{"id":57444,"date":"2024-10-18T14:06:24","date_gmt":"2024-10-18T14:06:24","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/36489\/Cicada3301-Ransomware-Affiliate-Program-Infiltrated-By-Security-Researchers.html"},"modified":"2024-10-18T14:06:24","modified_gmt":"2024-10-18T14:06:24","slug":"cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/","title":{"rendered":"Cicada3301 Ransomware Affiliate Program Infiltrated By Security Researchers"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.cyberriskalliance.com\/wp-content\/uploads\/2024\/10\/AdobeStock_39059952.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>The Cicada3301 ransomware-as-a-service (RaaS) group had its affiliate program infiltrated by Group-IB researchers, who published new details about the gang\u2019s affiliate panel and ransomware strains in a report published Thursday.<\/p>\n<p>Cicada3301 first began recruiting affiliates in late June 2024, and has since claimed at least 30 victims, mostly in the United States and United Kingdom. The group <a href=\"https:\/\/www.scworld.com\/news\/cicada3301-ransomware-how-similar-is-it-to-alphv-blackcat\" target=\"_blank\" rel=\"noreferrer noopener\">gained attention in September<\/a> due to analyses that found several similarities between Cicada3301\u2019s ransomware and that of <a href=\"https:\/\/www.scworld.com\/news\/new-blackcat-ransomware-analysis-published-as-leak-site-goes-dark\" target=\"_blank\" rel=\"noreferrer noopener\">the defunct ALPHV\/BlackCat ransomware gang. &nbsp;<\/a><\/p>\n<p>While it is still unclear if Cicada3301 is an ALPHV\/BlackCat rebrand or if the group purchased ALPHV\/BlackCat\u2019s source code when it was put up for sale earlier this year, Group-IB\u2019s report also mentions \u201cvery strong similarities\u201d with key differences including much fewer command line options, differences in access key use, no embedded configuration and slight differences in ransom note naming convention.<\/p>\n<p>The report also provided a detailed overview of the features available to Cicada3301 affiliates via the affiliate panel, including the ability to easily manage victim companies and customize attacks for each victim.<\/p>\n<h2>Cicada3301\u2019s affiliate panel uncovered<\/h2>\n<p>The web interface of the Cicada3301 affiliate panel is accessible only via Tor, and the main affiliate dashboard displays an overview of successful and failed login attempts, fingerprint details and a chart of companies the affiliate has targeted, Group-IB revealed. The dashboard sidebar gives access to other sections including News, Companies, Chat Companies and Chat Support.<\/p>\n<p>The News section includes release notes for the Cicada3301 ransomware and other updates about the group and its affiliate program, showing a large number of bug fixes and feature optimizations on June 13, 2024, a new file server for affiliates to upload exfiltrated data on June 15, 2024, and the introduction of a call center on June 18, 2024.<\/p>\n<p>The Companies section is where affiliates can begin planning, documenting and organizing their attacks against victim companies, with the \u201cCreate company\u201d function allowing the affiliate to add the victim\u2019s name, ransom demand price, discount price and discount expiration time before further organizing their attack with custom ransomware samples and ransomware notes.<\/p>\n<p>Affiliates can configure the ransomware used in each attack to change the encryption type between \u201cfast,\u201d \u201cfull\u201d and \u201cauto\u201d encryption methods, the type of victim landing page to create (encryption and data leak, or data leak only), specific virtual machine exclusions and Windows credentials used for impersonation and access.<\/p>\n<p>The Chat Companies section opens up an interface to chat with victims to negotiate ransom payments and Chat Support opens up a separate interface for chatting with Cicada3301 representatives for support issues. Affiliates can also use this interface to request to contact victims via phone call through the aforementioned call center service.<\/p>\n<p>The dashboard also includes an Account section for affiliates to reset the password they use to access their affiliate panel as well as an FAQ with more information about the Cicada3301 ransomware and affiliate program.<\/p>\n<p>The ransomware is <a href=\"https:\/\/www.scworld.com\/brief\/new-consortium-seeks-to-bolster-rust-use-in-safety-critical-systems\" target=\"_blank\" rel=\"noreferrer noopener\">written in Rust<\/a>, uses ChaCha20 and RSA for encryption and is available for Windows starting from Windows 7, Linux, ESXi, NAS and PowerPC systems. The PowerPC version is unique, as PowerPC is an older computer infrastructure that is rarely used in modern systems, other than older Mac computers and other specific legacy systems, Group-IB noted.