"Rahul Ramesh and Reegun Jayapaul of the Cyderes Howler Cell team, said there were significant doubts surrounding the credibility of 0APT's victim claims. "Claiming around 200 victims in a compressed time window, without supporting artifacts, is operationally inconsistent with observed ransomware group behavior," they explained. "Mature groups typically stagger disclosures and provide proof of compromise to strengthen negotiation leverage. In this case, the announcements appear rapid and unsupported.""
"Ramesh and Jayapaul also said the gang's leak site raised concerns regarding the authenticity of the data it claimed to have stolen. They said that although the leak section advertises downloadable file trees, the actual files are far larger than would be expected and seem to be structured to create an impression of large-scale data theft - when they can be downloaded at all, they essentially seem to comprise mostly random junk disguised as a .zip archive or .pdf file."
A newly operational RaaS gang named 0APT emerged in January 2026 and published names and partial data for almost 200 alleged victims. The majority of alleged victims were located in the US, followed by the UK and India. Bulk publication of victims has precedents such as Cl0p's mass exploitations. Multiple researchers analyzing 0APT's claims found substantial inconsistencies and believe the operation is likely bluffing. Observed issues include rapid, unverified disclosures instead of staggered disclosures with proof of compromise; a leak site advertising downloadable file trees that contain oversized files or apparent junk; and an absence of screenshots of compromised data.
Read at ComputerWeekly.com
Unable to calculate read time
Collection
[
|
...
]