A misconfigured server hosted on a Russian bulletproof hosting provider has exposed the complete operational toolkit of a TheGentlemen ransomware affiliate, including harvested victim credentials and plaintext authentication tokens used to establish hidden remote access tunnels. TheGentlemen ransomware group operates as a Ransomware-as-a-Service, or RaaS, operation where affiliates carry out attacks using shared tools and
The post Exposed Server Reveals TheGentlemen Ransomware Toolkit, Victim Credentials, and Ngrok Tokens appeared first on Cyber Security News. Read More
Posted inNews