<\/p>\n<p>The Cicada3301 uses a thread pool of 50 threads to efficiently encrypt numerous files in parallel, and performs several actions to evade detection and inhibit recovery, such as disabling security processes and virtual machines, and deleting shadow copies and backups. &nbsp;<\/p>\n<p>Group-IB\u2019s investigation found that the commission rate for affiliates is 20% of the ransom payment amount and that Cicada3301 prohibits attacking countries in the Commonwealth of Independent States (CIS), which includes Russia, Belarus, Moldova, Armenia, Azerbaijan, Kazakhstan, Kyrgyzstan, Tajikistan and Uzbekistan. Cicada3301 appears to use both Russian and English in its communications, with the News section of the dashboard being entirely in Russian.<\/p>\n<p>\u201cThe emergence of Cicada3301 underscores the evolving threats organizations face from ransomware groups that are increasingly professional, resourceful, and bold. It highlights the urgent need for organizations to bolster their cybersecurity measures, engage in proactive threat intelligence, and adopt a multi-layered defense strategy to protect against such advanced adversaries,\u201d Group-IB concluded. &nbsp;<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/36489\/Cicada3301-Ransomware-Affiliate-Program-Infiltrated-By-Security-Researchers.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":57445,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[9388],"class_list":["post-57444","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackermalwarecybercrimedata-lossfraudcryptography"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Cicada3301 Ransomware Affiliate Program Infiltrated By Security Researchers 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cicada3301 Ransomware Affiliate Program Infiltrated By Security Researchers 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-10-18T14:06:24+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.cyberriskalliance.com\/wp-content\/uploads\/2024\/10\/AdobeStock_39059952.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Cicada3301 Ransomware Affiliate Program Infiltrated By Security Researchers\",\"datePublished\":\"2024-10-18T14:06:24+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\\\/\"},\"wordCount\":703,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers.jpg\",\"keywords\":[\"headline,hacker,malware,cybercrime,data loss,fraud,cryptography\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\\\/\",\"name\":\"Cicada3301 Ransomware Affiliate Program Infiltrated By Security Researchers 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers.jpg\",\"datePublished\":\"2024-10-18T14:06:24+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers.jpg\",\"width\":800,\"height\":459},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,malware,cybercrime,data loss,fraud,cryptography\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackermalwarecybercrimedata-lossfraudcryptography\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Cicada3301 Ransomware Affiliate Program Infiltrated By Security Researchers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cicada3301 Ransomware Affiliate Program Infiltrated By Security Researchers 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/","og_locale":"en_US","og_type":"article","og_title":"Cicada3301 Ransomware Affiliate Program Infiltrated By Security Researchers 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-10-18T14:06:24+00:00","og_image":[{"url":"https:\/\/files.cyberriskalliance.com\/wp-content\/uploads\/2024\/10\/AdobeStock_39059952.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Cicada3301 Ransomware Affiliate Program Infiltrated By Security Researchers","datePublished":"2024-10-18T14:06:24+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/"},"wordCount":703,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/10\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers.jpg","keywords":["headline,hacker,malware,cybercrime,data loss,fraud,cryptography"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/","url":"https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/","name":"Cicada3301 Ransomware Affiliate Program Infiltrated By Security Researchers 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/10\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers.jpg","datePublished":"2024-10-18T14:06:24+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/10\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/10\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers.jpg","width":800,"height":459},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/cicada3301-ransomware-affiliate-program-infiltrated-by-security-researchers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,malware,cybercrime,data loss,fraud,cryptography","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermalwarecybercrimedata-lossfraudcryptography\/"},{"@type":"ListItem","position":3,"name":"Cicada3301 Ransomware Affiliate Program Infiltrated By Security Researchers"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/57444","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=57444"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/57444\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/57445"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=57444"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=57444"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=57444"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}