A menace group known as ARESĀ is gaining notoriety on the cybercrime scene by promoting and leaking databases stolen from firms and public authorities.
The actor emerged on Telegram in late 2021 and has been related to the RansomHouse ransomware operation and the info leak platform, KelvinSecurity, and the community entry groupĀ Adrastea.
ARES Group manages its personal website with database leaks and a discussion board, which can fill the void left by the now defunct Breached discussion board.
Cyfirma experiences that ARES shows a cartel-like habits, actively in search of affiliations with different menace actors.
ARES Leaks
ARES Leaks is a platform hosted on the common net that provides entry to knowledge leaks from 65 international locations, together with america, France, Spain, Australia, and Italy.
The web site hosts leaks with all sorts of data, from cellphone numbers, electronic mail addresses, buyer particulars, B2B, SSN, and firm databases, to foreign exchange knowledge, authorities leaks, and passports.
The group accepts cryptocurrency funds from members who need to entry the provided knowledge or to buy one of many accessible providers, which span vulnerability exploitation, pen-testing, malware growth, and distributed denial of serviceĀ (DDoS) assaults.
In keeping with Cyfirma, the exercise on ARES Leaks elevated on the heels of Breached shutting down.
On the finish of 2022, ARES sought to rent malware builders and professional pen-testers who may work in Syria, providing cost in cryptocurrency.
ARES additionally operates personal and VIP channels, presumably promoting extra useful knowledge leaks from high-profile organizations.
Cyfirma experiences that ARES has just lately initiated efforts to accumulate navy entry and databases, actively selling its curiosity via ads on cybercrime platforms.
LeakBase
LeakBaseĀ launched in early 2023 and it’s one other undertaking supported by the ARES menace group. Aggressive promotion and Breached hacker discussion board closing its doorways triggered many customers to enroll.
It’s hosted on the clear net and free for anybody to hitch, providing free databases, a market house for promoting leaks, leads, exploits, and providers, and an escrow funds system to encourage belief.
The discussion board additionally hosts areas for programming, hacking suggestions, tutorials, social engineering, penetration, cryptography, anonymity, and opsec guides and discussions.
LeakBase is a far cry from Breached presently, however its fame seems to be rising and it may quickly grow to be a major hub for data and providers for cybercriminals.
ARES appears to be a well-organized menace group that saved increasing operations and providers to cowl all main cybercrime pursuits.
Cyfirma believes that ARES sees the shutdown of Breached as a chance to speed up its development and to determine its place within the cybercrime market.