{"id":37682,"date":"2020-10-15T19:17:47","date_gmt":"2020-10-15T19:17:47","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31670\/Cybercrime-Increasingly-Converging-Towards-Ransomware-Cartel-Models.html"},"modified":"2020-10-15T19:17:47","modified_gmt":"2020-10-15T19:17:47","slug":"cybercrime-increasingly-converging-towards-ransomware-cartel-models","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/","title":{"rendered":"Cybercrime Increasingly Converging Towards Ransomware, Cartel Models"},"content":{"rendered":"<div class=\"wysiwyg\">\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/www.scmagazine.com\/wp-content\/uploads\/sites\/2\/2020\/10\/GettyImages-1027812886-1-scaled-e1602725145430-1024x614.jpg\" alt class=\"wp-image-107876\" srcset=\"https:\/\/www.scmagazine.com\/wp-content\/uploads\/sites\/2\/2020\/10\/GettyImages-1027812886-1-scaled-e1602725145430-1024x614.jpg 1024w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/sites\/2\/2020\/10\/GettyImages-1027812886-1-scaled-e1602725145430-300x180.jpg 300w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/sites\/2\/2020\/10\/GettyImages-1027812886-1-scaled-e1602725145430-768x461.jpg 768w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/sites\/2\/2020\/10\/GettyImages-1027812886-1-scaled-e1602725145430-1536x922.jpg 1536w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/sites\/2\/2020\/10\/GettyImages-1027812886-1-scaled-e1602725145430-2048x1229.jpg 2048w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/sites\/2\/2020\/10\/GettyImages-1027812886-1-scaled-e1602725145430-860x516.jpg 860w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/sites\/2\/2020\/10\/GettyImages-1027812886-1-scaled-e1602725145430-156x94.jpg 156w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/sites\/2\/2020\/10\/GettyImages-1027812886-1-scaled-e1602725145430-312x187.jpg 312w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/sites\/2\/2020\/10\/GettyImages-1027812886-1-scaled-e1602725145430-640x384.jpg 640w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/sites\/2\/2020\/10\/GettyImages-1027812886-1-scaled-e1602725145430-1280x768.jpg 1280w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/sites\/2\/2020\/10\/GettyImages-1027812886-1-scaled-e1602725145430-1720x1032.jpg 1720w\" sizes=\"(max-width: 1024px) 100vw, 1024px\"><figcaption>New research finds that cybercriminal groups are increasingly gravitating towards ransomware. Here, a North Korean national is identified in a complaint announced by First Assistant U.S. Attorney Tracy Wilkison in a range of cyberattacks on September 6, 2018 in Los Angeles, California. The complaint includes the cyberattack against Sony Pictures in 2014, and the WannaCry 2.0 ransomware attack. (Photo by Mario Tama\/Getty Images)<\/figcaption><\/figure>\n<p>Cybercriminal groups are increasingly gravitating towards ransomware, while evolving more and more towards a cooperative cartel model, according to new research from threat intelligence firms.<\/p>\n<p>In a new <a href=\"https:\/\/www.fireeye.com\/blog\/threat-research\/2020\/10\/fin11-email-campaigns-precursor-for-ransomware-data-theft.html\">report<\/a> released today, Mandiant spotlights the evolution of FIN11 \u2013 a financially motivated hacking group \u2013 from specializing in high-tempo, high-volume malicious email campaigns to a laser-like focus on ransomware and extortion.<\/p>\n<p>The shift is \u201cemblematic\u201d of the way established groups have pivoted their operations to the lucrative ransomware industry as companies continue to pay an increasingly high price to have their systems and data unlocked.<\/p>\n<p>They\u2019ve also transformed their operations in the last two years, changing their tactics, techniques and procedures and greatly expanding their targeting pool of victims. Whereas the group mainly hit businesses in the financial, retail and restaurant sectors in 2017 and 2018, Mandiant researchers have observed far more indiscriminate targeting in the past two years across a wide range of industries and regions. Along the way, FIN11 has made a number of subtle changes to their techniques, likely in an effort to avoid the latest threat detection regimes.<\/p>\n<p>More recently in 2020 they were seen targeting pharmaceutical companies in phishing campaigns, a common occurrence in the post-COVID-19 environment. Here again, they believe these new strategies and focus can be traced back to the group\u2019s larger shift toward ransomware as their primary revenue generator.<\/p>\n<p>Kimberly Goody, senior manager of analysis at Mandiant Threat Intelligence, told SC Media that groups like FIN11 are \u201cregularly&nbsp;learning&nbsp;of organizations&nbsp;paying\u201d&nbsp;ransoms, and altering their operations and business models to take advantage. FIN11\u2019s shift is reflective of the broader trend of big game hunter threat groups reshaping their operations toward ransomware.