Infiltrating the Cicada3301 Ransomware-as-a-Service Group

SUMMARY :

This analysis provides an in-depth look into the operations of the Cicada3301 Ransomware-as-a-Service (RaaS) group. It details the workflow of their affiliates within the panel and examines the multi-platform capabilities of their ransomware, encompassing Windows, Linux, ESXi, and even uncommon architectures like PowerPC. The group has swiftly targeted numerous organizations across critical sectors within just a few months, with a significant focus on the United States and the United Kingdom. Their sophisticated affiliate program recruits penetration testers and access brokers, offering commissions and a feature-rich web panel. The ransomware employs advanced encryption techniques and aggressive tactics to maximize disruption, making it a formidable threat.

OPENCTI LABELS :

ransomware,encryption,sophisticated,cicada3301,multi-platform,affiliate


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Infiltrating the Cicada3301 Ransomware-as-a-Service Group