The Federal Bureau of Investigation (FBI) has successfully dismantled the globally active hacking group known as Radar, also known as Dispossessor. This operation involved coordinated efforts to take down servers located in the United States, the United Kingdom, and Germany, effectively crippling the group’s ability to carry out further cyberattacks. Since its emergence in August 2023, Radar/Dispossessor had quickly become a major hacking group. ransomware The threat affected 43 companies in various sectors, including healthcare, transportation, manufacturing, development, education, and financial services, among others. The victims were from several countries, including Argentina, Australia, Belgium, Brazil, Honduras, India, Canada, Croatia, Peru, Poland, the United Kingdom, the United Arab Emirates, and Germany.
Led by an individual operating under the pseudonym “Brain,” the group primarily targeted small and medium-sized businesses. Their methodologies bore a resemblance to the notorious LockBit group, which also provided ransomware-as-a-service (RaaS) and was taken down earlier this year. Radar/Dispossessor employed aggressive, multi-pronged tactics to coerce their victims. They initiated attacks by exploiting compromised systems, taking advantage of weak passwords, and leveraging the absence of two-factor authentication to gain initial access to targeted networks.
Once infiltrated, the group engaged in data exfiltration, stealing sensitive information before encrypting victims’ systems. This two-pronged approach not only disrupted the operational capabilities of the affected organizations, but also provided hackers with a tool for blackmail. If victims did not initiate contact after the attack, the group proactively reached out to other members of the victim organization via email or phone calls. These communications often contained links to video platforms where the stolen data was displayed, increasing the pressure to pay the ransom.
To further aggravate the situation, the group resorted to doxing, threatening to leak stolen data and hinting at the exposure of alleged illegal activities within the victim organizations. If the ransom demands were not met, the attackers would announce the attack on a page dedicated to the leak, and set a countdown until the publication of the victims’ data. This strategy intensified the urgency and psychological pressure on the victims to comply.
Disclaimer
The information contained in this post is for general information purposes only. We make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the post for any purpose.
We respect the intellectual property rights of content creators. If you are the owner of any material featured on our website and have concerns about its use, please contact us. We are committed to addressing any copyright issues promptly and will remove any material within 2 days of receiving a request from the rightful owner.