Researchers have discovered the infrastructure linked to a threat group called ShadowSyndicate, believed to have launched attacks using seven distinct ransomware families in the last year. Active since June 2022 or earlier, connections between this group and the developers of Cl0p, Play, Royal, and Cactus ransomware have been highlighted in a study by Group-IB and […]
Cybersecurity experts have shed light on a new cybercrime group known as ShadowSyndicate (formerly Infra Storm) that may have leveraged as many as seven different ransomware families over the past year. “ShadowSyndicate is a threat actor that works with various ransomware groups and affiliates of ransomware programs,” Group-IB and Bridewell said in a new joint […]
ShadowSyndicate is believed to be an initial access broker (IAB) or an affiliate working with multiple ransomware operations, including Quantum, Nokoyawa, BlackCat/ALPHV, Clop, Royal, Cactus, and Play, based on evidence found by researchers.