Researchers at Trusec not too long ago found a brand new ransomware-as-a-service group known as Cicada3301. The gang offers its associates with a twin extortion platform that features each a ransomware and a knowledge leakage aspect. In line with the analysis report, Cicada3301 first appeared in June 2024 and focuses on Home windows and Linux ESXi hosts.
Similarities to ALPHV
Of their evaluation, the safety researchers discovered that the group is similar to the now-defunct cybergang ALPHV (also referred to as BlackCat), noting that each Cicada3301 and ALPHV ransomware have been written in Rust and use ChaCha20 for encryption. Additionally they use almost similar instructions for shutting down VMs and eradicating snapshots, and “each use -ui command parameters to offer a graphic output on encryption,” the researchers wrote.
The group takes its identify from Cicada 3301, an notorious “web thriller” that concerned three units of puzzles launched on-line from 2012 to 2014.
