Researchers at Trusec lately found a brand new ransomware-as-a-service group known as Cicada3301. The gang supplies its associates with a twin extortion platform that features each a ransomware and an information leakage facet. In response to the analysis report, Cicada3301 first appeared in June 2024 and focuses on Home windows and Linux ESXi hosts.
Similarities to ALPHV
Of their evaluation, the security researchers discovered that the group is similar to the now-defunct cybergang ALPHV (also called BlackCat), noting that each Cicada3301 and ALPHV ransomware have been written in Rust and use ChaCha20 for encryption. In addition they use practically equivalent instructions for shutting down VMs and eradicating snapshots, and “each use -ui command parameters to offer a graphic output on encryption,” the researchers wrote.
The group takes its identify from Cicada 3301, an notorious “web thriller” that concerned three units of puzzles launched on-line from 2012 to 2014.
