Stormous Ransomware Leaks IP Of Indian Companies Unearthed By Cloudsek

Stormous ransomware attacks have been discovered by CloudSEK's Threat Intelligence team, which are aimed against a variety of companies throughout the world. The threat group is driven by money, and their most recent wave of attacks has targeted Indian entities. Stormous ransomware is an Arabic organisation that works on Telegram and their Onion site, according to CloudSEK's earlier Stormous malware attribution analysis. 

Threat actors might now acquire unlawful access to personal, private, and intellectual property (IP) data thanks to the disclosed information.

The Stormous ransomware group is usually interested in the source code and confidential papers of their victims, according to CloudSEK analysts. The Stormous ransomware organisation has been actively targeting Indian entities from April 11, 2022.

How Stormus Group Selects Victims

The threat organisation polls its subscribers on a regular basis on their Telegram channel, speculating on who their next target should be. The gang has announced that First Floppy will be their next victim, according to the results of their most recent poll. First Floppy is a Delhi-based rental goods and services firm. They also claim to have hacked First Floppy's source code and data. The information has been made available on the operators' website.

Strormous Group’s Upcoming Targets

CloudSEK analysts revealed that the threat group is planning to attack five more firms at the time of writing this report, and has set up a poll for their subscribers to vote on who will be their next target. So far, 46 subscribers have taken part in this current poll.

The organisations that the Stormous group claims to have hacked have previously been targeted by other groups, according to CloudSEK researchers. As a result, the veracity of their allegations cannot be established. 

The Stormous ransomware group's Telegram channel has been labelled as a 'Scam,' and its Onion website is currently down.