Rounding Up the DNS Traces of RA World Ransomware
Threat actors typically come in two types. They are either cybercriminals who are in it for profit or advanced persistent threat (APT) group members in it for ideology.
There are times, though, when actors get involved in both attack types. Case in point? Researchers recently reported that a threat actor who has been involved in installing backdoors in the systems of target government institutions instigated an RA World ransomware attack.1 The actor used the same tools as those involved in China-linked espionage campaigns.