The Gentlemen ransomware now uses SystemBC for bot-powered attacks
Summary
A Gentlemen ransomware attack was found to be using a SystemBC proxy malware botnet, which consists of over 1,570 compromised corporate hosts. This botnet is leveraged by attackers to facilitate their malicious operations.
IFF Assessment
FOE
The discovery of a new botnet infrastructure used to amplify ransomware attacks represents an increased threat to organizations.
Defender Context
This development highlights the evolving tactics of ransomware groups, who are increasingly utilizing established botnet infrastructure to broaden their attack reach and enhance their operational efficiency. Defenders should be vigilant for signs of SystemBC infections within their networks and monitor for indicators of compromise associated with both SystemBC and Gentlemen ransomware.