Ransomware.live

Ransomware.live is a great website I would highly recommend you check out to further your understanding of the ransomware landscape. Let’s dive in!

This website has tons of different information on ransomware attacks, ransomware groups, statistics on ransomware, ransom notes from different threat actors, and even negotiation chats between attackers and victims. This is all compiled by cybersecurity researchers.

I like how this website breaks down different ransomware groups and their tactics. It really shows how these different groups operate and gives a better picture into how threat actors can be identified. Leak sites for threat actor groups, tracking of their activity, and where their activity is originated can all be found here. Ransomware notes are also contained which gives insight into how the ransomware groups continue to operate.

The ransomware chat portion I found to be extremely fascinating. This gives further insight to how these groups operate and how ransomware truly unfolds against a victim. Some of these groups operate more as full blown businesses with support teams while some seem more of a one-man show, sometimes to be seen cussing out their victims. There are some chats where once the ransom is paid, the threat actor will detail how they got into a system and provide remediation steps to protect themselves. Awww kind of wholesome. The world of these threat actors is absolutely wild, and this really gives a true look into it.

I would love to hear about some of the wild ransomware chat logs you come across on this site!