GhostSec Leverages GhostLocker 2.0 in Global Extortion Spree

, GhostLocker 2.0

In the shadowy corners of the cyber realm, the nefarious activities of hacker groups not only persist but escalate. Recently, GhostSec, known for its allegiance with Anonymous in targeting extremist content, has forged a darker path. Introducing GhostLocker 2.0, a Golang variant of ransomware, GhostSec has collaborated with Stormous to wreak havoc on a global scale with their double extortion assaults.

The surge of malicious activities has not gone unnoticed. Cisco Talos reports show that this new ransomware variant encrypts files swiftly, leaving a distinct mark with the extension “.ghost.” Not only the encryption, but the entire attack process has been refined, with an improved ransom note demanding ransom from their targets from across critical sectors, including technology and government.

Furthermore, the GhostSec group has launched a novel ransomware-as-a-service program, STMX_GhostLocker. This alarming development provides varied services for affiliates, adding a new revenue stream for these cybercriminals through victim extortion. Notably, the group has also unveiled a dark web leak site for publishing stolen data, amplifying their threat potency.

This redoubling of their effort signals a significant shift in the cyber threat landscape. The GhostSec and Stormous joint endeavor, as part of The Five Families collective, demonstrates a concerning trend of cybercriminal syndicates merging forces. The collective’s extensive reach and impact, targeting over 15 countries, underscore the pressing need for enhanced cybersecurity measures globally.

In a twist of irony, the Ghost Security Group™, depicted in recent ransomware GUI demos, has staunchly denied any involvement with these nefarious activities. Through an official statement, they condemn the use, release, and sale of such extortionist tools, urging the creators to reconsider their actions.

As GhostSec showcases their evolving tactics through tools like the GhostSec Deep Scan and GhostPresser for XSS attacks, the call to action for cybersecurity defenses becomes ever more urgent. It is a stark reminder that as cybercriminals innovate and adapt, so, too, must the strategies to thwart them. Solidifying cyber resilience now predicates not only on individual vigilance but collaborative global security initiatives to counter this growing wave of cyber threats.

If you enjoyed this article, please check out our other articles on CyberNow

March 6, 2024
The collaboration of hacker groups GhostSec and Stormous leads to a heightened threat with GhostLocker 2.0 ransomware targeting critical sectors worldwide.