Krebs - A Closer Look at the Snatch Data Ransom Group
Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. Today, we’ll take a closer look at the history of Snatch, its alleged founder, and their claims that everyone has confused them with a different, older ransomware group by the same name. According to a September 20, 2023 joint advisory from the FBI and the U.S. Cybersecurity and Infrastructure Security Administratio n (CISA), Snatch was originally named Team Truniger , based on the nickname of the group’s founder and organizer — Truniger. The FBI/CISA report says Truniger previously operated as an affiliate of GandCrab , an early ransomware-as-a-service offering that closed up shop after several years and claims to have extorted more than $2 billion from victims . GandCrab dissolved in July 2019, and is thought to have become “ REvil ,” one of the most ruthless and rapacious Russian ransomware groups of all...