Germany has deprived the extortionists of their voice and found unusual similarities with other hackers.
German law enforcement agencies have taken down the website of the Vanir Locker ransomware group.
The site appeared in July, when attackers published the data of three victims, including one German company. The investigation began back in June, and in August 2024, it was possible to identify the server used to host the site on the Tor network. On the website, the group threatened to publish data received from the affected companies.
Now the site is blocked and redirects to a stub page, which prevents further publication of the stolen information. However, information about possible arrests has not been disclosed. Officials clarified that the identification of the criminals continues.
Researchers believe that Vanir Locker may have a connection to another well-known Akira group, as indicated by stylistic similarities between the leak sites. According to HackManac, which tracks dark web activity, Vanir Locker is an Eastern European group made up of former members Karakurt, LockBit, and Knight.
Recall that German law enforcement agencies have begun to actively use new methods to de-anonymize Tor users. Journalists found out that the German intelligence services use long-term monitoring of Tor servers to reveal the identities of users.
Source
German law enforcement agencies have taken down the website of the Vanir Locker ransomware group.
The site appeared in July, when attackers published the data of three victims, including one German company. The investigation began back in June, and in August 2024, it was possible to identify the server used to host the site on the Tor network. On the website, the group threatened to publish data received from the affected companies.
Now the site is blocked and redirects to a stub page, which prevents further publication of the stolen information. However, information about possible arrests has not been disclosed. Officials clarified that the identification of the criminals continues.
Researchers believe that Vanir Locker may have a connection to another well-known Akira group, as indicated by stylistic similarities between the leak sites. According to HackManac, which tracks dark web activity, Vanir Locker is an Eastern European group made up of former members Karakurt, LockBit, and Knight.
Recall that German law enforcement agencies have begun to actively use new methods to de-anonymize Tor users. Journalists found out that the German intelligence services use long-term monitoring of Tor servers to reveal the identities of users.
Source
