Newly emergent Vanir ransomware operation had its leak site disrupted by German law enforcement agencies following a months-long probe, according to The Record, a news site by cybersecurity firm Recorded Future.
Investigation into Vanir ransomware's members since June has resulted in the identification of the server of a site within the group's TOR network last month and the subsequent blocking of the web page, disclosed officials in the city of Karlsruhe and the state of Baden-Wurttemberg. "By blocking the page, the data stolen by the perpetrators can no longer be published on their TOR page," officials added. While additional details regarding the identity of the ransomware group's members are still being looked into by German law enforcement, Vanir ransomware has been believed to be linked to the Akira ransomware gang due to leak site style similarities. However, HackManac researchers reported the Eastern European group to consist of former Karakurt, Knight, and LockBit ransomware affiliates.
