iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
According to new research, pen testers are in high demand on a Russian-language hacking forum.
Multiple Russian hacking groups appear to be looking to recruit penetration testers, according to new research released by Cato Networks’ Cyber Threats Research Lab (CTRL).
Multiple members of the hacking forum RAMP – Russian Anonymous Marketplace – have been offering positions to pen testers in various ransomware affiliate programs such as Rabbit Hole, Lynx, and Apos.
The data comes from the Q3 2024 Cato CTRL SASE Threat Report, which was built from an analysis of more than 1.4 million network flows from 2,500 customers and careful human intelligence tracking darknet marketplaces.
“Ransomware is one of the most pervasive threats in the cyber security landscape. It impacts everyone – businesses and consumers – and threat actors are constantly trying to find new ways to make their ransomware attacks more effective,” Etay Maor, chief security strategist at Cato Networks, said in a statement.
“In the Q3 2024 Cato CTRL SASE Threat Report, we highlight a trend of ransomware gangs recruiting pen testers. We believe this is to test whether their ransomware works for future attacks.”
Cato’s researchers also found multiple instances of ransomware being offered for sale on the forum. One post, largely in Russian, offers locker source code for US$45,000, while another post, this time in English, is selling Makop ransomware for a price negotiable via direct message.
The ransomware features custom ransom notes and wallpapers, a user manual, custom key generation, and extensive build notes.
Shadow AI an issue
Cato also found that using shadow AI applications, which employees use without clearance or oversight, is a serious security threat. Ten apps in particular were of concern: Bodygram, Craiyon, Otter.ai, Writesonic, Poe, HIX.AI, Fireflies.ai, PeekYou, Character.AI, and Luma AI.
“Shadow AI is a major threat that has emerged in 2024,” Maor said.
“Organisations should be mindful of the unauthorised use of AI applications and the dangers of letting employees inadvertently expose sensitive information.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
