“TommyLeaks” and “SchoolBoys” ransomware gangs are the same, researchers say

Share post:

Security experts said two new extortion gangs called “TommyLeaks” and “SchoolBoys” are the same ransomware gang.

TommyLeaks ransomware gang was uncovered by security researcher MalwareHunterTeam in September, while SchoolBoys ransomware gang was uncovered in October by the same researcher.

On why the two ransomware gangs are believed to be the same, the two groups used the same Tor chat system for their negotiation sites. The same chat system was previously only used by the Karakurt extortion group.

Also, in a SchoolBoys negotiation chat shared with BleepingComputer, the threat actors greeted their victim as “TommyLeaks” in their attempts to coerce a ransom payment.

It remains unclear why they use two different names in their operation although the researchers believe they may be trying a similar approach used by Conti and Karakurt.

TommyLeaks claims to break into corporate networks, steal data and demand ransoms between $400,000 and $700,000. SchoolBoys claims to steal data and encrypt victims’ devices as part of their attacks. Investigation also showed that SchoolBoys ransomware encryptor was created using the leaked LockBit 3.0 builder.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

Casting a Hex and Deceptive Delight: Jailbreaking Techniques Targeting AI Models

OpenAI's GPT-4o language model can be tricked into generating exploit code by encoding malicious instructions in hexadecimal, according...

CRA Admits to Massive Underreporting of Cyberattacks

The Canada Revenue Agency (CRA) has acknowledged that tens of thousands of taxpayer accounts were hacked between March...

Apple Launches $1 Million Bug Bounty for Hacking Apple Intelligence Servers

Apple has announced a new bug bounty program offering up to $1 million to individuals who can successfully...

Over 6,000 WordPress Sites Hacked to Install Plugins Pushing Infostealers

More than 6,000 WordPress websites have been hacked to install malicious plugins that push information-stealing malware, according to...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways