Navigation X
ALERT
Click here to register with a few steps and explore all our cool stuff we have to offer!



 182

how ransomware groups communicate with their victims

by Lc2016 - 22 October, 2023 - 12:15 PM
This post is by a banned member (Lc2016) - Unhide
Lc2016  
Registered
73
Posts
1
Threads
1 Year of service
#1
Hi, [Image: smart.gif]

After multiple reports and researches I have the impression that ALL ransomware groups use email as a technology to talk to their victims. Whereas there are several other solutions XMPP -> TELEGRAM -> ...

Why stay on the mail?

So let me open the debate !

Thanks
This post is by a banned member (words) - Unhide
words  
Supreme
1.455
Posts
321
Threads
5 Years of service
#2
(22 October, 2023 - 12:15 PM)Lc2016 Wrote: Show More
Hi, [Image: smart.gif]

After multiple reports and researches I have the impression that ALL ransomware groups use email as a technology to talk to their victims. Whereas there are several other solutions XMPP -> TELEGRAM -> ...

Why stay on the mail?

So let me open the debate !

Thanks

Easier because everyone might have an email, not everyone has telegram // xmpp with OMEMO.


Also because they targeted a lot of enterprises
I do not sell anything. I do not have a public Discord / Telegram. I will never ask anyone for money / refuse any deal via middleman. I will never deny to confirm my identity via PM before any deal. Stay safe, I have impersonators.
(-.-)Zzz...

https://youtu.be/EDVrTYW2l84

 
This post is by a banned member (PolloTramaOp) - Unhide
516
Posts
64
Threads
2 Years of service
#3
A good ransomware group use a chat on darknet (onion)  [Image: thinkingpepe.png]
              [Image: giphy.gif]
This post is by a banned member (Lc2016) - Unhide
Lc2016  
Registered
73
Posts
1
Threads
1 Year of service
#4
(22 October, 2023 - 12:16 PM)similitude Wrote: Show More
(22 October, 2023 - 12:15 PM)Lc2016 Wrote: Show More
Hi, [Image: smart.gif]

After multiple reports and researches I have the impression that ALL ransomware groups use email as a technology to talk to their victims. Whereas there are several other solutions XMPP -> TELEGRAM -> ...

Why stay on the mail?

So let me open the debate !

Thanks

Easier because everyone might have an email, not everyone has telegram // xmpp with OMEMO.


Also because they targeted a lot of enterprises
Indeed, if the entry point for deploying the ransomware was by e-mail, we might as well continue communicating via this channel, but in that case, which providers are used? And if the e-mail is deleted by the provider, we lose all contact with the victims. [Image: pepeokay.png]
(22 October, 2023 - 12:17 PM)PolloTramaOp Wrote: Show More
A good ransomware group use a chat on darknet (onion)  [Image: thinkingpepe.png]

It's true that this is the best method for securing connections, but no one has installed tor or knows how to use it... but it's still a good option. [Image: hackerman.gif]
This post is by a banned member (words) - Unhide
words  
Supreme
1.455
Posts
321
Threads
5 Years of service
#5
(This post was last modified: 22 October, 2023 - 12:29 PM by words. Edited 1 time in total.)
(22 October, 2023 - 12:24 PM)Lc2016 Wrote: Show More
(22 October, 2023 - 12:16 PM)similitude Wrote: Show More
(22 October, 2023 - 12:15 PM)Lc2016 Wrote: Show More
Hi, [Image: smart.gif]

After multiple reports and researches I have the impression that ALL ransomware groups use email as a technology to talk to their victims. Whereas there are several other solutions XMPP -> TELEGRAM -> ...

Why stay on the mail?

So let me open the debate !

Thanks

Easier because everyone might have an email, not everyone has telegram // xmpp with OMEMO.


Also because they targeted a lot of enterprises
Indeed, if the entry point for deploying the ransomware was by e-mail, we might as well continue communicating via this channel, but in that case, which providers are used? And if the e-mail is deleted by the provider, we lose all contact with the victims. [Image: pepeokay.png]
(22 October, 2023 - 12:17 PM)PolloTramaOp Wrote: Show More
A good ransomware group use a chat on darknet (onion)  [Image: thinkingpepe.png]

It's true that this is the best method for securing connections, but no one has installed tor or knows how to use it... but it's still a good option. [Image: hackerman.gif]
some self hosted could work.

some end to end encrypted, offshore providers could be used too. All depends of their TOS and if they check a lot complaints and delete them

^ by the way, i'm only saying this from a **possible** pov, i've never actually worked wwith ransomwares ever, so I can't really tell.

but for me it's the easiest way to communicate // can also be as you said the easiest entry point.
I do not sell anything. I do not have a public Discord / Telegram. I will never ask anyone for money / refuse any deal via middleman. I will never deny to confirm my identity via PM before any deal. Stay safe, I have impersonators.
(-.-)Zzz...

https://youtu.be/EDVrTYW2l84

 
This post is by a banned member (nongtang) - Unhide
This post is by a banned member (Lc2016) - Unhide
Lc2016  
Registered
73
Posts
1
Threads
1 Year of service
#7
(This post was last modified: 22 October, 2023 - 12:56 PM by Lc2016. Edited 1 time in total.)
Finally, to avoid any risk of loss, it's best to have a small site under tor?

edit : Or else a hidden service for settlement and decryption key delivery and contact via telegram or XMPP to manage instantaneous discussions, no?

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
or
Sign in
Already have an account? Sign in here.


Forum Jump:


Users browsing this thread: 1 Guest(s)