AlphaLock, a newly formed hacker group that has recently made waves in the cybersecurity world, has been identified as a “pentesting training organization” that aims to profit from its training services through affiliate programs.
The group operates with a two-part business model. Firstly, they provide online training courses for hackers, such as the Bazooka Code course, which costs $185. These courses are marketed as training for penetration testers. The second part of their business model is the ALPentest Hacking Marketplace. Here, the group employs its newly trained hackers to create a marketplace where threat actors can purchase pentesting services targeted at specific organizations.
The AlphaLock Telegram channel initially provided detailed information about the group’s operations, but has since been made private. A post on the channel stated, “In two months, we have gathered a very strong staff and trained them for ourselves. The time will come when this era will end, and the best will simply disappear, and you will no longer hear about them; they will quietly earn a living for their grandchildren and great-grandchildren. To all our colleagues, I recommend showing patience and applying efforts to study PenTesting. PenTesting is the future.”
Bazooka Code, a key player in AlphaLock’s operations, has announced plans to create a platform where clients can monitor the progress of penetration testers as they conduct various tests. This platform will allow threat actors to list their desired targets for penetration testing, and others can then select these companies, carry out the tests, provide evidence of the attack, and receive their reward.
However, due to increased scrutiny and attention, the platform will be transitioning to a chat application called Matrix. Telegram will still be used for news updates, membership requests, and inquiries. Additionally, Bazooka Code has revealed plans to launch a YouTube channel to enhance the user experience. Those interested in the platform are encouraged to submit a portfolio for consideration.
The emergence of AlphaLock and its activities has raised concerns within the cybersecurity community. The group’s ability to train and mobilize hackers for the purpose of selling penetration testing services to threat actors represents a significant threat to organizations and their security systems. It is a stark reminder of the constant evolution and adaptation of cyber threats, as well as the need for organizations to remain vigilant and proactive in safeguarding their digital assets.
As the cybersecurity landscape continues to evolve, it is imperative for organizations to stay informed about emerging threats, vulnerabilities, and trends in the industry. By subscribing to reliable and reputable sources of information, such as Dark Reading’s cybersecurity newsletter, individuals can receive timely updates and insights that can help them stay ahead of potential threats and protect their digital infrastructure.
In conclusion, the rise of AlphaLock and its innovative approach to training and utilizing hackers for profit serves as a stark reminder of the ever-present threats in the digital realm. It underscores the importance of staying informed and proactive in the face of cybersecurity challenges. By staying abreast of the latest developments and best practices in the field, organizations can better protect themselves against the constantly evolving landscape of cyber threats.