ARES emerges major player in cybercrime

Share post:

A cybercrime threat group called ARES has been gaining notoriety in recent months for selling and leaking databases stolen from corporations and public authorities. The group emerged on the Telegram messaging app in late 2021 and has since been associated with the RansomHouse ransomware operation, the data leak platform KelvinSecurity, and the network access group Adrastea.

According to a report by cybersecurity firm Cyfirma, ARES displays cartel-like behavior and actively seeks affiliations with other threat actors. The group manages its own site, ARES Leaks, which offers access to data leaks from 65 countries, including the United States, France, Spain, Australia, and Italy. The website hosts leaks with all types of information, from phone numbers, email addresses, customer details, B2B, SSN, and company databases, to forex data, government leaks, and passports.

The group accepts cryptocurrency payments from members who want to access the offered data or to purchase one of the available services, which span vulnerability exploitation, pen-testing, malware development, and distributed denial of service (DDoS) attacks. Cyfirma notes that the activity on ARES Leaks increased after the shutdown of the now-defunct Breached forum.

In addition to ARES Leaks, the group also operates private and VIP channels, presumably selling more valuable data leaks from high-profile organizations. Cyfirma reports that ARES has recently initiated efforts to acquire military access and databases, actively promoting its interest through advertisements on cybercrime platforms.

The group also launched a new project called LeakBase in early 2023, which offers free databases, a market space for selling leaks, leads, exploits, and services, and an escrow payments system to inspire trust. The forum also hosts spaces for programming, hacking tips, tutorials, social engineering, penetration, cryptography, anonymity, and opsec guides and discussions.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

Hackers Plant False Memories in ChatGPT to Steal User Data

A security researcher has uncovered a vulnerability in ChatGPT that could allow hackers to store false information and...

“Octo2” Trojan Targets Bank Accounts by Posing as VPN or Chrome Apps on Android

A new malware variant called “Octo2” is spreading across Android devices by posing as popular apps like NordVPN...

Evilginx – Open source tool can bypass Multi-Factor Authentication (MFA)

Security vendor Abnormal Security is reporting a new cybersecurity tool that is gaining traction among cybercriminals. The tool,...

Kaspersky’s exit from US market frightens some customers

Kaspersky, the Russian cybersecurity firm, has unexpectedly removed its antivirus software from U.S. customers' computers, replacing it with...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways