Russian and Chinese ransomware gangs said to be forming an alliance

Russian Chinese Ransomware Gangs Alliance Hacking Forum Dark Web

Rumours are spreading throughout the entire cybersecurity world about the alleged alliance of Russian and Chinese ransomware gangs, wherein Russian threat actors are said to have initiated an alliance by inviting Mandarin-speaking hackers to participate in a hacking forum to exchange tips and tricks for malicious acts. Also, the Russian threat actors encourage China-based hackers to collaborate with them in multiple campaigns.

According to an analyst, a Russian forum admin continuously recruits and tries to communicate with new forum members from China. They also use an automated machine translator to effectively communicate with their new foreign members. The Russian forum was observed having new user registrations in the last few days, which appears to come from the territory of China. Researchers believed that this discovery might be the start of something terrible.

Researchers also think that this alliance is to attempt a catastrophic attack against significant countries, especially the US.


The coalition will even cause tremendous upgrades to both ransomware gangs since they can now exchange ideas, vulnerabilities and recruit new talents for their operations.


A threat researcher released a statement earlier this month that this was initiated by a Russian hacking admin that recently visited China and can speak the Chinese native language prompting the first communication between these two countries.

In addition, the Russian visitor was observed by researchers to be planning to recruit Chinese hackers to the forum, which is happening right now.

Furthermore, the Russian hackers who tried to build allegiance with Chine threat groups are not limited to joining the forum but form a headquarters to maximise their potential.

Not long ago, a Russian forum admin is known as ‘Orange’ who operated the Groove threat group asked for the cooperation of all ransomware groups to attach the US government. However, after an initial attack, the ransomware group claimed that their attempt was just a threat and nothing more. They said that it was just created to manipulate and generate panic among cybersecurity experts.

Researchers still believe that the malicious threat actors are just trying to cover up their mistake since rumours spread that their hacking attempt against the US failed miserably. Due to these rumours, the forum admin said they are just trying to create issues that will result in scepticism.

About the author

Leave a Reply