A Tale of Two Ransomware-as-a-Service Threat Groups

• Learn about INC and Lynx, two highly successful RaaS groups that share similar tactics and procedures, including a potential connection through shared code.
• Discover how these criminal groups try to justify their actions, one claiming to be a security service and the other pretending to avoid sensitive targets like hospitals and governments.
• Understand the key distinctions between the two groups, from their primary targets and affiliate models to the specific techniques they use to breach networks.

Ransomware distributors are bad enough, but there should be a special place in the dark web’s basement that only offers ISDN connections and no Wi-Fi, reserved for those groups that insist their attack was a benign cybersecurity service or those who only attack entities that they say deserve to be struck. At least based on their logic.