View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 30, 2023updated 31 Oct 2023 9:27am

Ransomware gang for sale? RansomedVC ‘looks for buyer’ for its infrastructure

Hackers say the gang's malware builder and other assets are available for the right buyer.

By Tech Monitor Staff

The cybercriminals behind ransomware gang RansomedVC are apparently selling and are inviting interested buyers to bid for its malware builder and other infrastructure. Those running the gang, famous for its hack on Sony earlier this year, say they want to get out of the cybercrime business after coming under scrutiny from police.

RansomedVC’s owners say the ransomware gang is up for sale. (Photo by Tero Vesalainen/Shutterstock)

Writing on its dark web blog and Telegram channel, the group’s admin said they were putting the technology up for sale for “personal reasons”.

RansomedVC put up for sale

An asking price has not been disclosed, but according to the Telegram post, anyone who coughs up the cash will allegedly receive a ransomware builder, VPN access to multiple companies with combined revenue of $3bn, and databases worth over $10m each. Also included are various domains, social media accounts and Telegram channels, as well as access to affiliate groups.

A post on the group’s dark web blog said to be from an admin reads: “I do not want to continue running the project due to personal reasons, none will be disclosed to journalist, dont [sic] even ask.

“We are selling everything. I do not want to continue being monitored by federal agencies and I would wish to sell the project to someone who will want to continue it.”

Ransomware gangs are known for rebranding or laying low for a time when they come under scrutiny from police, so it is possible that the hackers behind RansomedVC are preparing to re-emerge under a new identity, possibly with new malware.

Sony among RansomedVC’s victims?

Ransomedvc was initially spotted by cybersecurity researchers in August. On its blog, the gang claims to be the “leading company in digital peace tax”, because it has tried to use Europe’s GDPR data laws to its advantage.

Content from our partners
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business
When it comes to AI, remember not every problem is a nail

It has been reported that the gang will contact victims encouraging them to pay up for their data, or face being reported to the authorities for a GDPR breach. Fines for businesses that are found to be in contravention of GDPR can be sizeable.

Among the group’s known victims is Sony, which was apparently infiltrated in September. RansomedVC posted information, including a PowerPoint presentation from Sony’s quality assurance division, internal screenshots displaying what could be a Sony workstation, and some Java files. But it later complained the company was refusing to pay the ransom and threatened to release data on 28 September, though evidence of such a data dump has not been forthcoming. Sony did not comment on the breach.

Earlier this month it claimed to have breached Colonial Pipeline, the US company that was the victim of a massive cyberattack in 2021. However, the business denied an attack had taken place.

Read more: 1Password suffers cybersecurity incident after Okta breach

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.