Vice society is a little-known double extortion group that recently joined the cybercrime ecosystem. Since then, it showed a steady activity, encrypting and exfiltrating its victim’s data and threatening their victims to leak their information to pressure them into paying a ransom.
Unlike other RaaS (Ransomware-as-a-Service) double extortion groups, Vice society focuses on getting into the victim system to deploy ransomware binaries sold on Dark web forums. This is likely a way for this group to save resources in developing its own ransomware.
To conduct its operations, Vice society uses Zeppelin and HelloKitty ransomware.
Our Threat Detection and Research team has written an article in which they perform a technical analysis of the Vice society ransomware group. You will find IoCs and Yara rule to detect it.
You can also consult other content present in our glossary: Calisto, Roaming Mantis, Turla, LuckyMouse APT27, Nobelium APT29, APT31, Advanced Persistent Threat, Cyber Threat Intelligence, XDR, SOAR, SIEM, SOC, EDR, CERT, STIX, IoC, Data Loss Prevention.
We are a cybersecurity software publisher. We provide SOC and MSSP teams with a turnkey operational security platform (SOC platform). Through our XDR platform, CTI tool and threat intelligence platform, we enable our users to neutralize cyber threats, regardless of the attack surface.