some self hosted could work.(22 October, 2023 - 10:24 AM)Lc2016 Wrote: Show More
Indeed, if the entry point for deploying the ransomware was by e-mail, we might as well continue communicating via this channel, but in that case, which providers are used? And if the e-mail is deleted by the provider, we lose all contact with the victims.(22 October, 2023 - 10:16 AM)similitude Wrote: Show More
(22 October, 2023 - 10:15 AM)Lc2016 Wrote: Show More
Hi,
After multiple reports and researches I have the impression that ALL ransomware groups use email as a technology to talk to their victims. Whereas there are several other solutions XMPP -> TELEGRAM -> ...
Why stay on the mail?
So let me open the debate !
Thanks
Easier because everyone might have an email, not everyone has telegram // xmpp with OMEMO.
Also because they targeted a lot of enterprises
(22 October, 2023 - 10:17 AM)PolloTramaOp Wrote: Show More
A good ransomware group use a chat on darknet (onion)
It's true that this is the best method for securing connections, but no one has installed tor or knows how to use it... but it's still a good option.
some end to end encrypted, offshore providers could be used too. All depends of their TOS and if they check a lot complaints and delete them
^ by the way, i'm only saying this from a **possible** pov, i've never actually worked wwith ransomwares ever, so I can't really tell.
but for me it's the easiest way to communicate // can also be as you said the easiest entry point.
I do not sell anything. I do not have a public Discord / Telegram. I will never ask anyone for money / refuse any deal via middleman. I will never deny to confirm my identity via PM before any deal. Stay safe, I have impersonators.
(-.-)Zzz...
(-.-)Zzz...
https://youtu.be/EDVrTYW2l84