HomeRisk ManagementsGhostSec develops advanced website hacking tools

GhostSec develops advanced website hacking tools

Published on

spot_img

The hacking group GhostSec has been making headlines recently due to a significant uptick in its malicious activities, as revealed by research from Cisco Talos. One of the most alarming developments is the emergence of GhostLocker 2.0, a new strain of ransomware created by the group using the Golang programming language.

Collaborating with the Stormous ransomware group, GhostSec has been carrying out double extortion ransomware attacks targeting businesses and organizations in multiple countries. Moreover, they have also launched a ransomware-as-a-service (RaaS) program called STMX_GhostLocker, offering various options for affiliates to join their nefarious operations.

In a recent advisory, Talos disclosed that GhostSec has added two new tools to their arsenal: the “GhostSec Deep Scan tool” and “GhostPresser.” These tools are believed to have been used in attacks against websites, allowing the group to scan legitimate sites and carry out cross-site scripting attacks.

The joint efforts of GhostSec and Stormous have had a global impact, affecting victims in countries such as Cuba, Argentina, Poland, China, and Israel. Their targets have primarily been in the technology and education sectors, as indicated by information shared in their Telegram channels.

GhostSec, aligning themselves with hacker groups like ThreatSec and Blackforums, are known for their financially motivated cybercriminal activities. They engage in single and double extortion attacks, denial-of-service attacks, and website takedowns to generate funds for hacktivists and other threat actors.

The introduction of GhostLocker 2.0 underscores the group’s evolving tactics in ransomware development, with files encrypted using the “.ghost” extension and updated ransom notes and command-and-control capabilities. This demonstrates a level of sophistication in GhostSec’s operations, showing their ability to adapt and innovate in the cybercrime landscape.

The unveiling of the GhostSec Deep Scan tool and GhostPresser further showcases the group’s advanced techniques in compromising websites. These tools enable them to scan websites thoroughly and execute XSS attacks, expanding their capabilities beyond traditional ransomware tactics.

Overall, the increase in GhostSec’s malicious activities highlights the growing threat posed by cybercriminal groups and the need for organizations to enhance their cybersecurity measures to protect against such attacks. With GhostSec and its collaborators demonstrating a high level of sophistication and adaptability, staying ahead of their tactics is crucial in defending against cyber threats.

Source link

Latest articles

Attackers Abuse Google Ad Feature to Target Slack, Notion Users

 Attackers are once again abusing Google Ads to target people with info-stealing malware, this time...

Hackers allege to have infiltrated computer network of Israeli nuclear facility

An Iran-linked hacking group has declared that they successfully breached the computer network of...

Hacker allegedly uses white-hat approach to exploit crypto game for $4.6M

In a surprising turn of events, the food-themed crypto game Super Sushi Samurai fell...

Reducing Threats from the IABs Market

As ransomware attacks continue to escalate in frequency and severity, one of the key...

More like this

Attackers Abuse Google Ad Feature to Target Slack, Notion Users

 Attackers are once again abusing Google Ads to target people with info-stealing malware, this time...

Hackers allege to have infiltrated computer network of Israeli nuclear facility

An Iran-linked hacking group has declared that they successfully breached the computer network of...

Hacker allegedly uses white-hat approach to exploit crypto game for $4.6M

In a surprising turn of events, the food-themed crypto game Super Sushi Samurai fell...
en_USEnglish