Sign in

Hotsauce | S2W TALON

SoW (Story of the Week) publishes a report summarizing ransomware’s activity on the Darkweb. The report includes summary of victimized firms, Top 5 targeted countries and industrial sectors, status of dark web forum posts by ransomware operators, etc.

1. Weekly Status

  • A total of 48 victim companies were mentioned…

S2W TALON

Compared the victim page between Prometheus x Spook

Executive Summary

  • Spook ransomware started on September 26th, 2021.
  • The double extortion site of Spook ransomware is similar to the double extortion site of Prometheus ransomware.
  • Spook ransomware is very similar to Prometheus ransomware with ransom notes and websites. …


Hotsauce | S2W TALON

SoW (Story of the Week) publishes a report summarizing ransomware’s activity on the Darkweb. The report includes summary of victimized firms, Top 5 targeted countries and industrial sectors, status of dark web forum posts by ransomware operators, etc.

1. The first half of the year Status

  • A total of 518 victim companies were mentioned…

Hotsauce | S2W TALON

SoW (Story of the Week) publishes a report summarizing ransomware’s activity on the Darkweb. The report includes summary of victimized firms, Top 5 targeted countries and industrial sectors, status of dark web forum posts by ransomware operators, etc.

1. Weekly Status

  • A total of 37 victim companies were mentioned…

Hotsauce | S2W TALON

SoW (Story of the Week) publishes a report summarizing ransomware’s activity on the Darkweb. The report includes summary of victimized firms, Top 5 targeted countries and industrial sectors, status of dark web forum posts by ransomware operators, etc.

1. Weekly Status

  • A total of 40 victim companies were mentioned…

S2W TALON

Executive Summary

Atomsilo used the ransom note page, the double extortion site, and the malicious code of the other ransomware attack groups.

Atomsilo copied BlackMatter and Cerber version 6.

  • Atomsilo copied the ransom note page of Cerber version 6.
  • Atomsilo copied the double extortion site of BlackMatter.

Atomsilo used the similar malicious…


Hotsauce | S2W TALON

SoW (Story of the Week) publishes a report summarizing ransomware’s activity on the Darkweb. The report includes summary of victimized firms, Top 5 targeted countries and industrial sectors, status of dark web forum posts by ransomware operators, etc.

1. Weekly Status

  • A total of 64 victim companies were mentioned…

Hotsauce | S2W TALON

The relation graph of Groove, Babuk, Payload.bin, RAMP, and BlackMatter

  • Groove mentioned several cryptocurrency wallet addresses such as BTC, XMR and ETH. Those addresses are same as RAMP’s addresses mentioned on their leak site.
  • Groove used the file server same as BlackMatter and Babuk [2].
  • The operator of RAMP was linked to the operator of Babuk…

Hotsauce | S2W TALON

SoW (Story of the Week) publishes a report summarizing ransomware’s activity on the Darkweb. The report includes summary of victimized firms, Top 5 targeted countries and industrial sectors, status of dark web forum posts by ransomware operators, etc.

1. Weekly Status

  • A total of 45 victim companies were mentioned…

Hotsauce | S2W TALON

Executive Summary

  • In May 2021. The United state’s D company was infected by the Suncrypt ransomware, and after a long negotiation of about 3 weeks, the victim paid the ransom with Bitcoin, and Suncrypt finally deleted the leaked data and informed security report, and the negotiations were finished.
  • As a result of…

S2W

S2W is a big data intelligence company specialized in the Dark Web and Crypto currencies.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store