<\/p>\n<p>Attackers in the ransomware space&nbsp;\u201care constantly&nbsp;capitalizing on the success of those&nbsp;who&nbsp;have&nbsp;tested the waters before them by incorporating tactics&nbsp;that have&nbsp;proven to be effective,\u201d Goody said.<\/p>\n<p>As the group gravitated towards this new business model, Mandiant noticed a number of common tactics and behaviors. FIN11 typically relies on proprietary malware strains like FlawedAmmyy or MIXLABEL to gain an initial foothold, before shifting to commodity malware or open source tools to install multiple backdoors in a victim\u2019s network. More recently, they have begun using CLOP ransomware to encrypt networks and demand payment.<\/p>\n<p>Because of their successful background in email compromise, they often have success re-infecting a victim\u2019s network after they\u2019re identified and kicked out. For example, after one ransomware victim was able to restore their systems and services through backups, the group was able to re-infect their network again months later.<\/p>\n<p>Their ransom demands range from hundreds of thousands of dollars to up to $10 million.<\/p>\n<p>\u201cNotably, these extortion demands have seemingly increased since late 2019, which is likely a result of public reporting on companies\u2019 willingness to pay large ransoms as well as the introduction of hybrid extortion,\u201d Mandiant notes.<\/p>\n<p><strong>Organized (cyber) crime<\/strong><\/p>\n<p>The world of organized cyber crime is scary enough to contemplate. The notion that major threat groups could be steadily evolving towards a cartel model of business is even more alarming.<\/p>\n<p>This dynamic is already prevalent among collectives like Maze, a business partnership between multiple ransomware groups who share tools and profits from successful heists. In a new Thales <a href=\"https:\/\/thalesgroup-myfeed.com\/WPTHALESCyberThreatHandbook2020EN\">report<\/a>, the authors argue that major cybercrime in general is moving inescapably toward an organized model, converging their operations and working together, even as they maintain their own independence.<\/p>\n<p>For example, one group might design their malware in a way that consciously compliments a tool created by another outfit, or connect in a larger kill chain that mutually increases the attack surface for all or most parties. While each have their distinct operations and styles, they are also hyper aware of how their work interacts with each other and align their operations to maximize profit.<\/p>\n<p>Even as financially motivated hacking groups have their own distinct goals and operations, there is often overlap and sharing of tools, techniques and procedures with other groups that can muddy the analytical waters. According to Mandiant, these groups \u201ccan purchase a wide range of services and tools in underground communities \u2014 including private or semi- private malware capabilities, bulletproof hosting providers, various DNS-related services (including registration and fast-flux or dynamic DNS offerings) and code signing certificates \u2014 from actors who specialize in a single phase of the attack lifecycle.\u201d<\/p>\n<p>For example, parts of FIN11 activities share \u201cnotable\u201d commonalities with another group, dubbed TA505, that specializes in ransomware and was recently <a href=\"https:\/\/www.oodaloop.com\/cyber\/2020\/10\/12\/critical-zerologon-flaw-exploited-in-ta505-attacks\/\">observed<\/a> exploiting newly disclosed vulnerabilities like Zerologon. According to Thales, TA505 is also \u201cclosely linked\u201d with another financial cybercrime group \u2013 FIN6 \u2013 and shares some proprietary malware. However, Mandiant and Thales each stress that they track TA505 activities as separate and distinct from FIN11 and FIN6 and warn against conflating them.<\/p>\n<p>Jeremy Kennelly, a manager of analysis at Mandiant Threat Intelligence, told SC Media that different groups sharing common TTPs \u201ccan suggest many different types of collaboration or association.\u201d<\/p>\n<p>\u201cAt one extreme it could imply that groups share one or more members, or could mean as little as suggesting that two groups individually adopted the same open-source project, or incorporated the same snippet of code from a public blog into one of their tools,\u201d said Kennelly in an email. \u201cBeyond the use of publicly available tools, we have found that the most common way in which distinct threat groups will overlap is via the use of a criminal service provider \u2013 one that supplies infrastructure, malware, certificates or some other facet of a criminal campaign.\u201d<\/p>\n<p>Kennelly also said being able to attribute activities back to certain threat actors could provide insight into what they may do next or buttress threat detection rules. A threat group known to focus on payment card theft, may spend weeks or months gaining an initial foothold into a victim network, whereas one who deploys ransomware strains like Ryuk may only linger for a day or two before encrypting a network.