Red Hot Cyber
Cybersecurity is about sharing.
Recognize the risk, combat it, share your experiences,
and encourage others to do better than you.
Pietro Melillo : 10 July 2024 15:47
A new ransomware group, calling themselves “Vanir Group,” has recently made its debut in the cybercrime landscape. This group has quickly garnered attention for the aggressiveness and professionalism of their operations, hitting three victims in a short time and making their actions public through a data leak site.
On their website, the Vanir Group has left an intimidating message for their targets, addressed to the CEOs or domain administrators of the affected companies. Here is part of the message:
“Hello, You must be the domain administrator or CEO, in other words, our latest victim. You reading this message means that the internal infrastructure of your company has been compromised, all your backups are deleted or encrypted. We have also stolen the majority of all important data held by your company. Going forward, it would be in your interest to cooperate with us, to prevent further disgrace.”
Vorresti toccare con mano la Cybersecurity e la tecnologia? Iscriviti GRATIS ai WorkShop Hands-On della RHC Conference 2025 (Giovedì 8 maggio 2025)
Se sei un ragazzo delle scuole medie, superiori o frequenti l'università, oppure se solamente un curioso, il giorno giovedì 8 maggio 2025 presso il teatro Italia di Roma (a due passi dalla stazione termini e dalla metro B di Piazza Bologna), si terranno i workshop "hands-on", creati per far avvicinare i ragazzi alla sicurezza informatica e alla tecnologia. Questo anno i workshop saranno:
Supporta RHC attraverso:
Ti piacciono gli articoli di Red Hot Cyber? Non aspettare oltre, iscriviti alla newsletter settimanale per non perdere nessun articolo.
The Vanir Group claims to have a deep understanding of the finances of the affected companies, suggesting that the ransom price has been carefully calculated. They threaten to sell or distribute the stolen data if their demands are not met:
“When you choose to disregard our kindness and report to law enforcement or data recovery experts to help you find a way to recover your lost data, you lose TIME and MONEY, and in the process, you also lose our patience.”
The Vanir Group’s website also includes an interactive terminal where commands like “help” for a list of available commands, “news” for information about the group and their victims, and “victims” for a list of all their victims can be entered.
In the terminal, the Vanir Group also invites potential affiliates to contact them, suggesting that they are looking for collaborators to expand their operations:
“To join us, message BlackEyedBastard on Tox for your examination.”
The Vanir Group represents a new and dangerous threat in the world of cybercrime. With their precise and ruthless operations, they have already hit three companies, warning both potential victims and law enforcement. It is essential that companies strengthen their cybersecurity defenses and adopt preventive measures to avoid becoming the next victims of this ransomware group.
Pietro Melillo