STORMOUS Ransomware Has Breached A Lebanese Target
The STORMOUS group announced that they’ve breached the Lebanese Organization for Studies and Training. It is unclear from the original post if this was a DDoS attack or a ransomware one.
- The Lebanese organization didn’t comment on the attack
- STORMOUS is a controversial ransomware actor with unverified goals and confusing statements
- The group advertises itself as a politically and ideologically driven one, but also operates as a ransomware actor
- While STORMOUS has been active since early 2022, its actual goals and intentions are still a mystery
STORMOUS attacks vary in type, severity, and magnitude, as it appears that the group doesn’t have a well-defined profile. STORMOUS mostly advertises itself as a pro-Russian group with political motivations.
The organization appears to be especially invested in the Ruso-Ukrainian war, but it is unclear to what extent. It’s important to note that STORMOUS hackers don’t always attack anti-Russian countries or corporations.
This has led many to believe that STORMOUS simply tries to cash in from the ongoing war by associating its name with a global event. Another theory is that STORMOUS is a scam altogether.
The scam theory is supported by several intriguing points, one of them being the unconfirmed ransomware attacks. STORMOUS has announced several ransomware operations against medium and high-value targets, but few-to-not have been confirmed.
One such case was the massive Epic Games ransomware operations, during which STORMOUS managed to steal 200 GB worth of data. That includes the personal information of 33 million players, along with a considerable amount of company-related stats.
Or, at least, that’s what they claimed because this incident hasn’t been confirmed so far. Despite STORMOUS announcing that they will be leaking some of the data they’ve managed to steal, they’ve failed to do so.
Our Mission
We believe security online security matters and its our mission to make it a safer place.
What Is the Deal With STORMOUS?
The question that comes to mind would be: why would STORMOUS roleplay? The main theory is that STORMOUS isn’t an actual cybercriminal organization but a puppet one.
STORMOUS simply takes responsibility for either successful or failed ransomware or DDoS attacks to cover the tracks of the real perpetrators. This means that real cybercriminal organizations use STORMOUS as a cover-up to mislead law enforcement agencies.
There’s also the theory that STORMOUS acts as a relay, connecting wannabe hackers to various organizations that seek to hire them. This idea is supported by the “Job Application” section on their main page.
Whatever the case may be, STORMOUS is undoubtedly a threat. Its ransomware operations haven’t been confirmed so far, but the organization is most definitely involved in illegal operations.
Experts warn that the group may be more nefarious than it seems, as many paint it as a scam. If you believe you qualify as a potential target, you should take the necessary precautions today.
It’s never to late to upgrade your cybersecurity and there’s no better way to do that than to rely on actual experts. Ransomware attacks have increased in intensity over the past year, as cybercriminal actors have become increasingly more fearless and prolific.