The Ziggy ransomware administrator announced the end of the operation in early February of this year. Apparently, the threat actor had a guilty conscious and decided to publish all decryption keys for the ransomware. On March 19th, the administrator announced plans to return any money paid by victims of Ziggy ransomware. Although the administrator returned the ransoms, which are paid in bitcoin, it is likely they still make a profit due to the recent spike in bitcoin price. The Ziggy ransomware administrator told reporters that they lived in a third world country and the operation was financially motivated. The motivation to return the money and close the operation is likely driven by guilt, and the recent global law enforcement action against cyber threat actors.
Using Microsoft Sentinel to Detect Confluence CVE-2022-26134 Exploitation
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is