SuspectFile.com has uncovered a complex web of overlapping claims and accusations within the cybercrime underworld, highlighting a case involving the ransomware groups HellCat, Rey, and grep, along with the controversial group Babuk2.
The investigation delves into two significant cyberattacks: one against the telecommunications company “Orange” and another on “HighWire Press.”
The cyberattack on Orange was publicly attributed to Rey, a known figure in the underground scene.
However, this claim was disputed by members of the HellCat group, which also claimed responsibility for the attack.
Conversely, the HighWire Press incident was initially disclosed by grep on BreachForums.
Subsequent claims were made by Babuk2, who published a portion of the breached database, raising suspicions of data re-selling or unauthorized access.
In an exclusive interaction with HellCat via the encrypted Tox platform, the ransomware collective provided some clarity.
HellCat confirmed that both Rey and grep are indeed their operators, directly refuting any notion of independent actions.
They detailed that while grep initially claimed responsibility for the HighWire Press breach, further systems were compromised, leading to an expanded data leak.
HellCat categorically denied any transactions with Babuk2, asserting that the full database was shared only with cybersecurity researcher Troy Hunt for ethical purposes, not for resale.
This case epitomizes the increasing complexity in attributing cyberattacks due to overlapping claims, misattributions, and the manipulation of information by cybercriminal entities.
It underscores the challenge for cybersecurity professionals and law enforcement in navigating these murky waters, where reputation management becomes as crucial as the technical prowess of these groups.
Notably, while HellCat was forthcoming about affiliations and claims, the group maintained strict secrecy regarding their operational tactics.
Attempts to extract information about their intrusion methods, data exfiltration techniques, or tools used for obfuscation were met with silence.
This reticence highlights the continuous tension between projecting strength and maintaining anonymity, a balance essential for these groups to operate effectively.
The interactions reveal insights into the dynamics of cybercrime operations.
HellCat’s operation structure appears more centralized than assumed, with affiliates like Rey and grep acting under internal coordination.
Their engagement with cybersecurity communities, like their communication with Troy Hunt, suggests a nuanced approach to managing their public image and possibly deflecting attention from more covert activities.
In an evolving digital landscape fraught with confusion and misinformation, the investigation by SuspectFile.com not only clarifies the disputes among these cybercrime actors but also underscores the need for vigilance in attributing cyber incidents accurately.
This case exemplifies the strategic use of public claims not just for financial gain but also for control over narrative, reputation, and visibility in the digital extortion economy.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
Cybercriminals are increasingly exploiting search engine optimization (SEO) techniques and paid advertisements to manipulate search…
Cybersecurity experts have unearthed an intricate cyber campaign that leverages deceptive websites posing as the…
Hackers are exploiting what's known as "Dangling DNS" records to take over corporate subdomains, posing…
Security researchers and cybersecurity experts have recently uncovered new variants of the notorious HelloKitty ransomware,…
The RansomHub ransomware group has emerged as a significant danger, targeting a wide array of…
Threat actors are increasingly using email bombing to bypass security protocols and facilitate further malicious…