&nbsp;<\/p>\n<\/p><\/div>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/31670\/Cybercrime-Increasingly-Converging-Towards-Ransomware-Cartel-Models.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":37683,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[8984],"class_list":["post-37682","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinemalwarefraudterrorcryptographycybercirme"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Cybercrime Increasingly Converging Towards Ransomware, Cartel Models 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cybercrime Increasingly Converging Towards Ransomware, Cartel Models 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-10-15T19:17:47+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/10\/cybercrime-increasingly-converging-towards-ransomware-cartel-models.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"614\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Cybercrime Increasingly Converging Towards Ransomware, Cartel Models\",\"datePublished\":\"2020-10-15T19:17:47+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\\\/\"},\"wordCount\":1064,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/10\\\/cybercrime-increasingly-converging-towards-ransomware-cartel-models.jpg\",\"keywords\":[\"headline,malware,fraud,terror,cryptography,cybercirme\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\\\/\",\"name\":\"Cybercrime Increasingly Converging Towards Ransomware, Cartel Models 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/10\\\/cybercrime-increasingly-converging-towards-ransomware-cartel-models.jpg\",\"datePublished\":\"2020-10-15T19:17:47+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/10\\\/cybercrime-increasingly-converging-towards-ransomware-cartel-models.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/10\\\/cybercrime-increasingly-converging-towards-ransomware-cartel-models.jpg\",\"width\":1024,\"height\":614},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,malware,fraud,terror,cryptography,cybercirme\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinemalwarefraudterrorcryptographycybercirme\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Cybercrime Increasingly Converging Towards Ransomware, Cartel Models\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cybercrime Increasingly Converging Towards Ransomware, Cartel Models 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/","og_locale":"en_US","og_type":"article","og_title":"Cybercrime Increasingly Converging Towards Ransomware, Cartel Models 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-10-15T19:17:47+00:00","og_image":[{"width":1024,"height":614,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/10\/cybercrime-increasingly-converging-towards-ransomware-cartel-models.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Cybercrime Increasingly Converging Towards Ransomware, Cartel Models","datePublished":"2020-10-15T19:17:47+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/"},"wordCount":1064,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/10\/cybercrime-increasingly-converging-towards-ransomware-cartel-models.jpg","keywords":["headline,malware,fraud,terror,cryptography,cybercirme"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/","url":"https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/","name":"Cybercrime Increasingly Converging Towards Ransomware, Cartel Models 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/10\/cybercrime-increasingly-converging-towards-ransomware-cartel-models.jpg","datePublished":"2020-10-15T19:17:47+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/10\/cybercrime-increasingly-converging-towards-ransomware-cartel-models.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/10\/cybercrime-increasingly-converging-towards-ransomware-cartel-models.jpg","width":1024,"height":614},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/cybercrime-increasingly-converging-towards-ransomware-cartel-models\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,malware,fraud,terror,cryptography,cybercirme","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinemalwarefraudterrorcryptographycybercirme\/"},{"@type":"ListItem","position":3,"name":"Cybercrime Increasingly Converging Towards Ransomware, Cartel Models"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/37682","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=37682"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/37682\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/37683"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=37682"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=37682"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=37682"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}