Numerous threat actors have begun moving to ARES Group to acquire stolen databases. The threat group notorious in the cybercriminal landscape for selling and leaking databases of corporations and public authorities has gained a surge of traction among cybercriminal groups.
The actor initially appeared on Telegram a couple of years ago, and researchers linked ARES to the RansomHouse ransomware operation. Moreover, some researchers also revealed that ARES connects to a data leak platform called KelvinSecurity.
Currently, the ARES Group manages its website with database leaks and a forum that compensates for the loss of the now shutdown BreachForums. Analysts observed that the group acts like a cartel in its transactions since they have actively looked for affiliations with other malicious entities.
The ARES Group introduces their data leak platform that offers troves of data.
According to reports, the ARES Group has a data leak site called ARES Leaks, which offers access to data from about 65 countries worldwide. The platform includes data from well-known countries like the United States, Spain, France, Italy, and Australia.
The website stores numerous leaks with tons of information, including phone numbers, customer details, B2B, SSNs, email addresses, and company databases. In addition, the platform also hosts forex data, passports, and government leaks.
The group accepts payments through crypto from members who want to access the data or buy one of the services. The services include pen-testing, malware development, DDoS, and vulnerability exploitation.
Last year, ARES tried to hire several malware developers and pen-testers willing to work in Syria. The job offer will pay in cryptocurrency. In addition, the group operates privately with VIP channels to sell more valuable data leaks from high-prospect entities.
A separate researcher recently discovered that the ARES Group is trying to obtain military access and databased, which they promote through advertisements on cybercriminal platforms. ARES is a well-managed organisation that constantly expands its operations and services to provide malicious weapons for threat actors.
Cybersecurity experts claimed that the sudden rise of ARES is because of the BreachForums’ sudden downfall. Therefore, the group could significantly upgrade their forum as its customers increase.
