Alert: GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries
Mar 06, 2024
The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker . "TheGhostSec and Stormous ransomware groups are jointly conducting double extortion ransomware attacks on various business verticals in multiple countries," Cisco Talos researcher Chetan Raghuprasad said in a report shared with The Hacker News. "GhostLocker and Stormous ransomware have started a new ransomware-as-a-service (RaaS) program STMX_GhostLocker, providing various options for their affiliates." Attacks mounted by the group have targeted victims in Cuba, Argentina, Poland, China, Lebanon, Israel, Uzbekistan, India, South Africa, Brazil, Morocco, Qatar, Turkiye, Egypt, Vietnam, Thailand, and Indonesia. Some of the most impacted business verticals include technology, education, manufacturing, government, transportation, energy, medicolegal, real estate, and telecom. GhostSec – not to be confused with Ghost Security Group (which is also called GhostSec