The Gentlemen ransomware group was hit by a data leak that exposed internal chats, infrastructure details, and tactics used to compromise victims and prepare for encryption. The leaked material shows repeated reliance on compromised credentials, Fortinet edge devices, living-off-the-land techniques, and aggressive efforts to disable defenses and target backups, NAS systems, and critical servers. #TheGentlemen #Fortinet #ZeroPulse #BedrockSafeguard #Sony #Barclays
Keypoints
- Internal chats from The Gentlemen were dumped online after a data breach.
- The leak exposed tactics for VPN access, payload delivery, and OPSEC practices.
- Intrusions often began with compromised Fortinet credentials and use of ZeroPulse.
- The group focused on disabling security tools and targeting backups and servers.
- The Gentlemen used a high-affiliate payout model and quickly patched its malware after a decryptor was released.
Read More: https://www.bankinfosecurity.com/tables-turned-gentlemen-ransomware-group-suffers-data-leak-a-31654