacks of the three most prominent hacker groups
Ransomware scene in Russia
Our research into criminal activity across the Russian cyberspace reveals a growing trend toward the use of leaked malware source code. We have prepared an overview of the nation’s cyber threat landscape together with a detailed analysis of the three most impactful hacker groups—Battle Wolf, Shadow Wolf, and Twelfth Wolf
15
large Russian organizations attacked by Battle Wolf
$5M
highest ransom demanded by Shadow Wolf
In this research
- Changes in the cyber threat landscape stemming from global transformations and the ever growing popularity of the Ransomware-as-a-Service model
- Top three groups that leverage leaked source codes and tools
- Тactics, techniques, and procedures for each stage of the attack life cycle
- MITRE ATT&CK heat map: most and least common techniques
- Tracking the “wolves” with BI.ZONE EDR
- Proactive methods to detect similar threats
You will learn
- What methods are used by cybercriminal groups in Russia
- How to test your defenses and assess their effectiveness in resisting cyberattacks