Security Analysis: The Rise of Cybercrime Underworld and Hacking Groups

The victims include logistics companies, schools, health agencies, the manufacturing industry, and financial agencies. The working of Egregor is similar to other ransomware, i.e. keeping hold of the data until the client pays the ransom money. There is but one minor change, Egregor’s methods reveal the present structure of the hacking economy.  Instead of depending solely on lone wolfs (hackers) that orchestrate massive data breaches, or dark web platforms abundant with Russian threat actors, the hackers today work as a kind of unified group/team which acknowledges innovations and changes in the hacking industry. 

In other words, one can say that is a replica of Silicon Valley, but one that thrives on exploiting agencies for profit rather than building interactivity. Cybersecurity expert Jason Passwaters, CEO, Intel 471, says that there exist hackers which were active a long time ago and are still in the hacking game. They offer the same services as they used to back in the time, but the only change is now these hackers rely on each other, rather than working solely. Cybersecurity experts suggest that there might be up to 12 hackers involved in a data breach or a commodity cyberattack. The Egregor group isn’t the only one. 

Hacking groups like Thanos, Conti, and SunCrypt that use similar malware strains, have also started operating in a cooperative way.  Cyberscoop reports, “it’s a style with roots in the mid-2000s when a hacker using the name “slavik” released the Zeus malware, a hacking tool that helped accelerate what’s known now as an affiliate model. The FBI has identified a Russian man, Evgeniy Bogachev, as “slavik,” and has listed him on the bureau’s list of most wanted fugitives. Bogachev’s Zeus malware is responsible for financial losses of more than $100 million, the FBI says, even as the creator has posed in ostentatious outfits in social media pictures.”