Over the past month a new ransomware group, named Black Basta, has emerged and has quickly gained popularity. As 29 victims have already been added to Black Basta’s victim list, the group is drawing the attention of security researchers and hunters in the cybersecurity community worldwide. In the era of post-ContiLeaks ransomware groups are looking to utilize and base their product on the fairly successful Conti code.

As new ransomware groups emerge by the day, most of them operate the same business model and same techniques. And as we all know, one of the main techniques of ransomware groups is to encrypt valuable assets belonging to the victim. Over the past weeks, a new and slightly odd ransomware group has emerged named RansomHouse. At glance, it looks like any other ransomware group, but claims to be something other than what we are used to seeing.

In recent weeks, Cyberint has been monitoring a new marketplace that appeared in the TOR network, an insiders network called Industrial Spy. This new platform was established in around mid-March this year and is currently being promoted on known Darknet forums and Telegram channels. The platform’s main goal is to become the ultimate repository containing victims’ data, which is mainly gathered by threat actors and insiders.