The article discusses the emerging cybercrime group Triplestrength, which combines ransomware attacks with the hijacking of cloud accounts for cryptocurrency mining. Monitored by Google since 2023, this small but active group operates in hacking forums, leveraging compromised servers across various platforms, including Google Cloud and AWS. Although they have been conducting ransomware attacks since at least 2020, they use older malware types without incorporating double-extortion tactics. Their approach is reminiscent of traditional ransomware practices, emphasizing a need for organizations to bolster their defenses against this evolving threat.
"Triplestrength is an emerging threat that uniquely combines ransomware attacks with cloud account hijacking for cryptocurrency mining; this poses significant risks to organizations."
"Despite its small size, Triplestrength has shown significant activity in cybercrime forums and has built a network for soliciting criminal recruitment."
Collection
[
|
...
]