Hackers support Iranian dissidents. Notes on C2C markets. Cyberespionage campaigns. Intercepted mobile calls from Russian troops expose morale problems.
CyberWire Daily
00:00
Industrial Spy Ransomware
The thread group does exfiltrate and sells data on their dark web. The ransomware utilizes a combination of triple-desk and RSA to encrypt the files on the victim machine. We did notice that, you know, industrial spy lacks many common features which are present in modern ransomware families. Many of the commonly seen anti-analysis and obfuscation techniques are missing.
Play episode from 18:43
Transcript
