HQ/EMEAFind out how we can help your business
Security researchers were said to have lurked in the secret chats between two notorious cybercriminal groups, Cl0p and Venus ransomware, learning about their conspiracies and conversations that are not meant to be discovered by anyone.
According to the uncovered messages from Cl0p and Venus, the two ransomware groups were discussing and conspiring their attacks against the United State’s organisation executives and its healthcare sector.
The researchers who found the leaked chats of the Cl0p and Venus ransomware groups shared what they discovered.
Based on the discoveries, the Venus gang has been scheming about blackmailing executives working in public organisations with fake insider trading charges. It shows that the threat actors could edit a targeted victim’s email inbox files to insert fake messages about a discussion of the victim engaging in insider trading of non-public information for monetary purposes.
Then, the threat actor would trick the victim into believing that the insider trading interactions and files were created on their computers, threatening them to publish the files unless they cooperate.
These fake email messages were said to have been injected on compromised computers through Microsoft Outlook [.]pst files.
On the other hand, the leaked conversations about the Cl0p gang revolve around planning to target healthcare institutions that offer online consultations to patients. This scheme is executed via the threat actors sending healthcare staff virus-infected files hidden in ultrasound images or other medical files sent by fake patients that seek medical consultations remotely.
The leaked discussions revealed that both groups had not struck many targeted victims, although the schemes from the Cl0p ransomware group had already victimised some healthcare institutions.
Security analysts underline that the collaborated effort of the Cl0p and Venus ransomware groups demonstrates their active cyberattack plots against specific targets. Furthermore, both prolific threat groups have been making their names in the cybercriminal landscape, frequently enhancing their attack methods and malware distribution.
Thus, organisations must train staff and employees to recognise malicious cyberattack attempts and respond accordingly, including reporting to security teams and relevant authorities.
