Snatch Ransomware Group's Vast Domain Network Exposed
Cybersecurity experts have uncovered a vast network of domains linked to the notorious Snatch ransomware group. Over 1,300 domains are registered to Mihail Kolesnikov, with half promoting escort services and the other half recently identified as phishing sites. The group's activities span from malware distribution to data leaks, with a significant presence on the darknet.
Investigations reveal that the Internet address 194.168.175.226 hosts both Snatch domains and those mimicking well-known brands for phishing purposes. Snatch is exploiting paid ads on Google.com to lure unsuspecting users into downloading malware disguised as popular free software. In August 2023, domains tied to Kolesnikov were used to spread the Rilide information stealer trojan.
The Moscow-based Internet address 80.66.64.15 has accessed the Snatch darknet site and hosts domains impersonating legitimate software companies. The group's darknet site exposes a 'server status' page, indicating frequent access from Russian Internet addresses. One active address, 193.108.114.41, hosts multiple Snatch domains and appears regularly on the server status page. Notably, the site is leaking data about its visitors' Internet addresses.
Snatch is not only distributing malware but also publishing stolen data on an open Internet website, with content mirrored on its darknet site. The group's victim shaming site is further exposing its true online location and internal operations.
The Snatch ransomware group's extensive network of domains, darknet presence, and data leak activities underscore the seriousness of the threat they pose. Cybersecurity experts urge users to be vigilant against phishing attempts and to keep their software up-to-date to protect against malware. Further investigation is needed to dismantle this sophisticated cybercrime operation.
Read also:
- India's Pragmatic Budget: Sitharaman Aims to Revitalise Growth, Alleviate Distress
- Eric Dane Diagnosed with ALS, Advocates for ACT for ALS
- Deepwater Horizon Oil Spill: BP Faces Record-Breaking Settlement - Dubbed 'Largest Environmental Fine Ever Imposed'
- Meta Unveils Ray-Ban AR Display Sunglasses; TikTok Agrees to $200 Million Deal
