"Vice Society Hackers Are Behind Several Ransomware Attacks Against Education Sector"

Vice Society, a cybercrime organization, has been linked to multiple ransomware strains in its malicious campaigns targeting the education, government, and retail sectors. The Microsoft Security Threat Intelligence team, which is tracking the threat cluster known as DEV-0832, stated that the group avoids deploying ransomware in some cases and instead extorts money using stolen data. DEV-0832's payload has shifted over time from BlackCat, Quantum Locker, and Zeppelin to a Zeppelin variant that includes Vice Society-specific file extensions such as .v-s0ciety, .v-society, and, most recently, .locked, according to the tech giant's cybersecurity division. Since June 2021, Vice Society has been observed encrypting and exfiltrating victim data and threatening companies with the exposure of siphoned information in order to pressure them into paying a ransom. Prior to deploying the ransomware, the financially motivated threat actor is known to rely on exploits for publicly disclosed vulnerabilities in Internet-facing applications, as well as PowerShell scripts, repurposed legitimate tools, and commodity backdoors such as SystemBC. This article continues to discuss the Vice Society cybercrime group targeting the education sector.

THN reports "Vice Society Hackers Are Behind Several Ransomware Attacks Against Education Sector"